Barracuda CloudGen Firewall For GCP

Protecting your Digital Assets in Google Cloud Platform

Download PDF

Overview

Growth in cloud computing capabilities and services has driven more data into places where traditional IT security measures cannot reach; specifically, data centers not owned by your corporate IT group. Barracuda CloudGen Firewall provides centralized management and highly secure, encrypted traffic to, from, and within Google Cloud Platform (GCP) deployments.

The Barracuda Advantage

  • A true Cloud Generation Firewall: deployed how you need it, leverages all built-in GCP features, and license models ensure frictionless commerce
  • Simplicity of operation, bridging on-premises and cloud security in a single interface
  • Secure and reliable connectivity between on-premises and GCP deployments as well as between GCP deployments
  • Central management of all functionality for both, on-premises and GCP deployments
  • Unrivaled Quality of Service capabilities

Product Spotlight

  • Full user/group awareness
  • Full application visibility and granular access control
  • Advanced Threat Protection (incl. sandboxing)
  • Built-in web security and IDS/IPS
  • Full SD-WAN capabilities included
  • Application-based provider selection
  • True license flexibility with Bring-Your-Own-License or Pay-as-You-Go (time-based)
  • Secure Connectivity

    For an optimum GCP deployment, it is crucial to initiate the deployment in a highly secure and reliable way. Deploying a Barracuda CloudGen Firewall in GCP provides comprehensive, secure connectivity capabilities, starting with high-performance TINA VPN tunnels for site-to-site and client-to-site connections. Deployment includes robust WAN optimization features to maintain the highest quality of service possible.

    Central Management

    Barracuda CloudGen Firewall benefits from the same industry-leading central management as on-premises deployments. Easily manage the secure VPN connections to, from, and within GCP and the Barracuda CloudGen Firewall deployment itself.

    Integrated Next-Generation Security

    Barracuda CloudGen Firewall is designed and built from the ground up to provide comprehensive, next-generation firewall capabilities. Based on application visibility, user-identity awareness, intrusion prevention, and centralized management, the Barracuda CloudGen Firewall is the ideal solution for today’s dynamic enterprises that are adding GCP into their company network.

    Barracuda CloudGen Firewall's dashboard provides real-time information and summaries of what is going on in an organization's network
    "Google Cloud Platform and Barracuda CloudGen Firewall are helping us accomplish our primary mission of helping people become financially stable to improve their lives."

    - Kishore Venkat, IT Solutions Lead, Opportunity Fund

    Technical Specs

    Technical Specs

    Firewall

    • Stateful packet inspection and forwarding
    • Full user-identity awareness
    • IDS/IPS
    • Application control and granular application enforcement
    • Interception and decryption of SSL/TLS encrypted applications
    • Antivirus and web filtering in single pass mode
    • Email security
    • SafeSearch enforcement
    • Google Accounts Enforcement
    • Denial of Service protection (DoS/DDoS)
    • Spoofing and flooding protection
    • ARP spoofing and trashing protection
    • DNS reputation filtering
    • NAT (SNAT, DNAT), PAT
    • Dynamic rules / timer triggers
    • Single object-oriented rule set for routing, bridging, and routed bridging
    • Virtual rule test environment
    • REST API

    Protocol Support

    • IPv4, IPv6
    • BGP/OSPF/RIP
    • VoIP (H.323, SIP, SCCP [skinny])
    • RPC protocols (ONC-RPC, DCE-RPC)
    • 802.1q VLAN

    Intrusion Detection and Prevention

    • Protection against exploits, threats and vulnerabilities
    • Packet anomaly and fragmentation protection
    • Advanced anti-evasion and obfuscation techniques
    • Automatic signature updates

    Advanced Threat Protection

    • Dynamic, on-demand analysis of malware programs (sandboxing)
    • Dynamic analysis of documents with embedded exploits (PDF, Office, etc.)
    • Detailed forensic analysis
    • Botnet and spyware protection
    • TypoSquatting and link protection for email

    Central Management Options via Barracuda Firewall Control Center

    • Administration for unlimited number of firewalls
    • Support for multi-tenancy
    • Multi-administrator support & RCS
    • Enterprise/MSP licensing
    • Template & repository-based management

    Traffic Intelligence & SD-WAN

    • Simultaneous use of multiple uplinks (transports) per VPN tunnel
    • FIPS 140-2 certified cryptography
    • Auto-VPN tunnel creation between remote spoke locations based on application type
    • Dynamic bandwidth detection
    • Performance-based transport selection
    • Application-aware traffic routing
    • Adaptive session balancing across multiple uplinks
    • Traffic Replication (forward error correction)
    • Application-based provider selection
    • Application-aware traffic routing (VPN)
    • Traffic shaping and QoS
    • Built-in data deduplication

    VPN

    • Drag & drop VPN tunnel configuration
    • VPNC certified (basic interoperability)
    • Network Access Contro
    • iOS and Android mobile device VPN support
    • Multi-factor authentication for SSL VPN and CudaLaunch

    Infrastructure Services

    • DHCP server, relay
    • SIP, HTTP, SSH, FTP proxies
    • SNMP and IPFIX support
    • DNS Cache
    • Wi-Fi (802.11n) on selected models

    Barracuda Energize Updates

    • Standard technical support
    • Firmware updates
    • IPS signature updates
    • Application control definition updates
    • Web filter updates

    Models & Options

    Models

    Level 1

    • Capacity
    • 1 Virtual Cores
    • 2 Max Number of Interfaces
    • 10 Number of protected IP addresses
    • BYOL (time-based) Consumption model

    + Show more - Show less

    • Features

    • Firewall incl.IPS
    • Application Control
    • IPS
    • VPN (Site-to-Site and Client-to-Site)
    • SSL Interception
    • SD-WAN
    • Network Access Control for VPN client-to-site connections
    • Advanced Remote Access
    • Advanced Threat Protection -
    • Premium Support -

    Level 2

    • Capacity
    • 1 Virtual Cores
    • 2 Max Number of Interfaces
    • Number of protected IP addresses
    • BYOL Consumption model

    + Show more - Show less

    • Features

    • Firewall incl.IPS
    • Application Control
    • IPS
    • VPN (Site-to-Site and Client-to-Site)
    • SSL Interception
    • SD-WAN
    • Network Access Control for VPN client-to-site connections
    • Advanced Remote Access Optional
    • Advanced Threat Protection Optional
    • Premium Support Optional

    Level 4

    • Capacity
    • 2 Virtual Cores
    • 2 Max Number of Interfaces
    • Number of protected IP addresses
    • BYOL Consumption model

    + Show more - Show less

    • Features

    • Firewall incl.IPS
    • Application Control
    • IPS
    • VPN (Site-to-Site and Client-to-Site)
    • SSL Interception
    • SD-WAN
    • Network Access Control for VPN client-to-site connections
    • Advanced Remote Access Optional
    • Advanced Threat Protection Optional
    • Premium Support Optional

    Level 6

    • Capacity
    • 4 Virtual Cores
    • 4 Max Number of Interfaces
    • Number of protected IP addresses
    • BYOL Consumption model

    + Show more - Show less

    • Features

    • Firewall incl.IPS
    • Application Control
    • IPS
    • VPN (Site-to-Site and Client-to-Site)
    • SSL Interception
    • SD-WAN
    • Network Access Control for VPN client-to-site connections
    • Advanced Remote Access Optional
    • Advanced Threat Protection Optional
    • Premium Support Optional

    Level 8

    • Capacity
    • 8 Virtual Cores
    • 4 Max Number of Interfaces
    • Number of protected IP addresses
    • BYOL Consumption model

    + Show more - Show less

    • Features

    • Firewall incl.IPS
    • Application Control
    • IPS
    • VPN (Site-to-Site and Client-to-Site)
    • SSL Interception
    • SD-WAN
    • Network Access Control for VPN client-to-site connections
    • Advanced Remote Access Optional
    • Advanced Threat Protection Optional
    • Premium Support Optional

    PAYG

    • Capacity
    • n/a Virtual Cores
    • n/a Max Number of Interfaces
    • unlimited Number of protected IP addresses
    • PAYG (time-based) Consumption model

    + Show more - Show less

    • Features

    • Firewall incl.IPS
    • Application Control
    • IPS
    • VPN (Site-to-Site and Client-to-Site)
    • SSL Interception
    • SD-WAN
    • Network Access Control for VPN client-to-site connections
    • Advanced Remote Access Optional
    • Advanced Threat Protection Optional
    • Premium Support Optional

    Security Options

    • Advanced Threat Protection prevents from network breaches, identifies zero-day malware exploits, targeted attacks, advanced persistent threats and other advanced malware.
    • Malware Protection provides gateway-based protection against malware, viruses, spyware, and other unwanted programs inside SMTP/S, HTTP/S, and FTP traffic.
    • Advanced Remote Access provides a customizable and easy-to-use portal-based SSL VPN as well as sophisticated Network Access Control (NAC) functionality and CudaLaunch support.