Barracuda Advanced Threat Protection (ATP)
Next-Generation Protection against Advanced Malware, Ransomware, Targeted Attacks, and Zero-Day Threats.
The threat landscape is constantly evolving. Your organization faces zero-hour malware exploits, targeted attacks, and advanced persistent threats that routinely bypass traditional signature based IPS and antivirus engines. You are not alone. These constant threats impact companies across all industries, from small to large organizations with increasing frequency. Barracuda's Advanced Threat Protection enables businesses like yours to go beyond securing and protecting their assets from intrusion and data loss.
All Advanced Threat Protection licenses can be found on their own individual product pages or purchase them below, more options can be found on individual product pages. Can't find the part you are looking for? Contact us today!
Why is Antivirus and IPS Not Enough Anymore?
The speed of doing business is steadily increasing. Unfortunately, this also applies to the business of malware and ransomware attacking your organization. Popular branches of cryptographic ransomware like Locky or CryptoLocker get reissued every five to 10 minutes, requiring a new signature. By nature, this is a showstopper for pattern-based defense layers like antivirus and IPS/ IDS. Today, threats spread at a high velocity, and it is not possible to detect a threat, isolate the signature, add the signature to the databases, and make it publicly and continually available within five minutes. By the time the database update is available, the threat has already compromised systems in a network and successfully covered up its traces.
While these signature-based legacy systems are still important as a first line of defense for prefiltering the network traffic, organizations still need an additional security layer to protect against today’s targeted malware.
The Barracuda Difference
Barracuda Advanced Threat Protection (ATP) is a cloud-based sandboxing service that is available in all Barracuda CloudGen Firewall Series models, as well as available for all sizes and deployment types. Unlike many other first-generation, advanced persistent threat security vendors, Barracuda's ATP implements full-system emulation and next-generation sandboxing techniques that provide granular visibility into malware behavior.
First, all files are checked against a constantly updated and worldwide synchronized hash database of already emulated files. If the file is not known, it is uploaded and emulated in a virtual sandbox where all malicious behavior is revealed. While traditional breach detection solutions detect network threats only after they have entered the network and after sending log notifications to the administrator, ATP on Barracuda's CloudGen Firewalls stops not yet known advanced persistent threats and ransomware before it enters the network.
Additionally, Advanced Threat Protection is also available on the Barracuda Email Security Gateway, Barracuda Essentials for Office 365, and Barracuda Essentials for Email Security – processing more than 20 million requests per day. This results in one of the world’s most comprehensive databases of known bad IP addresses, “spyware domains," and command and control servers used by botnets.
Provides the Flexibility an Organization Needs
Administrators have to deal with more than just one file type and/or protocol. Barracuda Advanced Threat Protection gives CloudGen Firewall administrators the flexibility they need to ensure the highest quality of service possible.
Create ATP policies per file type, whether it's an Office file, Android APKs, Executables, etc. Even the protocol where the file entered your network can be taken into consideration. Therefore, a policy may force PDF files received via spam mail to be rigorously handled than PDF files coming from a well-known, good website.
Define (per file type/protocol) how the files are delivered. ATP offers a fast mode, where the file is simultaneously delivered to the emulation service and the requesting system, thereby minimizing delivery delay. As soon as the file is scanned and malicious file activity has been identified, a log event is created and the administrator can contact the user to remediate the threat. Since the malware has been downloaded to the corporate network already, preventing the malware from spreading and causing further damage is key. Barracuda CloudGen Firewalls can be configured to automatically quarantine user/IP/machine combinations for these cases, blocking further network activities. If the file is recognized as benign, the quarantine status is set back and the system is granted all connectivity again.
ATP's second mode of delivery inherits more security, but also includes a slight delay in delivery. This delay depends on if the file is already known to the ATP database. Depending on the file type such a delay in delivery may range from only a couple of seconds up to a minute.