Barracuda launches new Cloud Application Protection platform, with WAF as-a-Service on Azure

Moving the existing WAF-as-a-Service product to the Azure platform gives customers new advantages of performance and broader data residency, and provides additional benefits to the many Barracuda partners who also work with Microsoft.

Barracuda Networks has made a pair of announcements around the Microsoft Ignite event going on in Orlando. They unveiled a new solution, their Cloud Application Protection [CAP] platform, which facilitates a broader range of defenses than a basic Web Application Firewall [WAF]. They also released an upgraded version of their WAF as-a-Service solution. Most significantly, this new solution is built on Microsoft Azure and is available in the Azure Marketplace.

“We have had our WaaF as-a-Service product for over a year, but with this release we have moved our WaaF as-a-Service offering to the Azure platform,” said Nitzan Miron, Vice President of Product Management, Application Security Services at Barracuda.

Miron said that the move to the Azure platform provides Barracuda customers with two major advantages.

“One is global availability,” he said. “They now have both the performance and data sovereignty advantage of Azure’s 54 regions worldwide, which is many more than we had. Performance improves and latency decreases because packages don’t have to go as far.”

Barracuda expects this will be of particular advantage outside of North America,  since the company has already had broad area coverage in North America.

“We have found that both EMEA and APAC are high growth and very technical for WaaF as-a-Service. The barrier to adoption has been having a local area, both for performance and data sovereignty reasons. We had most of Europe covered from a  performance perspective, but not from a data residency one.”

The second advantage to Barracuda customers is the very high capacity of the Azure protection against DDoS [Distributed Denial of Service] attacks.

“It is arguably the highest on the planet, and it is now built into our service,” Miron said.

The new WAF as-a-Service solution is built on the new CAP platform.

“As as the types and dangers of the threats to Web applications expand, just having a Web application for protection isn’t enough,” Miron stated. “You also need DDoS protection, application vulnerability scanning and remediation, API security and protection against advanced bots.”

The problem customers face is that each of these is typically provided by a point solution, Miron said.

“For the customer, there is a lot of fragmentation, and you have a lot of different solutions with different management interfaces. With CAP, we are uniting all of these into one application, to give the customers the breadth of protection that they need. We have best-in-class solutions across the breadth of the portfolio, including our recent acquisition of bot mitigation technology from InfiniSecure [in August 2019].”

Miron recommended that Barracuda partners who have not been using WAF as-a-Service should begin with Barracuda Vulnerability Manager, which is valuable and easy to use.

“It is now part of the CAP platform,” he said. “We have found that to be a very useful prospecting tool for them so they can make use of WAF-as-a-Service.”

Many Barracuda channel partners are also Microsoft channel partners, and these announcements are of particular value to them.

“Now that we have WAF as-a-Service on the Azure platform, because it’s cosellable, that partner will also get credits from Microsoft for the sale,” Miron said. “We also have a mechanism where we can track our usage of Azure to provision resources for partner customers, so they get Azure Consumed Revenue from Microsoft. It’s a double win for them.”

Both CAP and the WAF as-a-Service solution are available globally today.