Barracuda Networks announced on July 19 that it is extending its CloudGen WAF (Web Application Firewall) to the Google Cloud Platform, helping GCP users defend against threats.
The CloudGen WAF is now available across all three major public cloud providers—Amazon Web Services, Microsoft Azure and now GCP. The WAF technology helps organizations defend against distributed denial-of-service (DDoS) as well as application layer threats.
"If a customer's web app is hosted in Amazon, Azure or Google, those cloud providers offer native DDoS protection and most of them also offer an enhanced level of DDoS protection if you pay more," Tim Jefferson, vice president of public cloud at Barracuda, told eWEEK. "The cloud providers offer volumetric DDoS protection, while our solution protects against layer 7 application DoS attacks."
While Barracuda has had its WAF available on other cloud providers, Jefferson said Barracuda had to rearchitect it to be tightly integrated into Google's native service fabric.
The CloudGen WAF for GCP is a different technology deployment model than the WAF-as-a-service offering the company announced on May 16. That WAF-as-a-service is a cloud-delivered WAF solution, meaning that Barracuda hosts the customer's protection in the Barracuda cloud, Jefferson said. With WAF-as-a-service, Barracuda sends the customer's web traffic to its Cloud Scrubbing Centers in the United States and Europe, and if the traffic is good, it is then forwarded onto the customer's application servers, he said.
"WAF for GCP is where the customer hosts a web application and deploys their web services in GCP or another cloud provider," Jefferson said. "They have to figure out how to deploy it, configure it and make sure it all works."
Jefferson said public cloud customers own the deployment and management of the WAF's health and availability, claiming many users like having such a high level of control.
"Instead of going in and out of our data center, the traffic goes straight to the customer environment, where we have our WAF sitting in front of it to scrub the traffic and then send it through," Jefferson said.
An increasingly common trend for enterprises is to use multiple cloud providers, as well as on-premises assets, to deploy applications. Managing WAF security policies across a hybrid, multicloud environment is something that Barracuda also enables.
"Customers can use the Barracuda WAF Control Center to control policies on all Barracuda WAFs regardless of where they are deployed," Nitzan Miron, vice president of product management and application security at Barracuda, told eWEEK. "The WAF Control Center can synchronize policies across physical WAFs, virtual WAFs, and WAF instances running in AWS, Azure and GCP."
Across the different cloud providers there are multiple choices that organizations have when it comes to choosing a WAF vendor. Jefferson said a competitive differentiator for Barracuda is the company's automation interface.
"We have an API that allows customers to orchestrate, deploy and configure the WAF," he said. "This allows them to use the infrastructure management tools of their choice, including Terraform, Ansible, Chef and Puppet."
Barracuda is looking to continue to expand the capabilities of the CloudGen WAF platform. Miron said that web application attacks are always evolving and the CloudGen WAF will evolve with them.
"Along with that, customers should expect improvements to the CloudGen WAF's ability to detect application attacks based on behavior and artificial intelligence algorithms," Miron said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.