Barracuda Network and Application Security

Security, Access, and Reliability for Cloud-Connected Networks and Applications

Traditional security strategies and firewalls were never intended for today’s cloud-integrated infrastructures and workloads. They can’t give branch offices direct access to your cloud applications. They often don’t support cloud-friendly consumption models, and they don’t have the scalability and flexibility that cloud-hosted applications demand.

Barracuda CloudGen Firewalls and Web Application Firewalls are the industry’s first solutions purpose-built for securing cloud-connected networks. They protect all your users, applications, and data – regardless of what your infrastructure looks like. They ensure secure and reliable connections among multiple sites on premises and the cloud with consumption-based pricing, saving you money on infrastructure costs.

Learn more and request a free trial.

Gartner report sees greater reliance on Privileged Access Management tools

December 7, 2018 by Mike Vizard

We have met the enemy and it’s us. That’s a feeling many cybersecurity professionals well know. Most security breaches today have a lot more to do with misappropriated credentials than they do with hackers that have found a way around an organization’s defenses. It’s not that hackers don’t have the skills to accomplish that. It’s just a lot easier to accomplish the same goal by stealing credentials using, for example, a phishing attack that tricks unsuspecting users into giving up passwords.

That issue is front and center this week following the publishing of the first ever magic quadrant report specifically address privileged access management (PAM) software. The report forecasts that by 2021 a total of 40 percent of organizations that use formal change management practices will have embedded and integrated PAM tools within them to reduce the overall risk surface. That’s up from less than 10 percent in 2018. The report also notes that by 2021 over 50 percent of organizations that have adopted DevOps will be employing PAM-based secrets management technologies to better protect applications and the infrastructure they run on.

'It's a lot easier for cybercriminals to steal credentials than it is for them to find a way around a company's defenses.' ~@MVizardClick To Tweet

Mike Vizard

Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

Implementing shared security models in the cloud gets simpler

November 30, 2018 by Mike Vizard

When it comes to cloud security the real issue is not the platforms, but rather a lack of processes for implementing and maintained best cloud security processes. Whenever there is a breach involving a public cloud the issue almost invariably winds up being caused by a developer that forgot to implement one control or another.

This Barracuda blog post by @MVizard explores the new @AWS Security Hub and its role in the shared responsibility model in cloud security. Click To Tweet

Developers are, of course, understandably excited about public clouds because they allow them to build and deploy applications without having to wait for internal IT organizations to provision IT infrastructure. The trouble is that developers are not usually aware of every control that should be implemented to ensure security. Before anyone realizes that, cybercriminals are exfiltrating massive amounts of data regardless because the developer didn’t fully appreciate the inherent shared responsibility model for security when employing public clouds. Cloud service providers can secure the underlying infrastructure, but it’s up to developers and internal IT organizations to make sure the applications deployed on that cloud are secure.

Mike Vizard

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

E-Rate funding: Is your school missing out?

November 30, 2018 by Jennifer Braun

The E-Rate season is in full swing! Now is the time to learn more about E-Rate so that you can fully leverage the available funds. Whether you are looking to purchase or upgrade firewalls or any other solutions, you should stop and see if you can utilize E-Rate funding to help save your school budget dollars.

The E-Rate program can help schools meet the requirements to provide a safe computing environment for students. Learn more in this blog. Click To Tweet

To help you navigate the world at E-Rate, here are a few key things you’ll want to consider.

Jennifer Braun

http://www.barracuda.com

Opportunity knocks for the channel with SD-WAN technology

November 29, 2018 by Chris Ross

A few weeks ago, we released some research around the topic of networking technologies that help users access the cloud securely and quickly – specifically software defined wide area networking (SD-WAN). We spoke to 410 IT and networking professionals working in EMEA to find out more about the barriers and drivers that are shaping their attitudes towards SD-WAN.

While we spoke to end-users for this research, it revealed some interesting insights for the EMEA channel community. There seems to be an increasing opportunity, as businesses in EMEA overwhelmingly turn to SD-WAN, despite a lack of education and skill.

Only 7% of organizations in EMEA have no plans to adopt SD-WAN, but the region still trails adoption levels in the US and APAC regions. Click To Tweet

Chris Ross

Chris Ross is senior vice president of international sales at Barracuda, with strategic & operational responsibility for world-wide markets. Connect with him on LinkedIn.

http://www.barracuda.com

Protection at the data plane

November 27, 2018 by Rich Turner

“The number of records breached due to misconfigured cloud servers, in particular, shot up by 424 percent compared to the previous year,” IBM concluded in its X-Force Threat Intelligence Index 2018. It’s a sobering statistic – but not one which surprises us.

As one of Microsoft’s top security providers, we’ve protected a lot of Azure workloads. As an AWS supplier with two security competencies, we’ve protected a lot of AWS workloads. So as they say in those catchy insurance commercials, we know a thing or two because we’ve seen a thing or two.

Rich Turner

Rich is the Product Marketing Manager, Information Management. He's been with Barracuda since the acquisition of C2C Systems in 2014. Rich specializes in cloud-deployed solutions, information management, and archiving systems. His experience includes extensive work on OEM opportunities and the legal community.

If you'd like to get in touch with Rich, you can connect with him on LinkedIn and follow him on Twitter.

You can email Rich at rturner@barracuda.com.

Time to remember to be thankful for cybersecurity professionals

November 21, 2018 by Mike Vizard

There’s usually a lot to be grateful for every Thanksgiving in the U.S. but one area that tends to be underappreciated all year long is cybersecurity. Most cybersecurity professionals labor away all year with little to no recognition for their efforts. The truth is it’s only when something goes horribly wrong that anyone in senior management wants to know who is responsible for cybersecurity. A team of cybersecurity professionals may have thwarted billions of attacks in a year. But it can feel like it was all for naught in one bad horrible day.

'A team of cybersecurity professionals may have thwarted billions of attacks in a year. But it can feel like it was all for naught in one bad horrible day.' ~@MVizard Click To Tweet

Of course, most breaches are not even the fault of the cybersecurity team. There’s not much that can be done when an end user opens an attachment or clicks on a link that results in malware being directly loaded on to their machine. A cybersecurity research report from Verizon notes that 97 percent of all malware arrives in one way or another via email.

Mike Vizard

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

15+ years of botnets

November 19, 2018 by Christine Barry

As we were preparing to celebrate our 15 year anniversary, news broke that another large botnet is running around infecting home routers. This time it's an older vulnerability being used that should have been patched years ago:

BCMUPnP_Hunter finds its prey by scanning for vulnerable UPnP on TCP port 5431, followed by UDP port 1900 used by Broadcom’s implementation.

Home routers are a favorite vehicle for botnets because there are a bunch of them online and they are rarely updated or even thought of once they've been installed. Today's a good day to add “check on router” to your home maintenance checklist.

The BCMUPnP_Hunter #botnet hit the news last week. This blog looks at where it fits into the long and destructive history of malicious botnets. Click To Tweet

The news about BCMUPnP_Hunter caused me to wonder about botnets in general. How long have we been dealing with them, anyway? What was the first botnet? How did it work?

[Read more…] about 15+ years of botnets

Christine Barry

Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda. In this role, she helps bring Barracuda stories to life and facilitate communication between the public and Barracuda internal teams. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology credentials, a Bachelor of Arts, and a Master of Business Administration. She is a graduate of the University of Michigan.

Connect with Christine on LinkedIn and follow her on Twitter here.

https://blog.barracuda.com

After 15 years the goal should be to make cybersecurity much less exciting

November 16, 2018 by Mike Vizard

For that last 15 years there has been one inexorable fact about cybersecurity that remains a constant. The size and scope of the attack surface that needs to be defended keeps expanding. Fifteen years ago, the issue was securing PCs accessing servers on a network. Today there are now millions of mobile computing devices accessing sensitive data using a variety of wired and wireless networks that all need to be secured. To make matters even more challenging, servers are now running both on-premises and in public clouds. The applications running in those environments are also becoming more complex thanks to the rise of microservices based on containers that will soon span hybrid cloud computing environments. Add in pending wave of Internet of Things (IoT) devices, and it is abundantly clear managing cybersecurity is not for the faint of heart.

'It is abundantly clear managing cybersecurity is not for the faint of heart.' ~@mvizardClick To Tweet

Mike Vizard

Connect with Mike on LinkedIn, Twitter, and Google+.

https://www.linkedin.com/in/michaelvizard

Fifteen years is a long time in cybersecurity

November 14, 2018 by Phil Muncaster

This month Barracuda Networks celebrates its 15^th anniversary. So it would seem like an opportune moment to take stock of the past decade-and-a-half to see how the threat landscape has changed. Over that time, it’s fundamentally been driven by two major inter-connected themes: technological change and the motivations of those doing the attacking. The former has opened up major new opportunities for the latter, drawing in an ever-more diverse spread of criminal, hacktivist, and nation-state actors.

'Over the last 15 years, the threat landscape has been driven by technological change and the motivations of the attackers, as the former has opened up major new opportunities for the latter.' @philmuncasterClick To Tweet

The good news is that as threats evolve we’ve become better and better as an industry at stopping them. The challenge is to ensure the majority of boards understand the importance of investing enough and in the right areas of people process and technology to adequately manage cyber risk.

Phil Muncaster

Phil Muncaster is a technology writer and editor with over 12 years’ experience working on some of the biggest technology titles around, including Computing, The Register, V3 and MIT Technology Review. He spent over two years in Hong Kong immersed in the Asian tech scene and is now back in London where information security has become a major focus for his work.

Follow Phil on Twitter and connect with him on LinkedIn.

http://www.barracuda.com

Why SD-WAN should be your cloud adoption strategy

November 13, 2018 by Amar Singh

The benefits of the cloud are abundant. Low adoption costs, universal accessibility and, frankly speaking, liberation from the often onerous and existing processes. However, you already know that.

'SD-WAN, or software-defined wide area network, must be part of every business cloud strategy.' ~ Amar Singh @amisecuredClick To Tweet

In this blog post I am going to discuss a little-known technology, SD-WAN, that in my opinion must be part of every business cloud strategy, regardless if you are well established in the cloud, moving to the cloud or planning your migration.

Amar Singh

Amar is the CEO & Founder of the Cyber Management Alliance. Amar is an industry acknowledged expert and public speaker and is regularly invited to speak and share his insights by some of the largest and most respected organisations in the world including The BBC, The Economist’s Intelligence Unit, The Financial Times, SC Magazine, InfoSec Magazine, Computer Weekly, The Register and the AlJazeera English Channel. You can connect with Amar on LinkedIn here and follow him on Twitter here.

https://www.cm-alliance.com

Main navigation

Barracuda Network and Application Security