|
 |
 |
 |
Barracuda Networks
Product Overview
Spam & Virus
Firewall
Web/URL Filter
Web Security Flex
NG Firewall
Web Application
Load Balancer
Link Balancer
Backup Service
Email Archiver
Web Application
Firewall
SSL VPN
Email Security
Service
Virtual Appliances
Anti Spam
Anti Spyware
Anti Virus
Request 14 Day
Evaluation
Request a Quotation
Web Application Firewall Deployment
Standard Deployment Configuration
The Barracuda Web Application Firewall is designed to easily fit into any existing data center environment and to rapidly secure and accelerate new and existing Web applications. Barracuda Networks offers the most flexible array of Barracuda Web Application Firewall deployment options.
Route-path
Route-path provides the highest degree of protection for a Web application infrastructure by acting as a Full Reverse Proxy for all Web application traffic. Full-Reverse Proxy is the industry accepted best practice and is inherently more secure than bridge mode deployments. In fact, 86% of all Barracuda Web Application Firewall customers today deploy in Proxy Mode.
One-Armed Proxy Deployment
Deploying the Barracuda Web Application Firewall in the One-Armed Proxy configuration requires the unit to be set up off a switch only from the WAN port. This configuration creates an additional route for traffic to reach the servers without disturbing the natural flow through the network. Only the traffic that needs to be monitored or secured is routed via the Barracuda Web Application Firewall. One-Armed Proxy as a deployment option is utilized during the initial phases when the administrators want to validate the solution without having to change network settings. Another scenario to use the One-Armed Proxy deployment is to utilize the load balancing feature of the appliance for HTTP/HTTPS traffic, while letting SMTP and other traffic go directly to the server.
Bridge-path
Bridge-path, the recommended mode of implementation for most customers with existing Web application traffic, enables simple and fast deployment without requiring any IP address changes on either the front- or back-end Web servers or network devices. The bridge is transparent, so no user traffic is disrupted.
Fault Tolerant Barracuda Web Application Firewall Environment
Some organizations may need only a single Barracuda Web Application Firewall. When inline in Bridge-path mode, the Barracuda Web Application Firewall’s Ethernet Hard Bypass ensures reliable application delivery. For Web applications with stringent security requirements, the Barracuda Web Application Firewall may be installed in a redundant pair configuration, providing real-time application state replication so that security and user sessions will not be compromised during a failover event.
