Azure App Services Now Protected by the Barracuda Web Application Firewall

Version imprimable, PDF et e-mail

Azure App Services, recently launched by Microsoft, enables rapid development and deployment of scalable mobile, web and API applications in the Azure environment. The Barracuda Web Application Firewall team is proud to announce support for Azure App Services that will provide best-of-breed application security to applications in the Azure App Services ecosystem.

Competitive landscapes and fast time-to-market pressures demand super fast rollouts for mobile and cloud based apps. To this end, Azure App Services supports heterogeneous platforms like .NET, Node.js, Java, PHP, Python etc., with easy integration into SaaS and on-premises applications like Oracle, SAP, Salesforce and Office 365. Developers can choose the platforms they feel most productive with and quickly churn out applications that work smoothly with the data stores used in their organizations.

Security becomes especially important for these applications, which if hacked can leak out critical or sensitive data from the information stores they interface with. Vulnerabilities can arise from both the custom code or the infrastructure used in developing these applications. Most developers and consultants have hardly had a day of formal security training so secure coding remains a myth. Infrastructure vulnerabilities like Shellshock, Winshock, Heartbleed, Poodle etc. from last year also highlight the pressing need for immediate remediation of infrastructure layer vulnerabilities.

For modern web and mobile apps, this challenge is further increased due to the surge in the usage of JSON/REST APIs, SaaS applications and mobile access, which are not easily secured by traditional security approaches.  Barracuda Web Application Firewall is the first WAF that has been tested and approved by Microsoft for integration in the Azure App Services. It fills a critical security gap resulting from the rapid development and deployment cycles made possible by the Azure App Services.

An Azure App Service Environment (ASE) typically consists of an isolated virtual network with compute resources. The Barracuda Web Application Firewall enhances the security of an ASE deployment by bringing in industry leading security features including protection against application layer attacks (including OWASP Top 10), protection for mobile applications and web services, and Data Loss Prevention.

High level view of a typical deployment
The Barracuda Web Application Firewall can be deployed by first bringing up the WAF instances on Azure. Once this is done, the Barracuda WAF is connected to the App Service Environment. This connection can be secured further by using a Network ACL that only allows connections from the Barracuda WAF. In case you want to load balance traffic from multiple regions across the WAF cluster, an Azure Traffic Manager instance can be deployed upstream of the Barracuda WAF cluster.

The Barracuda WAF supports SAML v2.0 for web authentication and Single Sign On (SSO). This facilitates SSO between the cloud and on-premise web applications, as well as interoperability with Azure Active Directory.

Azure Mobile App Services makes it easy for developers to connect their Mobile Apps to various SaaS APIs. The API App Service allows developers to share their API with the public as well for third-party access. The Barracuda Web Application Firewall secures the entire attack surface of mobile applications and REST APIs. It filters malicious inputs in the JSON and XML payloads. With the Rate-Control and Bruteforce features on the WAF, you can ensure API SLA’s to business partners.

Barracuda Web Application Firewall in Microsoft Azure is available today in the Azure Marketplace as part of the Microsoft Azure Certified program. Customers can purchase hourly PAYG or BYOL subscriptions. The Barracuda Web Application Firewall hourly price starts at $1.04/hour USD respectively.

For more information, visit these resources:

Remonter en haut de page