Barracuda NextGen Firewall F

Protecting your Digital Assets in Microsoft Azure

Download PDF

Overview

Growth in cloud computing capabilities and services has driven more data into places where traditional IT security measures cannot reach; specifically, data centers not owned by your corporate IT group. The Barracuda NextGen Firewall F-Series provides centralized management and highly secure, encrypted traffic to, from, and within Microsoft Azure deployments.

The Barracuda Advantage

  • A true Cloud Generation Firewall: deployed how you need it, leverages all built-in Azure features, and license models ensure frictionless commerce
  • Simplicity of operation, bridging on-premises and cloud security in a single interface
  • Secure and reliable connectivity between on-premises and Azure deployments as well as between Azure deployments
  • Central management of all functionality for both, on-premises and Azure deployments
  • Unrivaled Quality of Service capabilities

Product Spotlight

  • Full user/group awareness
  • Full application visibility and granular access control
  • Advanced Threat Protection (incl. sandboxing)
  • Built-in web security and IDS/IPS
  • Full SD-WAN capabilities included
  • Application-based provider selection
  • Full support for Azure ExpressRoute
  • True license flexibility with Bring-Your-Own-License or Pay-as-You-Go (hourly- or volume-based)

Secure Connectivity

For an optimum Azure deployment, it is crucial to initiate the deployment in a highly secure and reliable way. Deploying a Barracuda NextGen Firewall F-Series in Microsoft Azure provides comprehensive, secure connectivity capabilities, starting with high-performance TINA VPN tunnels for site-to-site and client-to-site connections. Deployment includes robust WAN optimization features to maintain the highest quality of service possible.

Central Management

The Barracuda NextGen Firewall F-Series benefits from the same industry-leading central management as onpremises deployments. Easily manage the secure VPN connections to, from, and within Microsoft Azure and the Barracuda NextGen Firewall F deployment itself.

Integrated Next-Generation Security

The Barracuda NextGen Firewall F-Series is designed and built from the ground up to provide comprehensive, next-generation firewall capabilities. Based on application visibility, user-identity awareness, intrusion prevention, and centralized management, the F-Series is the ideal solution for today’s dynamic enterprises that are adding Microsoft Azure into their company network.

The Barracuda NextGen Firewall F-Series' dashboard provides real-time information and summaries of what is going on in an organization's network
"Barracuda provided the solution that enabled us to react to our fast-changing business and IT environments – the speed and flexibility of reaction, the simplicity of implementation, meant we could maintain and enhance this solution going forward very easily."

- Pascal Wenders, ICT Team Leader, Aevitae

Technical Specs

Technical Specs

Firewall

  • Stateful packet inspection and forwarding
  • Full user-identity awareness
  • IDS/IPS
  • Application control and granular application enforcement
  • Interception and decryption of SSL/TLS encrypted applications
  • Antivirus and web filtering in single pass mode
  • Email security
  • SafeSearch enforcement
  • Google Accounts Enforcement
  • Denial of Service protection (DoS/DDoS)
  • Spoofing and flooding protection
  • ARP spoofing and trashing protection
  • DNS reputation filtering
  • NAT (SNAT, DNAT), PAT
  • Dynamic rules / timer triggers
  • Single object-oriented rule set for routing, bridging, and routed bridging
  • Virtual rule test environment

Protocol Support

  • IPv4, IPv6
  • BGP/OSPF/RIP
  • VoIP (H.323, SIP, SCCP [skinny])
  • RPC protocols (ONC-RPC, DCE-RPC)
  • 802.1q VLAN

Intrusion Detection and Prevention

  • Protection against exploits, threats and vulnerabilities
  • Packet anomaly and fragmentation protection
  • Advanced anti-evasion and obfuscation techniques
  • Automatic signature updates

Advanced Threat Protection

  • Dynamic, on-demand analysis of malware programs (sandboxing)
  • Dynamic analysis of documents with embedded exploits (PDF, Office, etc.)
  • Detailed forensic analysis
  • Botnet and spyware protection
  • TypoSquatting and link protection for email

Central Management Options via Barracuda NextGen Control Center

  • Unlimited firewalls
  • Support for multi-tenancy
  • Multi-administrator support & RCS
  • Pool license management
  • Template & repository-based management
  • REST API

Traffic Intelligence & SD-WAN

  • Simultaneous use of multiple uplinks (transports) per VPN tunnel
  • FIPS 140-2 certified cryptography
  • Auto-VPN tunnel creation between remote spoke locations based on application type
  • Dynamic bandwidth detection
  • Performance-based transport selection
  • Application-aware traffic routing
  • Adaptive session balancing across multiple uplinks
  • Traffic Replication (forward error correction)
  • Application-based provider selection
  • Application-aware traffic routing (VPN, Azure ExpressRoute)
  • Traffic shaping and QoS
  • Built-in data deduplication

VPN

  • Drag & drop VPN tunnel configuration
  • VPNC certified (basic interoperability)
  • Network Access Contro
  • iOS and Android mobile device VPN support
  • Multi-factor authentication for SSL VPN and CudaLaunch

Infrastructure Services

  • DHCP server, relay
  • SIP, HTTP, SSH, FTP proxies
  • SNMP and IPFIX support
  • DNS Cache

Barracuda Energize Updates

  • Standard technical support
  • Firmware updates
  • IPS signature updates
  • Application control definition updates
  • Web filter updates

Models & Options

Models

Level 2

  • Capacity
  • Small Container Size
  • 1 Virtual Cores
  • BYOL, PAYG License Type

+ Show more - Show less

  • Features

  • Firewall incl.IPS
  • Application Control
  • IPS
  • VPN (Site-to-Site and Client-to-Site)
  • SSL Interception
  • SD-WAN
  • Advanced Threat Protection Optional
  • Premium Support Optional
  • Advanced Remote Access Optional

Level 4

  • Capacity
  • Medium Container Size
  • 2 Virtual Cores
  • BYOL, PAYG License Type

+ Show more - Show less

  • Features

  • Firewall incl.IPS
  • Application Control
  • IPS
  • VPN (Site-to-Site and Client-to-Site)
  • SSL Interception
  • SD-WAN
  • Advanced Threat Protection Optional
  • Premium Support Optional
  • Advanced Remote Access Optional

Level 6

  • Capacity
  • Large Container Size
  • 4 Virtual Cores
  • BYOL, PAYG License Type

+ Show more - Show less

  • Features

  • Firewall incl.IPS
  • Application Control
  • IPS
  • VPN (Site-to-Site and Client-to-Site)
  • SSL Interception
  • SD-WAN
  • Advanced Threat Protection Optional
  • Premium Support Optional
  • Advanced Remote Access Optional

Level 8

  • Capacity
  • Extra Large Container Size
  • 8 Virtual Cores
  • BYOL, PAYG License Type

+ Show more - Show less

  • Features

  • Firewall incl.IPS
  • Application Control
  • IPS
  • VPN (Site-to-Site and Client-to-Site)
  • SSL Interception
  • SD-WAN
  • Advanced Threat Protection Optional
  • Premium Support Optional
  • Advanced Remote Access Optional

Security Options

  • Advanced Threat Protection prevents from network breaches, identi es zero-day malware exploits, targeted attacks, advanced persistent threats and other advanced malware.
  • Malware Protection provides gateway- based protection against malware, viruses, spyware, and other unwanted programs inside SMTP/S, HTTP/S, and FTP traffic.
  • Advanced Remote Access subscription provides remote access via the CudaLaunch app for Windows, macOS, iOS, and Android devices