Barracuda Intrusion Prevention System Layer

Using the tests associated with the Barracuda Intrusion Prevention System Layer (see Figure 1), you can monitor the following for the target Barracuda WAF:

• Is the cookie handling on the configured service secure and error-free, without signs of tampering, encryption failures, or decryption issues?

• Are any services experiencing frequent request component overflows such as excessive URL, header, or content lengths?

• Which services are most affected by blocked method errors or request length violations?

• Is the total number of profile violations unusually high for the service?

• Are the ACL hits, policy hits, reserved ACLs, and allowed hits showing that the URL access control is working well?

• Does the frequency of URL normalization errors,encoding, slash dot, tilde, and character set, indicate improper traffic handling?

• Are URL translations, re-writes, and redirects happening as expected?

• Are URL policies being served efficiently without excessive queuing, dropping, or resource errors?

  

  Figure 1 : The list of tests associated with the Barracuda Intrusion Prevention System Layer