Presentation is loading. Please wait.

Presentation is loading. Please wait.

Accelerating Your Journey to a Safe Cloud

Published byJoel Shepherd Modified over 7 years ago

Similar presentations

Presentation on theme: "Accelerating Your Journey to a Safe Cloud"— Presentation transcript:

1 Accelerating Your Journey to a Safe Cloud
Barracuda Security Solutions for Microsoft Azure +

2 Today’s Discussion It’s all about securing workloads in Microsoft Azure Moving applications to the cloud Building out data center capacity The logistics of remote connectivity of workloads in the cloud How to ensure security across common scenarios

3 Migrating to the Cloud? Prepare for These Common Challenges:
Security, privacy, and compliance concerns Managing mission-critical or development workloads Complexities of migrating your physical data center to Microsoft Azure Vulnerabilities to mobile and Bring-Your-Own-Devices, web 2.0 applications, and remote network users

4 Customer’s Responsibility in a Shared Security Model
Customer Applications & Content You define controls and security IN the Cloud Your company Network Security Identity & Access Control Operating Systems / Platform Data Encryption Azure Platform Azure takes care of the Security OF the Cloud Add video link as optional Just for clarification, Azure secures the infrastructure, but you are responsible for securing whatever you run in or build on MSFT Azure. That’s where we come into play. Physical Infrastructure Network Infrastructure Virtualization Layer

5 Barracuda Security Solutions for Microsoft Azure
Accelerating Your Journey to a Safe Cloud Security Compliance Migration Control Ensure users, data and applications are protected Employ multi-layer security, archiving, and data protection technology Optimize user productivity Improve company-wide collaboration and minimize employee downtime Seamless, unified experience Continue the same level of familiarity with the technologies as workloads are moved from on-premises to the cloud Maximize Azure investment Overcome potential adoption challenges to realize the value of your investment faster

6 Barracuda NextGen Firewall F

7 Barracuda NextGen Firewall F on Azure
The Ultimate Protection Against Network Security Threats Cloud Security Threats Community gaps Exploited system vulnerabilities Remote access Networking Protection IPS/IDS Integrated intrusion prevention URL filtering User and application aware IPsec VPNs secure remote connectivity Dynamically scales with your network Networking & Infrastructure Barracuda offers the highest levels of protection through their industry-leading security solutions including threat protection for sophisticated attacks, such as zero day, advanced malware, and automated threats.

8 Most Common Use Cases VPN Tunnels Multi-Tier Architecture ExpressRoute
Unlimited site-to-site VPN tunnels to connect two networks protected by F-Series Firewalls Multi-Tier Architecture Build secure multi-tier architecture in Azure to keep a level of segregation between tiers ExpressRoute Visibility and control on all traffic coming across the ExpressRoute connection Traffic Control Inbound/outbound traffic control while providing IPS/IDS functionality Access to Resources Access to resources in Azure (unlimited client-to-site VPN, SSL VPN)

9 Deploying Multi-Tier Architecture in Azure
Use Case – Multi-Tier Use Case – Multi-Tier Deploying Multi-Tier Architecture in Azure Secure remote access for mobile users Dedicated VPN clients available for Windows, Mac, Linux Clientless SSL VPN Multiple supported protocols: TINA, IPsec, L2TP, PPTP Multiple site-to-site connectivity VNET-to-VNET connectivity Automatic user ID synchronization across sites Supports multiple ISPs Built-in WAN optimization Full ExpressRoute support Comprehensive security enforcement Internal and cross-region network segmentation Access control based on user and instance identity Full traffic visibility and monitoring

10 Multi-Tier Architecture
Best Practices Use Case – Multi-Tier Multi-Tier Architecture Preventing direct connections through a reverse-proxy architecture Terminate all connections at a proxy Decrypt all data Inspect for any malicious content or embedded attacks Controlling traffic between VNETs Provide full visibility into traffic using IP, port, application, or protocol Control traffic between VNETs (block, allow, or re-direct)

11 Improve VPN Connectivity
Use Case – Multi-Tier Overcoming IPsec Limitations Powerful extensions to standard IPsec tunnel management TINA (Transport Independent Network Architecture) developed exclusively by Barracuda The TINA protocol allows use of TCP, UDP, and ESP for high speed VPN connections Substantially improves the VPN connectivity Not the best graphic, use the other one

12 Use Case - ExpressRoute
Protecting Microsoft Azure ExpressRoute Security Encrypts traffic across ExpressRoute Prevents direct traffic flow between applications and the cloud Inspects and logs all inbound and outbound traffic for reporting purposes Reliability VNET-to-VNET connectivity Automatically sets up a VPN for secondary connection in the event of failure Allows multiple ExpressRoutes; one primary and one secondary Intelligence Prioritizes traffic from any specified application and sends it via a configured link Blocks specific application traffic from going to and from Azure Allows or denies certain users based on credentials and access privileges

13 Securing ExpressRoute
Best Practices Use Case – ExpressRoute Securing ExpressRoute Preserving Low Latency Maintain a quality of service based off of protocol and application to achieve equal or better bandwidth than other applications Enabling End-to-End Line Security Encrypt traffic from end-to-end and send it through the system, while maintaining full control over keys and algorithms Controlling Traffic Access Monitor and control traffic based on IP addresses, ports, protocol, user identity, AD security groups, FQDN, Application Detection, and RPC portmapper information Protecting Networks from MPLS Failure Switch to an internet baseline in the event of MPLS router or line failure, and then automatically use that particular connection

14 User and Application Awareness
Use Case – ExpressRoute Barracuda NextGen Firewall F The Barracuda NextGen Firewall F-Series Application Delivery Network: • Provides quality of service for all applications hosted in Azure • Controls traffic based on protocols and ports, and is user and application aware • Offers access control, optimized routing decisions, and traffic prioritization and limits • Provides adaptive access to different types of applications hosted in Azure over one multi-transport VPN tunnel • Protects ExpressRoute from being clogged with bulk traffic

15 Barracuda Web Application Firewall

16 Barracuda Web Application Firewall on Azure
The Ultimate Protection Against Web Application Security Threats Cloud Security Threats Hacked APIs Data breaches DDoS attacks Application Protection HTTP/HTTPS Data loss prevention Application layer DDoS attack protection Granular identity and access management Comprehensive administration & management Web Based Apps Barracuda offers the highest levels of protection through their industry-leading security solutions including threat protection for sophisticated attacks, such as zero day, advanced malware, and automated threats.

17 Most Common Use Cases Application Security Azure AD Integration ADFS
Protecting custom apps from SQL injection, cross-site scripting, application distributed denial-of-service (DDoS) Azure AD Integration Azure Active Directory integration for identity and access management for the cloud ADFS Microsoft Active Directory Federation Services (ADFS) can provide security as well as pre-authentication Load Balancing Load balancing with persistence for highly secure and scalable application infrastructure Data Loss Prevention Inspecting all inbound traffic for attacks and outbound traffic for sensitive data

18 Use Case – Web Applications
Use Case – Web Apps Unified Security Platform for Your Web Applications Comprehensive Protection Protect sensitive information from being exposed at the server and control access based on location Proactive Defense Mechanism With Geo-IP control, admins are able to either deny or provide access to certain geographies Data Loss Prevention Create custom patterns to prevent the loss of sensitive data such as social security and credit card numbers Transparent Authentication Single sign-on improves employee productivity by eliminating multiple authentication sessions

19 Safe Publishing of SharePoint Applications in Azure
Best Practices Use Case – Web Apps Safe Publishing of SharePoint Applications in Azure How to Deploy Barracuda Web Application Firewall for SharePoint Applications Azure Marketplace Configure VM Expose Endpoints Configure Service Monitor Traffic Search on Barracuda in Azure Marketplace Deploy a WAF or a WAF instance Configure your Barracuda WAF virtual machine Deploy WAF Expose endpoints directly through the Barracuda Web Application Firewall Configure service in WAF instance Select pre-defined SharePoint security policy Review traffic logs Secure endpoints and fine tune SharePoint security policy

20 Dynamic Scaling in Azure
Use Case – Web Apps Protect Multiple Applications with Single Cluster of WAFs Protect multiple applications with single cluster of WAFs • Provide load balancing and maintaining persistence for multiple servers • Scale Barracuda Web Application Firewall as your needs increase or decrease • Protect App1 with N number of servers with single cluster of WAF • Utilize classic (ASM) and resource manager (ARM) environments

21 Next Steps and Resources
Learn Contact Try Ask Learn more For a rich library of resources, visit the Barracuda Azure website Contact Barracuda Start a 30-day free trial Ask for a demo and proof-of-concept Videos Technical Briefs Deployment Architecture Diagrams We are helping customers move to the cloud everyday – how can we have a technical conversation to help guide you to a safe- talk to us, register online, architecture session, web conference, demo or architectural POC

Download ppt "Accelerating Your Journey to a Safe Cloud"

Similar presentations

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Barracuda Web Application Firewall

Barracuda Web Application Firewall
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Barracuda Networks Steve Scheidegger Commercial Account Manager 734-887-2422

Barracuda Networks Steve Scheidegger Commercial Account Manager
Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.

Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Web Application Firewall (WAF) RSA ® Conference 2013.

Web Application Firewall (WAF) RSA ® Conference 2013.
1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.

1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.
1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Network security Product Group 2 McAfee Network Security Platform.

Network security Product Group 2 McAfee Network Security Platform.
Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.

Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.
Barracuda Networks. Safe Public Cloud Transitions Why Barracuda? The Challenge When organizations move workloads to the public cloud, data protection.

Barracuda Networks. Safe Public Cloud Transitions Why Barracuda? The Challenge When organizations move workloads to the public cloud, data protection.
Architecting Enterprise Workloads on AWS Mike Pfeiffer.

Architecting Enterprise Workloads on AWS Mike Pfeiffer.
READ ME FIRST Use this template to create your Partner datasheet for Azure Stack Foundation. The intent is that this document can be saved to PDF and provided.

READ ME FIRST Use this template to create your Partner datasheet for Azure Stack Foundation. The intent is that this document can be saved to PDF and provided.
Web Content Security Unlock the Power of the Web

Web Content Security Unlock the Power of the Web
Barracuda NG Firewall ™

Barracuda NG Firewall ™
Guidelines on how this deck should be used

Guidelines on how this deck should be used

Similar presentations

Ads by Google