Barracuda Networks has added capabilities inspired by recent trends in defensive techniques and threat activity to three of its cloud security products.
Among the changes to the vendor’s secure SD-WAN solution, CloudGen WAN, is a “private secure edge” feature that lets users run the solution on their own infrastructure instead of the Microsoft Azure-based foundation that has been the sole supported option since the product first shipped in 2020.
“It allows them to essentially use the internet as their backbone and then build and manage these global topologies using this solution,” says Tim Jefferson, senior vice president of engineering for data, network, and application security at Barracuda. Customers have been requesting that ability, he adds, either out of concern about the regulatory compliance implications of using public cloud resources or because they prefer having maximum control over their IT environment.
“Five or ten years ago, you couldn’t do this, but now partners can build and manage these global topologies on their own.”
Also new to CloudGen WAN is a family of virtual and ruggedized physical appliances designed to help organizations in manufacturing and other industries securely connect Industrial Internet of Things devices to operational systems.
“Many of these industrial systems have very unique and very secure environments that they run in,” Jefferson notes. “This allows us to deploy our secure connector technology as a container in those proprietary environments.”
An update to Barracuda’s CloudGen Access solution also announced today lets organizations that use zero-trust proxies to shield applications from unauthorized connections host those resources on-premises instead of in a public cloud like Azure or Amazon Web Services or on a Barracuda firewall.
“A lot of partners are building and managing infrastructure on behalf of their customers, and so putting the proxy right in front, on-prem, in environments that they knew how to build and run was a big request,” Jefferson explains.
CloudGen WAN and CloudGen Access are both components of Barracuda’s recently introduced SASE platform, which includes secure SD-WAN, firewall-as-a-service, zero-trust network access, and secure web gateway functionality.
Updates to Barracuda Cloud Application Protection, the vendor’s web application firewall-as-a-service offering, include a feature that employs machine learning to identify the latest generation of malicious bots, which often use similar technology to evade detection.
“A lot of bots will use machine learning and statistically random distributions around how often a mouse clicks as it moves around a web page,” Jefferson says. “Of course, a human wouldn’t pick this up, but our bot protection service can detect that.”
Another new feature uses machine learning to spot suspicious login attempts and other indicators of automated takeover attacks on privileged user accounts. “We can pick up those types of behaviors, whether the speed of the attack was anomalous or at a strange time of day,” Jefferson says.
New client-side security capabilities in the product aim to protect end users from “website supply chain” exploits (including so-called Magecart attacks) that insert bogus fields on web pages in between the cloud host and the endpoint.
“You end up putting in credentials or credit card information, and they can skim that information off,” Jefferson says, noting that the threats are undetectable to many cloud-based firewalls. “They’re not on the service side, they’re on the client side.”
Another enhancement offers protection from attacks embedded in GraphQL queries using native parsing of such requests and enforcement of security checks. GraphQL is a popular language for collecting information about APIs.
Barracuda was sold by private equity investor Thoma Bravo to fellow investment heavyweight KKR last month.