Organizations that work with a variety of third-parties in a cloud-based environment are challenged with finding a scalable and elastic security solution, that also meets their partners’ regulations and remains easy-to-use. Barracuda delivers cloud-connected security to simplify your IT environment, and their Web Application Firewall is an elastic and scalable solution for AWS that adapts to and deters evolving threats in a cloud environment. Iris Solutions, a multi-national cloud based enterprise software provider, needed to secure their eSignature SaaS with a tool that facilitated elasticity and scalability to help streamline expansion into several different markets, while meeting the strict regulations they encountered. Register for our upcoming webinar to learn why Iris chose to integrate Barracuda Web Application Firewall with AWS Services, such as Amazon CloudWatch, AWS Elastic Load Balancing, and AWS Identity and Access Management, to overcome their challenge without slowing the pace of transactions. Join us to learn: • Best practices for securing web-facing applications on AWS • The features and benefits of using Barracuda WAF on AWS to protect web-facing applications from targeted and automated attacks • Insights on the flexible deployment options that Barracuda offers to best complement your AWS environment Who Should Attend: Directors, Security Managers, Security Engineers, Security Architects, IT System Administrators, System Administrators, IT Administrators, IT Managers, IT Architects, IT Security Engineers, Business Decision Makers

1. Barracuda WAF: Scalable
Security for Applications on AWS
Nick Matthews • Partner Solutions Architect, AWS
Amy Bray • Senior Product Marketing Manager, Public Cloud, Barracuda
Richard Turner • Product Marketing Manager, Barracuda
Neil Correa • Cloud Security Solution Architect, Barracuda

2. AWS Introduction
Barracuda Introduction
 About Barracuda Solutions on AWS
 Barracuda Web Application Firewall
Customer Case Study: Iris Solutions
 About Iris Solutions
 Challenges
 Why Barracuda + AWS
 Solution
 Conclusion
Q&A
Agenda

3. $6.53M 56% 70%
https://www.csid.com/resources/stats/data-
breaches/
Increase in theft of hard
intellectual property
http://www.pwc.com/gx/en/issues/cyber-
security/information-security-survey.html
Of consumers indicated
they’d avoid businesses
following a security breach
https://www.csid.com/resources/stats/data-
breaches/
Average cost of a
data breach
Your Data and IP are Your Most Valuable Assets

4. AWS Can Be More Secure Than Your Existing
Environment
In June 2015, IDC released a report which found that most customers can be more secure
in AWS than their on-premises environment. How?
Automating logging
and monitoring
Simplifying
resource access
Making it easy to
encrypt properly
Enforcing strong
authentication

5. AWS Foundation Services
Compute Storage Database Networking
AWS Global Infrastructure
Regions
Availability Zones
Edge Locations
Identity &
Access Control
Network
Security
Customer applications & content
You get to
define your
controls ON
the Cloud
AWS takes
care of the
security OF
the Cloud
You
Inventory
& Config
Data
Encryption
AWS and You Share Responsibility for Security

6. Constantly Monitored
The AWS infrastructure is protected by extensive network and security
monitoring systems:
 Network access is monitored by AWS
security managers daily
 AWS CloudTrail lets you monitor
and record all API calls
 Amazon Inspector automatically assesses
applications for vulnerabilities

7. Highly Available
The AWS infrastructure footprint protects your data from costly downtime
 38 Availability Zones in 14 regions for
multi-synchronous geographic redundancy
 Retain control of where your data resides
for compliance with regulatory requirements
 Mitigate the risk of DDoS attacks using
services like AutoScaling, Route 53

8. Integrated with Your Existing Resources
AWS enables you to improve your security using many of your existing
tools and practices
 Integrate your existing Active Directory
 Use dedicated connections as a secure,
low-latency extension of your data center
 Provide and manage your own encryption
keys if you choose

9. Key AWS Certifications and Assurance Programs

10. Barracuda and AWS
 APN Advanced Technology Partner
 Has achieved Security Competency for WAF
 Globally Enabled in all AWS Regions, including
GovCloud
 Leverages AWS Innovations
– CloudFormation Templates
– Autoscale Deployments
– Beanstalk

11. Barracuda Networks
Amy Bray • Senior Product Marketing Manager, Public Cloud, Barracuda

12. About Barracuda Networks
 Network and application security engineered for cloud deployments
 Trusted by more than 150,000 organizations
 Customer-centric business model
 Laser focus on innovation for the cloud era
1300+ Employees 5000+ Partners Offices in 15 Countries

13. Leverage AWS Infrastructure
Migrate existing web applications
to AWS without modification
Scalable and clusterable to protect
multiple applications
AWS CloudFormation streamlines
Barracuda WAF deployment
Integration with Amazon Virtual
Private Clouds and Amazon
CloudWatch
Full support for AWS Elastic Load
Balancing
Flexible AWS Marketplace licensing
to fine-tune your ROI

14. Barracuda Differentiators
Flexible Deployment:
Protect workloads with cloud, hybrid,
virtual, or on-premises deployment
options
Rapid Deployment:
Ease-of-use allows for fast set-up and
simple manageability
Facilitated Innovation:
Secure attack vectors without harming
performance, enabling focus on
innovation
Human Support:
Connect customers to award-winning
support staff, available 24x7

15. Barracuda Focus Areas
Network Security Application Security

16. Five Steps to Infrastructure Readiness
Preparation
Strategy
Qualify
Secure
Move/Build

17. Barracuda WAF on AWS
Preparation & Strategy Qualification & Security Move / Build
• Which web-facing apps are
you migrating first?
• What’s your timeframe for
migration
• How did you secure those
web-facing apps before
AWS?
• How will you qualify
additional security you
deploy in from of your web-
facing apps?
• Benefits are quantitative –
i.e., the more you migrate,
the more you benefit (cost,
flexibility, management)
• Consider mission-critical
workloads

18. Customer Success Story:
Iris Solutions
Richard Turner • Product Marketing Manager, Barracuda

19. About Iris Solutions
 Highly-secure electronic signature solution
 Must conform to PIPEDA, UTEA, and
ESIGN laws
 Customers include:
– Financial institutions
– Commodity traders
– Capital markets
 Innovative solution for telecoms
 Integrates operations from production to support
 Automates credit card checks, eSignatures
 Insulates carrier from retail changes
 Eliminates multiple integrations

20. For Iris Autograph, the Cloud Is Key
 Both solutions rely on cloud processing
and integration
 For IRIS Autograph, this means automating
authentication and encryption in IRISeal
 Resilient platform must handle millions
of transactions in short bursts
Check Sum
Encryption
Certificate
Metadata
<Audit Log>
Document
<Audit Log>

21. Cloud Is Central to Iris ITS
 Cloud is also key to IRIS Telecom Solution
 ITS Hub is key to bridging telecom retailers and telecom carriers
 Similar to Iris Autograph, millions of transactions must be supported across relatively
short bursts
ITSretail+ ITS retail ITScarrier

22. Security Is Also Key
 Data integrity and cloud security are mission-critical
 Many regulations go beyond basic security solutions
 Customers need reassurance of Iris’ security measures
Sign
here
Signature
Capture
Devices
Client Services
IrisCloud
IrisSealˇ
VPN
+ =
Audit Log
Sign
here
Sign hereSign here

23.  Needed scalability, ease of management
 AWS serves as the hub to both business ends
 Web-facing solutions had to be resilient to attacks and threats
 Iris needed a security solution that was:
The Challenges
Flexible Resilient Easy to manage

24. “Our cloud strategy created
security gaps in some of our
departments. We did some
research and found exactly
what we wanted in Barracuda.
That’s about the whole story.”
Sergey Rodovinsky
VP of Technology, IRIS Solutions

25. Why Barracuda WAF in AWS Marketplace
Two-way protection – incoming
attacks and outgoing data loss
Strong authentication and control
capabilities to restrict access to
sensitive apps
Blocks application layer DDoS,
OWASP and other attacks
Provided scalable and elastic
environment
Offered simple provisioning

26. How Iris Leveraged Barracuda
 Acquired, provisioned Barracuda
WAF in AWS Marketplace
 Deployed in auto-scaling group to
handle large #’s of transactions
 Utilized Pay-as-you-Go licensing
to hedge against traffic bursts
 Gained enhanced two-way
protection for its highly-sensitive
customers
 Was able to deploy AWS Cloud
as its central hub for web-facing
products
AWS Management Console
InternetUser
Admin
Elastic
Load
Balancer
Elastic
Load
Balancer
Auto-Scaling Group Auto-Scaling Group
DynamicScaling
Barracuda Web
Application
Firewall EC2
Instances
App Server 1
App Server N

27. Benefits Realized with Barracuda
Fully-leveraged AWS Cloud as
their [only] hub
Protected customers against
external attacks while preventing
data loss
Eliminated issues of scale and
burst requirements
Had tangible proof to sensitive
customers of enhanced security
Supported their ongoing expansion
without additional capital costs

28. Q&A
30-Day Free Trial Available
in AWS Marketplace
Learn More