Secure Your Networks Perimeter
Barracuda NG Firewall provides several layers to protect an organization’s network
Intrusion Detection and Prevention
Barracuda NG Intrusion Detection and Prevention System (IDS/IPS) strongly enhances network security by providing complete and comprehensive real-time network protection against a broad
range of network threats, vulnerabilities, exploits, and exposures in operating systems, applications, and databases preventing network attacks such as:
- SQL injections and arbitrary code executions
- Access control attempts and privilege escalations
- Cross-Site Scripting and buffer overflows
- DoS and DDoS attacks
- Directory traversal and probing and scanning attempts
- Backdoor attacks, trojans, rootkits, viruses, worms, and spyware
By providing advanced attack and threat protection features such as stream segmentation and packet anomaly protection, TCP split handshake protection, IP and RPC defragmentation, FTP evasion protection, as well as URL and HTML decoding, Barracuda NG Firewall is able to identify and block advanced evasion attempts and obfuscation techniques that are used by attackers to circumvent and trick traditional intrusion prevention systems. As part of the Barracuda Energize Updates subscription, automatic signature updates are delivered on a regular schedule or on an emergency basis to ensure that Barracuda NG Firewall is constantly up-to-date. If the firewall unit is centrally managed, the pattern updates are conveniently distributed by the Barracuda NG Control Center.
Barracuda NG Malware Protection shields the internal network from malicious content by scanning web content (HTTP and HTTPs), email (SMTP, POP3), and file transfers (FTP) via two fully integrated antivirus engines. Malware protection is based on regular signature updates as well as advanced heuristics to detect malware or other potentially unwanted programs even before signatures are available. Barracuda NG Malware Protection covers viruses, worms, trojans, malicious java applets, and programs using known exploits on PDF, pictures and office documents, macro viruses, and many more, even when using stealth or morphing techniques for obfuscation.
Advanced Threat Detection Barracuda Advanced Threat Detection (ATD) uses next-generation sandbox technology powered by full-system emulation to catch not only persistent threats and zero-day exploits, but also advanced malware designed to evade detection. Files are forwarded to a cloud-based sandbox environment, where they are executed and analyzed to identify suspicious and malicious behavior.
Barracuda ensures flexible and simple deployment with your existing network infrastructure—no additional hardware is required since resource intensive sandboxing is offloaded to the cloud. The cloud database is continuously updated by all Barracuda NG Firewalls with enabled ATD and, thereby, speed up the processing of already known files.
The administrator has full policy control over how PDF documents, Microsoft Office Files, EXEs/MSIs/DLLs, Android APKs, compressed files and archives are emulated and delivered to the client. Based on identified malware activity, infected users can be automatically quarantined preventing the malware from spreading within the network.
Customizable, on-demand analysis reports for any emulated file provide full insight and details on malicious activities, file behavior, system-registry entries, evasion and obfuscation techniques. This also enables network activities such as establishing encrypted connections to Botnet Command and Control Centers for increased security posture to evade scaled Botnet attacks.