Barracuda Web Application Firewall (Model 660)
November 01, 2013
$9,999, plus $2,699 annual updates subscription.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Monitoring of several servers and applications at once and extensive feature set.
- Weaknesses: Slight potential for confusion during initial configuration. Updates for subscription are priced extra, but required.
- Verdict: A good choice for a web application firewall. This month’s Recommended product.
Barracuda Networks is a venerable company with a rapidly growing line of security tools. Once known primarily for email security, Barracuda now provides a host of products, such as the Web Application Firewall (Model 660), a useful tool that provides protection for web applications. These web applications can range from a simple website to FTP servers. Our testing of the WAF 660 involved using a BackTrack 5 machine and a Windows 7 target with Internet Information Services (IIS) installed. This Barracuda product protected and logged attacks sent to the IIS server as advertised.
The tool sports an extensive feature set, including most of the functionality one would expect in an application firewall and a few that raise this product above most others. Typical protection includes DDoS, botnet and outbound data leakage prevention (DLP) capabilities. Integration with SIEMs and the expected malware protection are, of course, part of the product.
The WAF 660 has an above average, well-organized user interface design that gives the user access to a web firewall and access and audit logs,with the ability to create reports based off of the logs. Along with these, the GUI gives the user performance and WAF statistics, such as active servers, CPU temperature, WAN/LAN port status, total attacks, and daily and hourly attacks with graphic and non-graphic reports.
The initial configuration can be somewhat confusing as there are two ports in the front and the back. The important WAN/LAN ports are in the front, instead of being in the back as in most servers. That important feature should be noted when deciding on how to rack the device for greatest efficiency. Once the appliance is initially configured, the administrator can access the device's user interface using the WAN IP, allowing configuration of the LAN IP and the services they want the WAF to protect.
The logging is useful to not only system administrators, but to investigators. The administrator is able to create a log in the form of CSV files and the investigator is able to download these CSV files to analyze. Rules can be made to allow or deny specific IP addresses and ports that access the specific servers.
The WAF 660 has a reasonable price of $9,999, plus the required one year Energize Updates subscription of $2,699. This takes its pricing into the average range for this product type. We wondered, though, why the update cost was not simply rolled into the base price of the product for the first year. Given its extensive feature set, though, the WAF 660 still is a good value for the money.
The support website is a fine mix of just about everything a user or prospective user needs.
Although there was a bit of a challenge with our initial configuration, once that is complete, the user can set up rules and services easily, knowing only basic information about the servers and application.
Stephen Resto contributed to this review.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Hack of airplane systems described in FBI docs raises security questions
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes