Datasheet

12
Barracuda NG Firewall
TECHNOLOGY ADVANTAGE 2
TECHNOLOGY ADVANTAGE 2
Intrusion Detection & Prevention System - Complete and
Comprehensive Real-Time Network Protection
OVERVIEW
The Barracuda NG Firewall Intrusion Detection
and Prevention System (IDS/IPS) can strongly
enhance network security by providing
complete and comprehensive real-time network
protection against a broad range of network
threats, vulnerabilities, exploits, and exposures in
operating systems, applications, and databases
preventing network attacks such as SQL
injections or buffer overflows. In addition, the
IDS/IPS keeps spyware and worms out of the
corporate network to prevent fraud and maintain
strict privacy. By constantly monitoring network
and system activities for malicious or suspicious
behavior, the Barracuda NG Firewall can react in
real-time to block and prevent such activities.
In case an attack is detected, the Barracuda NG
Firewall can drop the offending packets while
still allowing all other traffic to pass, or just detect
and log the intrusion attempt. Depending on the
severity of the threat, highly granular actions can
be assigned on a per firewall rule base enabling
the Barracuda NG Firewall to allow, block, or log
questionable traffic based on severity, location,
user/group, type, and application.
ROBUST PROTECTION AGAINST A MULTITUDE OF THREATS & EXPLOITS
The Barracuda NG Firewall provides immediate out-of-the box protection against a vast number of exploits and vulnerabilities
in operating systems, applications, and databases to prevent network attacks such as:
SQL Injections
Arbitrary Code Executions
Access Control Attempts and Privilege Escalations
Cross-Site Scripting
Buffer Overflows
Denial of Service (DoS) and Distributed Denial of Service
(DDos) Attacks
Directory Traversal Attempts
Probing and Scanning Attempts
Backdoor Attacks, Trojans, Rootkits, Viruses, Worms and
Spywares
COUNTERING IPS EVASION AND OBFUSCATION TECHNIQUES
The Barracuda NG Firewall is able to identify and to block the advanced evasion attempts and obfuscation techniques that
are widely used by attackers to circumvent and trick traditional signature based intrusion prevention systems such as
Packet Anomalies
IP Fragmentation
TCP Stream Reassembly
RPC Defragmentation
FTP Evasion Protection
URL Decoding
HTML Decoding and Decompression
TCP Split Handshake Protection
Easy-to-use IDS/IPS policy settings