Barracuda NextGen Firewall X

Cloud-Connected, Easy-to-Use Next-Generation Firewall

Download PDF

Overview

Next-generation visibility and control for today’s modern networks— the Barracuda NextGen Firewall X-Series provide full application control, user awareness, and content security that’s so easy to use, it’s even manageable from the cloud.

The Barracuda Advantage

  • Easy-to-use, web-based administration
  • Affordable, all-inclusive pricing
  • Unlimited users and protected IPs per firewall
  • Unlimited remote connectivity VPN clients included
  • Cloud-based centralized management
  • Flexible web filtering options (on-box, cloud, Barracuda Web Filter integration)

Product Spotlight

  • Granular control over thousands of applications
  • Full user-awareness
  • Stateful firewall and IPS network perimeter protection
  • Advanced Threat Protection (incl. sandboxing)
  • Optimized Internet connectivity via multiple providers
  • True application-based provider selection
  • Application control and content security inspection on encrypted web traffic

Full Next-Generation Security

The Barracuda NextGen Firewall X-Series uses application visibility and user-identity awareness to enable enforcement of granular access policies. Define policies based on any combination of application, user or group ID, time, and other criteria. Policies can even respond to specific application behaviors or features - for example, allowing all employees to use Skype voice, but allowing only executives to use Skype video, except after business hours.

Content Security

With the Barracuda NextGen Firewall X-Series, the content security functionality is not simply bolted on top of the network stack, it’s deeply integrated into the firewall engine. As an option, antivirus and web filtering may even be offloaded to the Barracuda Web Security Service cloud, freeing further CPU cycles for network scalability. With the optionally available Advanced Threat Protection the X-Series also offers protection against advanced malware and zero day exploits that routinely bypass traditional signature-based IPS and antivirus engines.

Affordable and Easy to Use

The Barracuda NextGen Firewall X-Series is the first next-generation firewall to combine application control, user awareness, network firewall, and content security with the elasticity of the cloud. Unmatched ease of use means there’s no need for additional IT staff or special training, and with the Barracuda NextGen Firewall X affordable, all-inclusive pricing, you can rest assured that there won’t be any surprise costs down the road.

"Typically, performance decreases as features are enabled. But the Barracuda NextGen Firewall X-Series has provided me with all of the features I need, while improving overall network performance."

- Chris Wade, Network Administrator, Township of West Windsor

Technical Specs

Technical Specs

Firewall

  • Stateful packet forwarding
  • Full user-identity awareness
  • Intrusion Prevention (IPS)
  • Application Control and enforcement (incl. subtypes)
  • SafeSearch Enforcement
  • Google Accounts Enforcement
  • DoS/DDoS denial of service protection
  • Transparent DNAT forward
  • NAT, PAT
  • Object-oriented rulesets
  • Dynamic rules/timer triggers
  • User/group-based firewall rules
  • High Availability
  • ARP security
  • Bridging
  • Jumbo frame support

User Identity Awareness

  • Terminal Server Agent
  • Domain Controller Agent
  • Full user and group membership awareness
  • Authentication via captive portal
  • Authentication – supports NTLM, RADIUS, LDAP/LDAPS, Active Directory, local authentication
  • Authentication browser for AD and LDAP servers

Infrastructure Services

  • DHCP server
  • HTTP proxy
  • SIP proxy
  • DNS cache
  • Authoritative DNS
  • SNMP support

Traffic Optimization

  • Uplink monitoring and aggregation
  • Policy routing
  • Application-based provider selection
  • Traffic shaping and Quality of Service
  • 7 predefined shaping bands
  • Health checks for static links / routes via ICMP

VPN

  • Unlimited Site-to-Site VPN licensing
  • Unlimited Client-to-Site VPN licensing
  • Unlimited SSL VPN
  • VPNC certified (basic interoperability)
  • Supports IPsec, PPTP
  • Supports AES-128/256, 3DES, DES, null ciphers
  • VPN clients available for Windows, Mac, Linux
  • iOS and Android mobile device VPN support

Wi-Fi (on selected models)

  • Wi-Fi (802.11n) access point
  • Up to three independent wireless networks
  • Click-through Wi-Fi portal web page for guest access

Advanced Threat Protection

  • Dynamic, on-demand analysis of malware programs (sandboxing)
  • Dynamic analysis of documents with embedded exploits (PDF, Office, etc.)
  • Detailed forensics for both, malware binaries and web threats (exploits)
  • Support for multiple operating systems (Windows, Android, etc.)
  • Flexible malware analysis in the cloud

Models & Options

Models

X50

  • 800 Mbps Firewall Throughput 1
  • 50 Mbps VPN Throughput 2
  • 100 Mbps IPS Throughput 3
  • 8,000 Concurrent Sessions
  • 2,000 New Sessions per Second
  • 50 AppDetect Users
  • 25 AppDetect and IPS Users
  • 15 AppDetect, IPS and Web Security Users

+ Show more - Show less

  • Hardware

  • Form Factor Desktop, Fanless
  • Copper Ethernet NICs 4 x 1 GbE Copper
  • Dimensions (WxDxH; in) 10.8 x 6.4 x 1.8
  • Weight (lbs) 2.9
  • Power Supply Single, External
  • Integrated Wi-Fi Access Point X51
  • 3G USB Modem Optional
  • Features

  • Firewall incl.IPS
  • Application Control
  • Intrusion Protection
  • IPsec VPN (Client-to-Site)
  • IPsec VPN (Site-to-Site)
  • DHCP Server
  • DHCP Cache
  • SIP Proxy
  • Automatic Uplink Failover
  • Uplink Balancing
  • Traffic Shaping
  • Centrally Manageable via Barracuda Cloud Control
  • High Availability
  • SSL Inspection
  • SSL VPN - CudaLaunch Optional
  • Web Security (URL; AV) Optional
  • Advanced Threat Protection Optional

X51

  • 800 Mbps Firewall Throughput 1
  • 50 Mbps VPN Throughput 2
  • 100 Mbps IPS Throughput 3
  • 8,000 Concurrent Sessions
  • 2,000 New Sessions per Second
  • 100 AppDetect Users
  • 25 AppDetect and IPS Users
  • 15 AppDetect, IPS and Web Security Users

+ Show more - Show less

  • Hardware

  • Form Factor Desktop, Fanless
  • Copper Ethernet NICs 4 x 1 Gbe Copper
  • Dimensions (WxDxH; in) 10.8 x 6.4 x 1.7
  • Weight (lbs) 2.9
  • Power Supply Single, External
  • Integrated Wi-Fi Access Point
  • 3G USB Modem Optional
  • Features

  • Firewall incl.IPS
  • Application Control
  • Intrusion Protection
  • IPsec VPN (Client-to-Site)
  • IPsec VPN (Site-to-Site)
  • DHCP Server
  • DHCP Cache
  • SIP Proxy
  • Automatic Uplink Failover
  • Uplink Balancing
  • Traffic Shaping
  • Centrally Manageable via Barracuda Cloud Control
  • High Availability
  • SSL Inspection
  • SSL VPN - CudaLaunch Optional
  • Web Security (URL; AV) Optional
  • Advanced Threat Protection Optional

X100

  • 1,000 Mbps Firewall Throughput 1
  • 100 Mbps VPN Throughput 2
  • 300 Mbps IPS Throughput 3
  • 8,000 Concurrent Sessions
  • 2,000 New Sessions per Second
  • 100 AppDetect Users
  • 50 AppDetect and IPS Users
  • 25 AppDetect, IPS and Web Security Users

+ Show more - Show less

  • Hardware

  • Form Factor Compact
  • Copper Ethernet NICs 4 x 1 Gbe Copper
  • Dimensions (WxDxH; in) 10.8 x 6.4 x 1.7
  • Weight (lbs) 3.1
  • Power Supply Single, External
  • Integrated Wi-Fi Access Point X101
  • 3G USB Modem Optional
  • Features

  • Firewall incl.IPS
  • Application Control
  • Intrusion Protection
  • IPsec VPN (Client-to-Site)
  • IPsec VPN (Site-to-Site)
  • DHCP Server
  • DHCP Cache
  • SIP Proxy
  • Automatic Uplink Failover
  • Uplink Balancing
  • Traffic Shaping
  • Centrally Manageable via Barracuda Cloud Control
  • High Availability
  • SSL Inspection
  • SSL VPN - CudaLaunch Optional
  • Web Security (URL; AV) Optional
  • Advanced Threat Protection Optional

X101

  • 1000 Mbps Firewall Throughput 1
  • 100 Mbps VPN Throughput 2
  • 300 Mbps IPS Throughput 3
  • 8,000 Concurrent Sessions
  • 2,000 New Sessions per Second
  • 100 AppDetect Users
  • 25 AppDetect and IPS Users
  • 15 AppDetect, IPS and Web Security Users

+ Show more - Show less

  • Hardware

  • Form Factor Compact
  • Copper Ethernet NICs 4 x 1 Gbe Copper
  • Dimensions (WxDxH; in) 10.8 x 6.4 x 1.7
  • Weight (lbs) 3.1
  • Power Supply Single, External
  • Integrated Wi-Fi Access Point
  • 3G USB Modem Optional
  • Features

  • Firewall incl.IPS
  • Application Control
  • Intrusion Protection
  • IPsec VPN (Client-to-Site)
  • IPsec VPN (Site-to-Site)
  • DHCP Server
  • DHCP Cache
  • SIP Proxy
  • Automatic Uplink Failover
  • Uplink Balancing
  • Traffic Shaping
  • Centrally Manageable via Barracuda Cloud Control
  • High Availability
  • SSL Inspection
  • SSL VPN - CudaLaunch Optional
  • Web Security (URL; AV) Optional
  • Advanced Threat Protection Optional

X200

  • 1,900 Mbps Firewall Throughput 1
  • 200 Mbps VPN Throughput 2
  • 400 Mbps IPS Throughput 3
  • 60,000 Concurrent Sessions
  • 8,000 New Sessions per Second
  • 200 AppDetect Users
  • 100 AppDetect and IPS Users
  • 50 AppDetect, IPS and Web Security Users

+ Show more - Show less

  • Hardware

  • Form Factor Compact
  • Copper Ethernet NICs 4 x 1 Gbe Copper
  • Dimensions (WxDxH; in) 10.8 x 6.4 x 1.7
  • Weight (lbs) 3.1
  • Power Supply Single, External
  • Integrated Wi-Fi Access Point X201
  • 3G USB Modem Optional
  • Features

  • Firewall incl.IPS
  • Application Control
  • Intrusion Protection
  • IPsec VPN (Client-to-Site)
  • IPsec VPN (Site-to-Site)
  • DHCP Server
  • DHCP Cache
  • SIP Proxy
  • Automatic Uplink Failover
  • Uplink Balancing
  • Traffic Shaping
  • Centrally Manageable via Barracuda Cloud Control
  • High Availability
  • SSL Inspection
  • SSL VPN - CudaLaunch Optional
  • Web Security (URL; AV) Optional
  • Advanced Threat Protection Optional

X300

  • 2,100 Mbps Firewall Throughput 1
  • 300 Mbps VPN Throughput 2
  • 650 Mbps IPS Throughput 3
  • 120,000 Concurrent Sessions
  • 12,000 New Sessions per Second
  • 300 AppDetect Users
  • 150 AppDetect and IPS Users
  • 100 AppDetect, IPS and Web Security Users

+ Show more - Show less

  • Hardware

  • Form Factor Compact
  • Copper Ethernet NICs 6 x 1 Gbe Copper
  • Dimensions (WxDxH; in) 14.9 x 6.4 x 1.7
  • Weight (lbs) 4.9
  • Power Supply Single, External
  • Integrated Wi-Fi Access Point
  • 3G USB Modem Optional
  • Features

  • Firewall incl.IPS
  • Application Control
  • Intrusion Protection
  • IPsec VPN (Client-to-Site)
  • IPsec VPN (Site-to-Site)
  • DHCP Server
  • DHCP Cache
  • SIP Proxy
  • Automatic Uplink Failover
  • Uplink Balancing
  • Traffic Shaping
  • Centrally Manageable via Barracuda Cloud Control
  • High Availability
  • SSL Inspection
  • SSL VPN - CudaLaunch Optional
  • Web Security (URL; AV) Optional
  • Advanced Threat Protection Optional

X400

  • 4,000 Mbps Firewall Throughput 1
  • 600 Mbps VPN Throughput 2
  • 1,100 Mbps IPS Throughput 3
  • 300,000 Concurrent Sessions
  • 15,000 New Sessions per Second
  • 500 AppDetect Users
  • 250 AppDetect and IPS Users
  • 200 AppDetect, IPS and Web Security Users

+ Show more - Show less

  • Hardware

  • Form Factor 1U Rack Mount
  • Copper Ethernet NICs 8 x Gbe Copper
  • Dimensions (WxDxH; in) 16.8 x 15.9 x 1.7
  • Weight (lbs) 11.3
  • Power Supply Single, Internal
  • Integrated Wi-Fi Access Point
  • 3G USB Modem Optional
  • Features

  • Firewall incl.IPS
  • Application Control
  • Intrusion Protection
  • IPsec VPN (Client-to-Site)
  • IPsec VPN (Site-to-Site)
  • DHCP Server
  • DHCP Cache
  • SIP Proxy
  • Automatic Uplink Failover
  • Uplink Balancing
  • Traffic Shaping
  • Centrally Manageable via Barracuda Cloud Control
  • High Availability
  • SSL Inspection
  • SSL VPN - CudaLaunch Optional
  • Web Security (URL; AV) Optional
  • Advanced Threat Protection Optional

X600

  • 6,000 Mbps Firewall Throughput 1
  • 800 Mbps VPN Throughput 2
  • 2,500 Mbps IPS Throughput 3
  • 500,000 Concurrent Sessions
  • 20,000 New Sessions per Second
  • 1,000 AppDetect Users
  • 500 AppDetect and IPS Users
  • 400 AppDetect, IPS and Web Security Users

+ Show more - Show less

  • Hardware

  • Form Factor 1U Rack Mount
  • Copper Ethernet NICs 8 x Gbe Copper
  • Dimensions (WxDxH; in) 16.8 x 15.9 x 1.7
  • Weight (lbs) 11.3
  • Power Supply Single, Internal
  • Integrated Wi-Fi Access Point
  • 3G USB Modem Optional
  • Features

  • Firewall incl.IPS
  • Application Control
  • Intrusion Protection
  • IPsec VPN (Client-to-Site)
  • IPsec VPN (Site-to-Site)
  • DHCP Server
  • DHCP Cache
  • SIP Proxy
  • Automatic Uplink Failover
  • Uplink Balancing
  • Traffic Shaping
  • Centrally Manageable via Barracuda Cloud Control
  • High Availability
  • SSL Inspection
  • SSL VPN - CudaLaunch Optional
  • Web Security (URL; AV) Optional
  • Advanced Threat Protection Optional
1. Measured with UDP; large packets
2. Measured with AES; MD5
3. SSL Interception including IPS requires an active Barracuda Energize Updates subscription
4. SSL Interception including virus protection requires an active Web Security subscription
Specifications subject to change without notice.

Support Options

Barracuda Energize Updates

  • Firmware updates
  • IPS signature updates
  • Application control updates
  • Standard technical support

Instant Replacement Service

  • Replacement unit shipped next business day
  • 24/7 technical support
  • Hardware refresh every four years

Security Options

  • “Web Security” provides categorybased web filtering (both online or on-box) and virus protection (online or on-box)
  • “Advanced Threat Protection” provides file-type-based protection against advanced malware and cloud-based sandboxing
  • “Advanced Remote Access” provides unlimited remote access via the CudaLaunch app available for Windows, macOS, iOS, and Android devices