Barracuda SSL VPN & Remote Access

Remote, Authenticated Access to Applications and Data

Free Trial

Features

Mobile Device Support

The Barracuda SSL VPN allows remote workers to securely access an organization's applications and files from virtually any mobile device, via an easy-to-use mobile portal. Security is ensured through powerful multi-factor authentication options, while ease-of-use ensures low support costs. In addition, the device configuration feature allows easy configuration of iPhones, iPads and Mac devices for exchange, mail, LDAP, Webclips, Client Certificates, IPsec, and PPTP. Windows devices can also be configured.

Back to top

Granular Resource Management

The Barracuda SSL VPN integrates a powerful engine that enables administrators to selectively authorize traffic to approved resources. The device integrates with Active Directory, LDAP, and other user databases, permitting administrators to define granular policies that allow specific users and groups to access network resources. Administrators can configure access to resources such as intranet sites, mapped network drives, applications like RDP, SSH/SFTP, CITRIX XenApp, and others.

Back to top

Multi-Factor Authentication

Remote users are required to properly identify themselves before obtaining entry to the network to prevent unauthorized access. The Barracuda SSL VPN can be configured to enforce a combination of authentication schemes including Active Directory passwords, hardware tokens, client certificates, and PIN numbers. Moreover, the Barracuda SSL VPN supports RSA SecurID, VASCO, Safeword, and CryptoCard authentication servers through RADIUS integration for access using a one-time password token. This security ensures that accessing the Barracuda SSL VPN from any web browser is backed by the protection of a strong authentication policy that allows only authorized users to enter the network.

Back to top

Network Access Control

Remote users can access network resources from a variety of end-points or client machines including shared computers. The Barracuda SSL VPN provides extensive network access control methods that will ensure a computer requesting remote access adheres to established security policies based on the operating system, web browser version, and other connection parameters before permitting network access.

Back to top

Barracuda Network Connector

Designed for applications using UDP, the Barracuda Network Connector is a secure IP tunneling client installed on users' workstations or laptops. The Barracuda Network Connector creates an IP connection to the Barracuda SSL VPN appliance and has a fully routed VPN connection to the remote network. This streams content from the remote network and allows the use of any TCP or UDP application such as legacy client/server applications. The Barracuda Network connector also supports password, PIN, or RADIUS authentication for added security.

Back to top

Hardware Token Authentication

The Barracuda SSL VPN supports RSA SecurID, VASCO, Safeword, and CryptoCard authentication servers through RADIUS integration. Hardware token authentication supports access using one-time password (OTP) tokens.

Back to top

Single Sign-On

The Barracuda SSL VPN integrates with user databases via LDAP, RADIUS, Active Directory, and NIS. Using central user accounts supports Single Sign-On while avoiding having to duplicate user data. The Barracuda SSL VPN can pass users' Active Directory credentials to the remote desktop session for true Single Sign-On. For transparent authentication when using reverse-proxy web forwarding, intranet websites can be launched that pass users' credentials to web applications.

Back to top

Reporting and Auditing

System administrators can easily view logs and generate reports for clear visibility into remote access. The Barracuda SSL VPN generates reports on VPN use, users, resource activity, and more with no database administration or other equipment required. All resource access through the Barracuda SSL VPN is audited. Real-time reports display privilege use, failed logons, file, and intranet use, as well as other information. The status page also provides statistics about resource use.

Back to top

Clientless Remote Access

Unlike traditional IPsec-based VPNs that require client software installed on remote machines, the Barracuda SSL VPN provides secure remote access to network resources from any web browser. This removes the overhead of installing and maintaining clients and permits secure access from any operating system that can support a standard web browser. SSL technology also eliminates some of the deployment issues around IPsec VPN technology like IP address conflicts, NAT traversal, and DNS issues. Some features require the use of Java plugin for clientless access.

Back to top

Web Portal

A web portal provides remote users with easy access to their assigned resources. Navigation is so easy that users in the office often prefer to use the portal to access their network resources as well.

Back to top

Multiple User Realms

Administrators use realms when an organization has multiple user databases. Realms let the Barracuda SSL VPN authenticate against multiple domain servers and directories such as LDAP and NIS.

Back to top

SSL Tunnelling

The Barracuda SSL VPN securely connects remote users through SSL-encrypted tunnels from any web browser. No client software is necessary. However, for richer tunnelling, the Barracuda SSL VPN offers the Barracuda SSL VPN agent, a lightweight Java tunnelling client. This agent supports remote applications such as Remote Desktop Services, Citrix XenApp, VNC, NX, SSH, and Telnet.

Back to top

Antivirus

The Barracuda SSL VPN automatically scans files uploaded to the network file system and from intranet web applications for viruses, spyware, and other malware. Barracuda Energize Updates keep virus definitions current in real time to prevent even the latest malware from uploading to the network.

Back to top

Virtual Keyboard

The virtual on-screen keyboard is a security feature that defends against key-logging attacks. The virtual keyboard echoes characters the user clicks on.

Back to top

Automatic Cache Cleaning

A cache-cleaning utility automatically clears session data from the user's web cache and history when the user logs out or disconnects. Cache cleaning prevents unauthorized exposure of information when users access the Barracuda SSL VPN from public or shared computers.

Back to top

Access Resources in Other Networks

The Barracuda SSL VPN Server Agent streamlines connections to services at remote sites without the risks and burden of using a fully routed IPsec connection. The Barracuda SSL VPN Server Agent directly connects to services hosted on remote networks from the Barracuda SSL VPN.

Back to top

Google Authenticator

Google Authenticator offers an easy way to use time-based, single-use passwords (TOPT) using Google infrastructure and mobile apps. The authentication module can be used by itself or in combination with other authentication modules for multi-factor authentication. A new verification code is automatically generated every 30 seconds. The official Google Authenticator app is available for Android, iOS and Blackberry (version 6 or lower) devices. Third-party apps are available for almost all other mobile operating systems. This feature works on both the desktop and mobile portals.

Back to top

Risk Based Authentication (RBA)

Some network environments might require additional security levels to authenticate users when they access specific high-risk SSL VPN resources. Barracuda SSL VPN provides risk-based authentication for Web Forwards, applications and SSL tunnels. Each launch of these resource types can be protected by PIN, password, or Google Authenticator. This feature works on both the desktop and mobile portals.

Back to top