08-Jan-2018   |     |   0

Barracuda NG firewall Review

If you have used MS TMG for example for a browser proxy, you will be glad that Baracuda firewall works great for website filtering as well. In addition, files which are download are being checked in real-time for virus or malware infection. We have used TMG for increased protection against viruses with subscription and GFI add-on as well. If you still have a similar solution, you can switch to Barracuda easily now.

Baracuda firewall works great for website filtering. Where it really shines is traffic live feed and monitoring of live traffic in real-time. There is always current state on the display and when we click on the type of the traffic we get exact information.For example, if you want to see everything related to Youtube, we can select filter Youtube and we get information who, when and what has been watching on Youtube with connections to youtube videos. For every application, we can define a schedule when users can use it. For example, we can set a policy that Facebook is only available during the launch time. We can create QOS per application, meaning that we can change a priority for bandwidth. I think this feature is simply amazing as you can limit Youtube bandwidth. Many users listen to music by playing Youtube. If one user is playing a video that is fine. But when every second user is doing that, Youtube could quickly have the impact on the bandwidth. Youtube automatically detects your screen size, and can easily serve HD version of the song, affecting the bandwidth even further. By using QOS we can fix that.

We can also filter all reports and show them on the screen, but we can also export and view them in Excel.

barracuda-ng-firewall-monitor
barracuda-ng-firewall-monitor

I would like to mention that GUI is very easy to understand. And so is navigating and looking at what’s happening on the network. Dashboard will show you essential information, and from here you can move quickly to URL filtering for example.

Sometimes, we tend to forget about business continuity. Barracuda NGFW can work with multiple internet providers at the same time. That functionality is built in the core and is easy to configure. Feature wise it’s ready for the most demanding environments. It will intelligently move the session from between internet providers. If we have configured BGP, we can enable remote VPN connection without interruptions.

Configuration

You can use Baracuda NGFW as a default gateway, transparent proxy or as a standard firewall perimeter. You can configure an appliance from the console via a cable. You can also use SSH protocol for connecting through the network. Baracuda provides one of the best-looking configuration GUI’s called Baracuda NextGen Admin (also referred to as NG Admin) for graphical configuration.

You can use NG Admin to configure one device or you can use it to connect to the controlling unit. We can then manipulate other connected units.

If we have firewalls across the globe, we can use a program called NG Earth. We can see literally where on the Earth our firewalls are connected and what is the state of devices. If they are having problems we can spot problematic devices as they are shown in different colors. We can also see their connections in real time.

Centralized management of multiple units supports simultaneous configuration on various firewalls. We can save templates for the exact segment and use templates on a complete network. We can then segment firewall configuration. One of the usability advantages of Barracuda is Undo function. When we configure a firewall, we always have an option – Discard. We can undo our last configuration. Only when we save configuration it becomes active.

Baracuda can work as a classic NAT but it can work as a transparent proxy (that works only for physical appliance – you can not use a virtual appliance).

Creating objects which are later used in the rules is simple. We can block entire internet traffic or just a specific protocol. With just a couple of clicks, Barracuda NGFW also has a list of Countries built in. By having countries in the policy, it means that we have another option which we can use to secure our perimeter. Countries can be easily used in policies. For example, we can block all traffic coming in our out of the China. Using the countries in the policies can decrease attacks on our IP, but it doesn’t mean it will prevent all of them. Attackers are using cheap VPS servers which are available in all countries, including Europe and USA.

Most of a configuration works in a way that first rules allows the policy. The last are the one that block. If you remember, MS TMG works in a similar way so migration will be easy. We can segment the users based on groups, we can use Active directory integration, or we can use a local database if the environment is too small. We can use external Radius server for authentication. It has support for x.509 certificates. It also has support for SMS Passcode authentication . We can use it as a classic NAT or it can work as a transparent proxy.

For VPN authentication Barracuda supports SMS Passcode, making login process very secure.

Barracuda supports site to site VPN connection, SSL VPN (connecting to VPN through the browser), it supports all major protocols like IPSec, L2TP, PPTP. We can import a certificate from a certificate authority or we can generate one. Connections can be encrypted with AES 128/256, Blowfish, 3DES and with CAST crypto algorithms.

Mobile VPN application is available for devices with IOS and Android OS. VPN client is available in the app store of respective mobile OS.

Security

Barracuda NGFW protection is two-fold. First, it scans the packets for anomalies. With updates, it gets information about the latest vulnerabilities in programs and type of patterns which it finds in the traffic and protects internal systems from zero-day attacks. Definition Updates are automatic and work similar to anti-virus updates. It can protect against DOS and DDOS attacks.

Files which are being downloaded are checked in real-time for virus and malware infection.

Barracuda NGFW can also handle encrypted SSL connections. Once this option is enabled, firewall intercepts communication between the client and destination and can easily see if the traffic is against the policy we have set. By using Barracuda NGFW we can control applications which connect to the internet and can block them if required.

Summary

Baracuda has many models, therefore is suitable for SMBs and big companies. Functionalities that it offers are above most of the firewalls currently in use in the companies. They offer better protection which leads to increased productivity. In the past prices for such devices were very expensive, but now, we can get the entry model for the price of a good laptop.

Barracuda covers a complete range of next generation firewalls, from entry level to the enterprise solutions. You can choose a hardware or virtual appliance. Starter model comes equipped with Atom CPU, an SSD drive and a reasonable price. If you a looking for a Firewall replacement, I recommend that you get in touch with Barracuda representative. I hear they have great promotions and also offer a trial on your premises.

Source


Comments (0)