It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda WAF-as-a-Service
Overview Documentation Training Certification Materials

12.2 Release Notes

  • Last updated on

Features and Enhancements in Version 12.2

  • Support for exempting security checks on JSON profiles is available on the JSON Security page.

  • Ability to configure HTTP response status codes that needs to be exempted from cloaking in the URL policy.

  • Fair Usage Policy: The Fair Usage Policy provides a detailed view of bandwidth consumption and request count across all applications linked to a WAF-as-a-Service account. It empowers users with actionable insights into traffic patterns and resource utilization, helping them make informed decisions.

    • Key Enhancements:

      • License Management: Monitors bandwidth usage and request counts across all associated applications, presenting a rolling three-month average on the License Management page.

      • Reports: Ability to generate comprehensive reports that break down bandwidth usage and request activity for each month within the rolling three-month period, enabling effective tracking and proactive resource management.

  • Security checks on JSON requests can be enabled or disabled for a JSON profile. When set to Disabled, all JSON requests that match the JSON profile are exempted from security checks.

  • Two new Gen AI bot categories (Gen AI (Language Model) and Gen AI (Conversational Agent)) have been added as predefined BOT Categories in the Blocked Categories list.

  • Traffic rules are now exported as part of the application snapshot.

  • Enhanced Endpoint Discovery: Endpoints containing multiple dynamic path segments are now identified to increase visibility and enable more effective security profiling.

  • Configuration backups are now accessible through the Barracuda WAF-as-a-Service web interface. Direct access to Barracuda's GitHub repository has been deprecated and is no longer available.

  • Ability to export and import app group settings using app group snapshots.

  • Added support for importing WAF snapshots, and creation of custom services on WAF-as-a-Service.

  • Application configuration snapshot can be imported and exported using API.

Bugs/Fixes

  • Audit log now displays the uploaded trusted certificate details. [BNWF-56171]

  • Connection to the Barracuda update server is now established only through port 443. [BNWF-56110]

  • A slow leak in the datapath due to rapid or frequent updates of IPs which resolve to a hostname lookup in server configuration, is addressed. [BNWF-56336]

  • Payloads having GET, POST, PUT, PATCH, DELETE and PURGE methods with/without content-length header are not blocked. [BNWF-56311]

  • BNWF-56194 – For details, refer to WAF 12.2 Release Notes.