- What is a Next Generation Firewall?
- Why do I need a Next Generation Firewall?
- What are the major capabilities of the Barracuda NG Firewall?
- What are the differences in levels between the Barracuda NG Control Center editions?
- What application proxies are included?
- What is Layer 7 application profiling?
- What user authentication methods are supported?
- Does the Barracuda NG Firewall help my organization troubleshoot network problems?
- What if I am not looking to replace my entire firewall infrastructure?
- What appliance models are recommended for my organization?
- Does the Barracuda NG Firewall involve per user fees for VPN client or SSL VPN client usage?
- What is the pricing?
- What is included in the Energize Updates subscription for the Barracuda NG Firewall?
- Is there a warranty?
- When will the Barracuda NG Firewall be available?
- What if I have more questions about the Barracuda NG Firewall?
What is a Next Generation Firewall?
Next generation firewalls are the successors of traditional firewall and unified threat management (UTM) devices. Traditional firewalls generally perform packet forwarding and blocking functions and often incorporate packet inspection techniques. UTM devices usually add content security functions but typically fail to tightly integrate those functions tightly with network management, network access and WAN connectivity capabilities of enterprise-class firewalls.
To protect networks in the presence of social media and other Web 2.0 applications, a next generation firewall infrastructure intelligently combines network security, content security, Layer 7 application profiling and network access control to detect application-specific attacks, enforce application-aware inbound and outbound access policies, and perform application-aware traffic routing and prioritization across the wide area network (WAN).
Based on over a decade of R&D and real-world deployments in over 1,000 of the most demanding enterprise customer environments, the Barracuda NG Firewall is the most advanced next generation firewall on the market today.
Why do I need a Next Generation Firewall?
Absent application awareness, existing firewall and UTM solutions will generally prove ineffective at dealing with a growing category of current and emerging threats. Even when best-of-breed point solutions can be utilized to provide protection along all threat vectors, such as email, Web, remote access, and IM, operational costs can typically be reduced through consolidation.
Beyond threat protection, application-awareness can dramatically improve traffic prioritization and routing decisions over site-to-site connections, resulting in cost reductions of MPLS, leased line, bandwidth, or 3G data charges associated with maintaining reliable WANs.
Through the Barracuda NG Control Center, the Barracuda NG Firewall delivers next generation firewall features with industry-leading centralized management, capable of scaling to thousands of firewalls with very little administrative overhead.
What are the major capabilities of the Barracuda NG Firewall?
The Barracuda NG Firewall is a next generation firewall and VPN that provides:
- Integrated content security and network access control
- Optimization of intelligent traffic flow across the WAN
- Industry-leading centralized management capabilities
Integrated content security and network access control:
Barracuda NG Firewall integrates a comprehensive set of next generation firewall technologies, including Web filtering, malware protection, intrusion prevention, anti-spam protection and Layer 7 application profiling.
Barracuda NG Firewalls include licenses for an unlimited number of IPSec site-to-site connections and IPSec clients through the Barracuda NG VPN Client. The Barracuda NG Firewall SSL VPN and NAC option adds a customizable and easy-to-use Web portal-based SSL VPN as well as sophisticated network access control (NAC) functionality. NAC allows enforcement of minimum Windows client security prerequisites before being allowed access to the network or access to a quarantine network. Security posture can be specified according to available Windows patch level, availability of anti-virus and/or anti-spyware and user ID. The Barracuda NG Network Access Client also adds support for 802.1x port based security for 802.1x enabled routers and switches.
Optimization of intelligent traffic flow across the WAN:
The Barracuda NG Firewall provides application-aware traffic management and prioritization across the WAN, featuring adaptive routing based on network traffic conditions and link status. In addition, through Barracuda NG Control Center, administrators can efficiently monitor VPN tunnels and firewall status.
Industry Leading Centralized Management Capabilities:
To centralize management across many different firewalls and remote access users, the Barracuda NG Control Center enables administrators to configure security and network access policies, control firmware update revisions, and manage user settings. Template-based configuration and globally available security objects enable efficient configuration across thousands of locations.
The Barracuda NG Control Center supports multiple administrators simultaneously - even within the same configuration tree. Highly customizable administrative roles can be defined to delegate administrative capabilities for specific departments or locations.
What are the differences in levels between the Barracuda NG Control Center editions?
The Barracuda NG Control Center is offered at three levels - Standard Edition, Enterprise Edition and Global Edition. All Barracuda NG Control Center levels enable administration of an unlimited number of Barracuda NG Firewall platforms. The Standard Edition allows for a single configuration group. The Enterprise Edition allows for an unlimited number of configuration groups for a single enterprise / tenant or “range.” The Global Edition is designed for service providers who service multiple tenants and allows for separate and secluded configuration trees for each “range.”
What application proxies are included?
The Barracuda Networks NG Firewalls include application layer proxies for HTTP, HTTPS (optional), FTP, SSH as well as a generic TCP and SOCKS proxy.
What is Layer 7 application profiling?
Application identification techniques in traditional firewalls typically rely on layer 3 (destination IP address) or layer 4 (TCP port / protocol) definitions.
Next generation firewalls utilizing Layer 7 application profiling can identify and enforce policy on more sophisticated applications which may hide their traffic inside otherwise “safe” port/protocols such as HTTP. Skype and peer-to-peer (P2P) applications are particularly notorious for requiring Layer 7 application profiling for policy enforcement.
The Barracuda NG Firewall integrates Layer 7 application profiling into its core firewall functions, enabling enforcement of policy based on user ID, security policy, location, and time of day. Policy actions can include blocking, allowing, throttling, or even enabling or disabling of specific application features.
What user authentication methods are supported?
The Barracuda NG Firewall can authenticate users and enforce user-aware policy using Active Directory, NTLM, MC CHAP, RADIUS, RSA SecurID, LDAP/LDAPS, TACACS+, and x.509 certificates.
Does the Barracuda NG Firewall help my organization troubleshoot network problems?
All Barracuda NG Control Center and Barracuda NG Firewall appliances come with extensive network connectivity troubleshooting and visualization tools. Even for large networks it typically only takes a few mouse clicks to analyze and remediate a problem in the central audit log or access cache screen.
What if I am not looking to replace my entire firewall infrastructure?
In addition to the Barracuda NG Firewall, Barracuda Networks offers a set of best-of-breed point solutions to address your needs if you are not looking yet to replace your entire firewall infrastructure. Relevant point solutions include:
- Email security: Barracuda Spam & Virus Firewall
- Web filtering: Barracuda Web Filter or Barracuda Purewire Web Security Service
- Layer 7 application profiling: Barracuda Web Filter
- SSL VPN: Barracuda SSL VPN
- Site-to-site IPSec VPN: Barracuda Link Balancer
- Link load balancing: Barracuda Link Balancer
What appliance models are recommended for my organization?
The Barracuda NG Firewall is a family of hardware and virtual appliances designed to service next generation firewall capabilities to all office locations of enterprise networks. This includes very small remote locations, home offices, branch offices, headquarters and data centers. Typically, Barracuda NG Firewall models are sized based on firewall throughput, VPN throughput, concurrent connections, and the features selected. For more information, please contact your Barracuda Networks systems engineer.
Does the Barracuda NG Firewall involve per user fees for VPN client or SSL VPN client usage?
No. The Barracuda NG Firewall models include a license to an unlimited number of Barracuda NG VPN clients. With the purchase of the Barracuda SSL VPN and NAC option, there is no licensed limit to the number of Barracuda NG Network Access clients or Barracuda NG SSL VPN users.
What is the pricing?
The Barracuda NG Firewall comes in seven base hardware configurations, ranging from very small office to data center locations. Entry level pricing for the Barracuda NG Firewall F10 starts at $599.
What is included in the Energize Updates subscription for the Barracuda NG Firewall?
Energize Updates from Barracuda Central deliver updates on the extensive library of definitions for intrusion prevention and Layer 7 application profiling. In addition, Energize Updates subscriptions also provide access to Basic Support, Firmware Maintenance and optional participation in the Barracuda Early Release Firmware program.
Is there a warranty?
There is a one year warranty against manufacturing defects in the USA and Canada.
When will the Barracuda NG Firewall be available?
The Barracuda NG Firewall is available immediately for sale in North America with the ability to ship to remote customer locations across the world. Please contact your Barracuda Networks sales representative for more information.
What if I have more questions about the Barracuda NG Firewall?
For additional assistance or for a product demonstration of the Barracuda NG Firewall, please contact Barracuda Networks at 888-ANTI-SPAM or +1 408-342-5400.
Related Information
Certifications
Customer Spotlight See more..
Customer Feedback See more..
Barracuda Networks is a highly reputable company throughout the world, known for its security expertise. We are convinced that with Barracuda Networks as the new company behind our firewall infrastructure, we will be well-served and supported for many years to come.
