Having multiple offices in different locations can be painful for admins. Barracuda focuses on the pain point which most of the large enterprise’s admins are facing and come up with Barracuda CloudGen Firewall which comes in two parts – hardware and virtual appliances.
It is an enterprise-grade, next-generation firewall built for efficient deployment and operation. It offers next-generation firewall protection and industry-leading operations efficiency. We got a chance to test its capabilities and here is what we think about Barracuda CloudGen Firewall;
Barracuda Firewall Control Center: Management made easy
The Barracuda Firewall Control Center is a central administration unit is designed to manage thousands of CloudGen Firewalls from one single window. It comes with a comprehensive set of central management services and features.
The Firewall Control Center enables admins to manage and monitor firewalls installed on various geo-locations as well as can simultaneously manage multiple firmware releases and platforms (hardware, virtual, and public cloud). Also, admins can configure and update licenses of the managed units remotely.
Barracuda Firewall Control Center has an intuitive UI that makes administrators’ life quite easy. Add or remove a network firewall and replicate the settings in one go.
Effortless security management
The firewall doesn’t come with pre-defined security rules. Admins can define every single rule for security for endpoints. The control center lets you create policies, as well as, handle software patches and version upgrades in a centralized manner. Moreover, you can schedule the deployment and apply to all managed devices.
This also allows to customize administrative roles for specific departments or locations or even for only certain aspects of the security posture (e.g., web filtering). For MSPs, this also includes multi tenant approach where the MSP hosts the Firewall Control Center while the customer has (adjustable) access rights to the configuration and real-time information. Admins will get all the notifications, status of remote gateways and can implement centrally defined security rules at every location. Moreover, it comes integrated revision control system that provides easy audits and cuts overhead. You can check sessions of each machine, what they are operating. One can audit logs, check events, configure the box and more.
And – last but not least – Barracuda’s firewall solution comes with extensive real-time troubleshooting capabilities. In case of emergency, administrators can access live data from the systems to solve the issue.
Barracuda CloudGen Firewall F-Series
You don’t require a vanilla firewall to your growing public-cloud platforms and environments into your network. Barracuda CloudGen Firewall has all the essential security features plus it can ensure highly reliable and cost-effective connections. It optimizes your network performance, security, and availability.
Next-Generation Security - Barracuda CloudGen Firewall provides comprehensive, next-generation protection that includes firewalling, IPS, URL filtering, dual antivirus and application control take place directly in the data path. With the optional Advanced Threat Protection, the network is also protected against ransomware.
This cloud-based security service is part of a multi-layered security approach and runs the resource-intensive next-generation sandboxing in the Barracuda Cloud.
Especially for BYOD environments or fresh implementation of CloudGen Firewall, the Botnet & Spyware protection (as part of Advanced Threat Protection) comes handy as it checks any connection request and reroutes the traffic if a malicious server is the desired destination, while notifying the administrator about the incident.
Comprehensive SD-WAN Capability – No one wants to lose connectivity from the head office to branch offices or to business-critical cloud-hosted services/applications. Barracuda offers you seamless connectivity in a secure way with its SD-WAN capability.
It is a cost-effective solution to utilize up to 24 broadband connections per VPN tunnel for increased bandwidth at lower cost. Meaning, if a single or even more than one network is down, it can balance the connectivity by utilizing the working networks to offer a seamless experience. The shift from one to another network happens as fast as blinking your eyes, thus end-users can’t even recognize the disconnection.
Connecting the Dots - The intuitive single-pane UI offers a seamless operation centrally to manage the network. Also, it lets you access the benefits of the cloud safely, and to optimize cloud access from anywhere in the network.
Distinctive Barracuda Features
TINA VPN Tunnels (Transport Independent Network Architecture) - Barracuda has developed a proprietary extension of the IPsec protocol to improve VPN connectivity and availability over the standard IPsec protocol, called TINA. Based on your requirements/priority, it offers advanced VPN features and enhances denial-of-service protection for X.509 certificate-based authentication.
Traffic Shaping and Quality of Service - Barracuda CloudGen Firewall provides a large set of QoS (Quality of Service) techniques, such as traffic shaping, traffic prioritization, and bandwidth partitioning, which assigns a bandwidth limit to certain types of traffic. To select traffic for different priority classes, the available real-time traffic analysis can be used to identify whether network traffic was sent by business-critical applications or by potentially unwanted applications.
SSL Interception - All Barracuda CloudGen Firewall models can apply IPS, Virus Protection, Application Control, URL Filter and even Advanced Threat Protection to SSL encrypted web traffic using the standard 'trusted man-in-the-middle' approach. SSL Interception can be fine-tuned to exempt local networks, users/groups, URL Filter categories or custom defined domains from SSL Inspection.
Performance
After setting up the appliance on our test network, we registered and synchronized the device. And before running any tests, we added the required policies and created a machine with different types of viruses (macros, zipped files, etc.). We then tried to download these viruses from the machine through the appliance. The security appliance effectively blocked more than 94% of the viruses and displayed a custom message.
We then used a POP3 server to test its anti-spam capabilities and dumped spam emails into it. When we tried to download these emails, the appliance scanned and tagged them.
It also has TINA VPN Tunnels technology to provide protection against DDoS, ransomware and targeted attacks. Using the Kali Linux, we created some of the attacks and it was able to protect the network completely.
Price:
BNGIF12a - Barracuda CloudGen Firewall F-Series F12 - $ 974.60
BNGIF12a-eh1 - Barracuda CloudGen Firewall F-Series F12 1 Year EU+IR - $ 352