The Barracuda Web Application Firewall protects your application from the attacks that are categorized by OWASP, as well as additional attacks such as application DDoS attacks, Slow Client attacks, Session hijacking attacks, XML / SOAP based attacks, etc. This is applicable to both HTTP and HTTPS application traffic. The Barracuda Web Application Firewall provides a variety of security policies to protect websites and web services. Security Policies define matching criteria for requests, and specify what actions to take when a request matches. All policies are global and they can be shared among multiple services configured on the Barracuda Web Application Firewall. For HTTPS applications, the Barracuda Web Application Firewall decrypts the SSL traffic before matching the HTTP requests with security policies.
When a Service requires customized settings, the provided security policies can be tuned, or customized policies can be created. Each policy is a collection of nine sub-policies. Modify a policy by editing the value of the parameter(s) on the sub-policy page.
In this Section: