Spam, Malware, and Advanced Threat Protection
Advanced Threat Protection
Barracuda's Advanced Threat Protection (ATP) combines behavioral, heuristic, and sandboxing technologies to protect against zero-hour and targeted attacks. ATP automatically scans email attachments in real-time; suspicious attachments are detonated in a sandbox environment to observe behavior. In addition to blocking the attachments, results are integrated into the Barracuda Real-Time System, providing protection for all other customers.
Get more details about Barracuda Advanced Threat Protection.
The Barracuda combats, detects, and blocks phishing attempts by combining anti-fraud intelligence, behavioral and heuristic detection, protection against sender spoofing (i.e., spammers spoofing valid email addresses), and domain-name validation.
Get protection against social-engineering attacks with Barracuda Impersonation Protection
Barracuda leverages the cloud for dynamic, real-time threat analysis, attachment sandboxing, and URL protection, to prevent malware from affecting email users.
A popular method that attackers use to deliver malware relies on URLs that contain malicious code, which can be invisibly downloaded and can trigger a much larger attack. Link Protection automatically rewrites these URLs so that Barracuda can sandbox the request at click time to block malicious links. Rewritten URLs do not expire and function indefinitely.
More sophisticated attackers make clever modifications to URLs, so they look genuine but aren’t. The most common technique is omitting letters or using convincing “typos” that even users who check URLs before clicking often miss. Barracuda’s Link Protection includes typosquatting detection, which automatically identifies and redirects these URLs to our sandbox at click time to block malicious activity.
With a long-standing heritage in spam protection, Barracuda remains the leader in identifying and blocking spam. A comprehensive set of security layers ensures your organization remains productive in the face of evolving threats.
Barracuda identifies email from known spammers and determines whether domains embedded in email lead to known spam or malware domains. It leverages industry-leading techniques that protect against attempts to embed text inside images with the intent of hiding content from traditional spam filters.
Block email-borne viruses
As virus attacks become more sophisticated and complex, email infrastructure requires advanced virus protection. The potential for the destruction and release of information or the disruption of a network severely impacts productivity and can lead to financial loss.
Barracuda scans email and incoming files using three powerful layers of polymorphic virus scanning technologies. It also decompresses archives for complete protection. Powerful virus definitions are automatically updated to maintain the most up-to-date protection against email-borne viruses.
Denial of service (DoS) attack prevention
Not every attack is focused on planting a virus, getting users to send their credit card numbers, or to click on a malicious link. Often, the objective of the attack is focused on disabling a network or mitigating its effectiveness. As a cloud-based service, Barracuda Email Protection is positioned to stop spammers before they overload your email server.
Outbound email filtering
Outbound filtering prevents your organization from being put on spam block lists and prevents outbound attacks from originating inside your network. Employees can inadvertently cause internal systems to become a source for botnet spam. Using a subset of its defense layers, Barracuda’s outbound filtering stops outbound spam and viruses.
Email service continuity
Barracuda Email Continuity Service ensures that email operations continue by failing over to a cloud-based email service in the event primary email services become unavailable. During email server outages, an emergency mailbox allows users to continue sending, receiving, reading, and responding to email.
Barracuda Email Protection is integrated with the Barracuda Cloud Control web-based management portal, which leverages Barracuda’s global cloud infrastructure and provides a global view to centrally manage all of Barracuda’s solutions through a single interface. Barracuda Cloud Control also allows administrators to centrally manage policies and configuration. The simple interface makes it easy for your organization to implement and manage the service with minimal IT overhead.
Leverage Barracuda Central to stay ahead of the latest threats
Our email protection leverages Barracuda Central to identify email from known spammers and determine whether domains embedded in email lead to known spam or malware domains. It is continually updated with intelligence on the latest threats across all threat vectors. Barracuda Central is our 24x7 centralized threat intelligence gathering organization, where the latest threats across all vectors are analyzed and added to our extensive databases. Over 200,000 organizations worldwide provide intelligence to Barracuda Central, and our email security is updated on a continuous basis.
Prevent spear phishing
Barracuda can automatically detect and prevent spear-phishing attacks that evade traditional email security systems. Barracuda’s AI engine learns your organization's unique communication patterns and leverages these patterns to identify anomalies and quarantine spear-phishing attacks in real time.
Prevent BEC and CEO fraud
Barracuda automatically quarantines business email compromise attacks by detecting anomalies in the email header and the content of the email. The AI does not require any manual rules or user setup and can detect any type of BEC attack automatically from day one.
Detect employee impersonation
Barracuda can detect any type of employee impersonation, including impersonation of executives, as well as mid- and low-level employees. It can detect spoofed emails, typosquatted domains, and impersonation emails sent from free or personal email clients.
Stop zero-day phishing
By discovering anomalous communication patterns within the body of the email, the link, or the email header, Barracuda can stop zero-day phishing attacks that evade other email security systems. It can detect any type of zero-day phishing attack, including links leading to a fake sign-in page, as well as links to malicious websites.
Detect web impersonation
Barracuda has been trained to recognize and automatically quarantine phishing emails that impersonate web services, such as Microsoft Outlook, DocuSign, and Dropbox. Barracuda AI can prevent web impersonations, even when they use deceptive characters or zero-day links.
Stop inbound spoofing
Barracuda automatically stops attacks that impersonate employees by spoofing their email address. The AI engine recognizes the anomalies in spoofing emails and quarantines them.
AI determines employee risk
Barracuda AI can automatically predict which employees are likely to be targeted by spear-phishing attacks, based on their role and their day-to-day access to sensitive information.
Customers can report false positives and missed attacks to Barracuda, which are used to retrain the AI classifiers. This enables the AI to continuously improve its precision and adapt its detection capabilities.
The raw data from the AI detections can be exported to a CSV file.
Barracuda Impersonation Protection uses Office 365 APIs to connect directly to your environment. The APIs allow the AI to learn customer historical communication patterns and detect and quarantine emails in real time. It’s a cloud-based SaaS solution that requires no maintenance or installation.
You can set up Barracuda’s impersonation protection in 1 minute by simply signing up and connecting it to your Office 365 tenant. No need to change your MX records or install any software.
Works with any gateway
The API architecture allows impersonation protection to work with any existing gateway-based email security solution as a last layer of defense for targeted attacks.
The Barracuda AI engine can be applied to historical emails, using the Email Threat Scanner for Office 365. This allows customers to generate a free email-risk report to see which types of attacks aren’t being stopped by your existing systems, understand the value that can provide, and provide ROI for senior executives. The Email Threat Scanner for Office 365 takes one minute to set up and is completely free.
Account Takeover Protection
Detect suspicious logins
Detect suspicious logins by tracking IPs that exhibit suspicious behavior, such as failed sign-ins, and share intelligence across all users and accounts. Track each user’s access patterns and alert IT administrators when Barracuda observes unusual sign-in activity such as from an unusual device or geography. The AI tracks user-level patterns and organization-wide patterns.
Alerting for account takeover
By detecting anomalies in internal employee communications, Barracuda can automatically detect when employee accounts become compromised and send malicious emails to internal and external recipients. Administrators get alerted when an account has been compromised, and they can take immediate action.
Prevent account-takeover infiltration
Barracuda automatically quarantines phishing emails that allow attackers to steal employee credentials and can lead to account takeovers.
Detect compromised emails
Barracuda can automatically identify which malicious emails were sent from a compromised account and flag them for administrators.
Delete emails sent internally
Barracuda's account takeover remediation tool allows administrators to delete all phishing emails sent from compromised accounts from employee mailboxes.
Notify external recipients
Barracuda allows administrators to identify which external recipients received emails from compromised accounts and notify them of the attack.
Lock attackers out of accounts
Barracuda helps administrators lock out attackers from compromised accounts, preventing them from using the compromised account to launch phishing campaigns and forward emails externally.
Investigate inbox rules
Changes to a user’s email inbox rules can potentially indicate an account takeover. Barracuda lets IT administrators review and investigate recent changes to inbox rules. The Inbox Rules Change Feed provides visibility across the entire email environment and lets you investigate rules changes for a specific email or account.
Email Encryption and Data-loss Prevention
Email encryption and data-loss prevention
Your emails can travel through many different servers before they reach the intended mailbox. Barracuda secures your mail by encrypting it during transport to the Barracuda Message Center, encrypting it at rest for storage in the cloud, and providing secure retrieval by your recipients through HTTPS Web access. Data in motion is secured via Transport Layer Security (TLS) and data at rest is secured via AES 256-bit encryption.
If you are sending a sensitive email, you can manually mark it for encryption. However, you can also create a policy to automatically encrypt emails based on their sender, content and other criteria. Encryption policies ensure that your organization complies with regulations designed to protect customer data, such as HIPAA.
Outbound filtering keeps sensitive data from leaving your organization while simultaneously ensuring that legitimate emails are delivered. At the same time, outbound filtering blocks outbound spam and viruses, preventing your employees or other infected clients from inadvertently sending malicious email, as well as keeping your mail server IP addresses and domains from being listed on spam-block lists.
Employees can inadvertently allow their email to be used for botnet spam. The outbound filter stops outbound spam and the spread of viruses.
Administrators can also create and enforce content policies to prevent sensitive data from being sent by email, such as credit card numbers, Social Security numbers, HIPAA data, customer lists, and other private information. Policies can automatically encrypt, quarantine, or block certain outbound emails based on their content, sender, or recipient.
Prevent third-party domain spoofing
Barracuda’s domain fraud protection prevents third parties from maliciously spoofing domains. The solution leverages DMARC to gain visibility into legitimate and non-legitimate emails being sent with a particular domain and enables customers to make sure their legitimate emails are delivered correctly while blocking the malicious senders.
Automated DMARC reporting
DMARC reports are automatically gathered, analyzed, and visualized. Customers simply need to change their DNS record using the setup wizard provided. Barracuda takes care of the reporting and analysis of the DMARC logs.
DMARC aggregation and visualization
Customers can get high-level insights on the different email systems sending emails with their domains and gain access to in-depth information, including which IPs are passing and failing DMARC, domain misalignment, and spoofing samples.
DKIM/SPF configuration and troubleshooting
Barracuda helps customers correctly configure their DKIM and SPF, as well as troubleshoot common problems in SPF/DKIM configuration, such as domain misalignment.
Better email deliverability
Barracuda can help customers increase their legitimate email deliverability by ensuring that their emails pass email authentication.
Spoofed email reports
By leveraging Barracuda's IP reputation databases, we can provide detailed information on the source of spoofing emails, including geographic and sender information, as well as samples of spoofing emails.
Detect misconfigured legitimate senders
Barracuda can automatically detect misconfigured legitimate senders and helps customers correctly configure their SPF and DKIM to ensure that legitimate emails are delivered.
Protects customer brands
Barracuda protects customer brands by ensuring that attackers can’t impersonate domains to trick clients, employees, and third parties.
All DMARC reports can be exported into CSV files.
Web content filtering
Barracuda provides flexible controls for pinpoint regulation of online activity. Administrators can create policies that control user access to commonly visited websites using 150+ content categories, including pornography, violence, hacking, sports, news, dating, shopping, chat, and more. Content-filtering policies can be customized to restrict specific websites or URL paths.
Web filtering logs
Web Filtering Logs show activities related to the filtering policies you have configured. Search includes by user, action, domain, categories, and location.
Interactive reports with multiple layers of drill-down capability can be generated on users’ web browsing activity, time spent online, and by domains and content categories.
Administrators can enable automatic email alerts when there is attempted communication from your network to a known host of ransomware, bots, and other malware.
Report suspicious messages
Users can report phishing and other suspicious emails to their IT administrators directly from the Outlook Essentials Message Actions add-in. This provides end users with a simpler way to report suspicious emails to their IT department. Reported messages will appear in the Incident Response dashboard for IT to review, investigate, and take corrective action.
Incident Response can help you locate potential threats looming in your Office 365 account. Potential incidents comprise two categories:
- Related threats — Threats based on an incident you already created.
- Post-delivery threats — Based on Barracuda’s (community) intelligence on currently circulating threats that might already be present in your inbox.
Real-time reporting and forensics
Incident Response gives you access to Insights to glean more information about email-use patterns. This intelligence can be used to identify anomalies in delivered mail and to uncover instances of phishing attacks that might otherwise go undetected.
Identify users who interacted with suspicious email
Identity all users who received malicious emails and clicked on links, replied to, or forwarded these messages. Automatically send them email notifications with instructions to change their passwords and other necessary remediation actions.
Remove email from users' inboxes
Use Incident Response to identify users that received malicious email and permanently remove malicious emails directly from user inboxes. This action can be taken by an IT administrator without the need to involve end users.
Send alerts to users
Use Incident Response to identify users that received malicious email and automatically send alerts notifying them of an incident. These emails can be sent in bulk to all affected users.
You can enable Incident Response to automatically remediate email messages that contain malicious URLs or attachments. All user-reported messages are automatically scanned for malicious content. When a threat is detected, all matching emails are moved from users’ mailboxes into their junk folders. Security teams will get an alert notifying them of an incident.
Email attacks come in waves. When you activate Continuous Remediation, Incident Response will continue to delete any copies of the email that appear in inboxes for 72 hours after the initial remediation has completed.
Automated Response Playbooks
Build custom playbooks to completely automate your incident response process. Admins at any technical level can create a workflow and add complexity by defining a trigger, determining conditions, and assigning the desired actions through a simple user interface.
Incident Response RESTful API (beta) provides remote administration and configuration of Barracuda Incident Response.
Syslog Integration enables you to export your event data to a syslog server or a security information and events management (SIEM) system. With Syslog Integration, you can store your information and use it for tracking, analysis, and troubleshooting.
Security Awareness Training
Hundreds of email lure templates, landing pages, and domains
New content is added, every day creating endless combinations of email templates, landing pages, email account senders, and web server domains. As the threat landscape changes so will our tests, giving you access to the most up-to-date content.
Content Center Marketplace
All content can be found in the Content Center Marketplace, a one-stop shop for browsing, selecting, and importing the perfect content to craft your continually evolving campaigns.
Add that special touch by customizing any of the templates, so your simulated attacks come from people in positions of trust, effectively testing your workforce and teaching them to be wary of threats that only your organization may have seen.
Patented multi-variable attack simulations
In today’s threat landscape, you can be phished from more than just email. Train your team on every facet of threat with Barracuda’s multi-variable campaigns that include Smishing (SMS/Text), Vishing (Voicemail) and Found Physical Media. This unique capability will help prevent users from receiving the same mock phishing template in a campaign and can allow for hypothesis-based testing (A/B tests).
Protect your user base by training them to recognize unfamiliar outgoing texts with our industry-leading smishing simulation. The innovative incoming mode allows you to email requests to text custom phone numbers as the call-to-action for otherwise innocuous emails, catching what would be a normally unknown vector before it can be used against your workforce.
Employees get many phone calls each day. Which one of those will cost the company? With Barracuda’s anti-voicemail phishing, or ‘vishing,’ we provide fully customizable simulated threats that will complement any security awareness campaign.
Found physical media (USB/SD Card)
Using the same Smart Attachment technology found in our email campaigns, you can distribute files on portable drives and cards with watermarks in a variety of file formats to track who is willing to plug it into your network. The files won’t cause security problems even if non-employees find them as the content redirects users to landing pages designed to educate on the perils found in anonymous portable media.
Advanced threat simulation features
Crafting effective scenarios is paramount when developing an effective anti-spear-phishing campaign, especially in long-term approaches where users would start seeing repetitive emails. Prevent that by using Barracuda’s advanced threat simulation features, including time stamping to create a sense of urgency, prompting users to respond before they can think it through, phone home macros, DLP tagging, geolocation, and more. Our patented system allows for multiple combinations of email templates, landing pages, email account senders, and web server domains in a single campaign.
Phish Reporting Button
Enable easy tracking of user phishing attempts with the Phish Reporting Button, simplifying the task of reporting possible threats while tying in user reporting to your training regimen.
Robust user attributes
Why stop at username and email address, when you can test based on location, job function, tenure, privileged credentials, and access to sensitive networks and applications? Barracuda gives you granular control of your reports, such as that your mid-level marketing managers in Kansas are more likely to click a link in an email on Tuesday, as well as testing and education, so your workforce isn’t inundated with emails they shouldn’t get.
Extensive reporting and metrics
More than 16,000 data points are at your disposal with Barracuda’s advanced metrics and reporting. Identify levels of risk at macro and micro levels in your organization, to help expedite remediation while keeping your workforce at maximum efficiency by targeting training to only those who need testing at that moment.
Data loss prevention (DLP)
Worried about data leaking from your organization? With Barracuda’s built-in Data Loss Prevention Activator, you can track where those campaign emails and portable media drops go and who accesses it, to know who might leak your company data as well.
Is your workforce leaning hard on whether there’s an encryption symbol next to the URL when they click links in their emails? With HTTPS and SSL landing pages you can collect information from your users without the possibility of people snooping that information and using it against you, while convincing your users that they are safe.
Engage your users and make the cat-and-mouse aspect of security awareness fun by turning the workflow into a game with leaderboards and user-leveling systems. This will help train users to spot and report threats while keeping the idea of spear phishing at the forefront of their mind.
Should a CEO or accounts payable team get the same test as your engineer, nurse, or teacher? With Barracuda, you can issue risk-based surveys that provide unique insights into your user-level security posture. By being better informed about your user-level risk and validating it throughout the year, you will maintain a security plan that mirrors your organizational objectives.
Bonus security awareness training materials
To support your computer-based training initiatives, Barracuda provides supplementary materials, such as two-minute best practice videos covering topics like malware awareness and password security. In addition, there is an array of bonus training materials, including posters, newsletters, infographics, and tip sheets. Barracuda has partnered with several reputable content vendors to augment our built-in content.
Cloud-to-Cloud Backup and Recovery for Office 365
Hosting production data in the cloud does not mitigate the need for backup and recovery. Emails and important documents are susceptible to corruption and risk being unrecoverable due to malicious attacks or accidental deletion. Barracuda Email Protection includes Barracuda Cloud-to-Cloud Backup, which protects Exchange Online, SharePoint Online, OneDrive for Business, and Teams data, by backing it up directly to the cloud.
Barracuda Cloud-to-Cloud Backup offers unlimited storage and retention for your Office 365 email, SharePoint, and OneDrive data, including folder structure, attachments, calendars, contacts, schedules, and tasks. Recover individual files and email accounts with point-in-time accuracy, to the same account/location or to a different account/location.
Granular retention policies
Barracuda provides a cloud-based archive of all email communication, to ensure that you meet demanding business and legal requirements. It follows the accepted “best practice” approach for compliance by archiving an original copy of every email in a separate, immutable store for long-term retention and preservation.
Compliance and e-discovery capabilities provided within Office 365 may be adequate for some organizations, but the “in-place” approach Microsoft takes for long-term email retention and preservation means these capabilities have inherent limitations. They can be complex and expensive to operate and are unlikely to meet the needs of organizations with more demanding compliance and discovery requirements.
Barracuda offers a cloud-based, indexed archive separate from Office 365 that allows for granular retention policies, extensive search, auditing, permissions, legal hold, and export of emails that may be required in e-discovery. Litigation holds preserve email from being tampered with until the litigation hold expires or is removed.
Powerful search and e-discovery
The Barracuda Cloud Archiving Service offers easy-to-use search capabilities, ranging from the most basic search by a user for a misplaced email to advanced Boolean search strategies for an auditor during an e-discovery request.
Migrate legacy email faster
Office 365 makes email management simpler than on-premises solutions, but you have to get your legacy emails to enjoy the benefits of cloud-based email access. For most organizations, this means a cumbersome process that involves locating countless emails in disparate PST files and migrating them to the cloud.
Barracuda PST Enterprise is available as an add-on option to automate this process. PST Enterprise will automatically discover PST files on network servers and end-user systems and migrate this data to an archive or to Office 365. This gives IT administrators control over email data scattered across their organization. With all your emails migrated to a single database, you minimize the risk of losing important emails and reduce the ongoing costs and support IT requirements for compliance and e-discovery.
Get more information about Barracuda PST Enterprise
Scans OneDrive and SharePoint
Scans OneDrive and SharePoint for sensitive information and malicious files. Identify suspicious and malicious files, such as viruses and other types of malware. Find sensitive information, such as credentials, personal data, and financial data, where it exists, and whether it is shared inside or outside the organization.
Define policies and classifiers
Allows customers to define their own data classifiers to identify specific information types, such as employee or student IDs, project codenames, or other proprietary information. Enforces user-defined, role-based access control. Advanced encryption capabilities protect document previews from unauthorized access.
Supports all common file types
Supports all common file types, including Office 365 documents, PDFs, ZIP files, and common image formats. Identifies sensitive information from photos, screen shots, documents scans, etc., thanks to advanced optical character recognition (OCR) capabilities.
Reporting and notifications
Supports automated email notifications for admins and compliance officers when sensitive information is identified. Builds security awareness by notifying users when they store sensitive information in OneDrive or SharePoint. Helps you identify the type of sensitive data immediately. Prevents further proliferation of found data by creating redacted previews.
Easy setup and configuration
Full Software-as-a-Service solution — no hardware or software to manage. Takes only minutes to configure and start scanning and adds users automatically. Simple, user-based licensing.