Barracuda Networks – Barracuda Web Application Firewall 460
November 01, 2012
$8,898 base with one year Energize Updates.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Clean interface with solid feature set.
- Weaknesses: May be underpowered and no 24-hour replacement option.
- Verdict: A good buy for small to midsized businesses, though larger enterprises may want something more.
Relatively inexpensive, but with a strong feature set, the Barracuda Web Application Firewall provides affordable security without skimping on features or breaking the bank.
Shipped as a rack-mountable appliance, Barracuda made setup of the device extremely simple. Following the quick-start guide, it was a simple matter of setting our interface IPs, updating the firmware and configuring a service - all completely straightforward. From unboxing to completing our first policy configuration, we were up and running in about 15 minutes.
Anyone who has used a Barracuda Networks product in the past will instantly be familiar with the user interface. A clean statistical dashboard is presented on logging in, and all device configuration categories are arranged in tabs across the top. By hovering over each tab, the relevant subscreens are displayed. Administrators can get from one configuration or report page to any other with a single click. Multiple administrator roles can be defined with granular control allowed per user over which configuration and report screens to display. The device can be deployed in the industry standard reverse proxy mode, a bridge path mode or one-armed proxy mode. Although we chose to go the reverse proxy route, we liked the flexibility the device offered.
The product supports application acceleration and content caching and offers an implementation of SSL offloading it calls InstantSSL, which functions as one would expect. Some of the solution's default policies include parameter attack filtering against SQL injection, OS command injections, directory traversal, XSS and others, digital signing or encryption of cookies, server error suppression, file extension blocking, request sizing limits and cookie replay protection.
The product offers traffic monitoring in a passive mode, allowing administrators to observe violation reports and adjust policies if false positives are detected. An automated policy tuner integrates with the firewall logs and generates exceptions or tunes existing policies. The policy tuner also allows granular rules to be created governing specific portions of a web application, such as a web form.
We were pleased with Barracuda's documentation. The two-page quick-start guide gave us everything we needed to have a basic configuration in minutes. The website offers more in-depth administrator's guides, a best practices guide, and a variety of whitepapers. Everything was well organized and easy to find.
The product ships with basic support included, which gives users eight-hours-a-day/five-days-a-week phone and email support and a year's worth of Energize Updates. For an additional yearly fee, administrators can purchase the company's enhanced support package, which includes 24/7 phone and email support and hardware replacement within one business day.
The cost of Barracuda's enhanced support package is $1,549 per year. We would have liked to see a 24-hour replacement option instead of just one business day. But, the price per unit is almost low enough to keep a spare on hand. At a cost of $8,898 (with one year Energize Updates), the Barracuda Web Application Firewall is a solid value.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards