Barracuda Web Application Firewall Reviews

We used Barracuda Web Application Firewall to protect the banking system. There were cyber drills where we had to find some logs, share those logs, and identify the attacks.

What I like most about Barracuda Web Application Firewall is its availability. I also like that it's an easy-to-use solution.

An area for improvement in Barracuda Web Application Firewall is attack identification. Other banks identified attacks and tracked logs that the solution wasn't able to identify because of its ready-made rules pre-deployed by the vendor. My organization raised this issue with the technical support team.

Another area to improve in Barracuda Web Application Firewall is its service desk. The team resorted to stonewalling because they couldn't accept that a feature was missing in the solution, and it was only after a lot of drilling down that the service desk team accepted that, and would be adding that feature in the future.

My organization had to submit a report to the Reserve Bank of India with information on the logs identified and the attacks that happened, and that there was a failure on the part of the Barracuda Web Application Firewall. The Reserve Bank of India conducts a tri-monthly cyber risk audit in all Indian banks. Even smaller banks identified and caught attacks that my organization wasn't able to do, so I was looking into other solutions that competitor banks could be using because Barracuda Web Application Firewall failed to identify some of the attacks.

I've used Barracuda Web Application Firewall for six months in the past year.

Barracuda Web Application Firewall is a stable product.

Barracuda Web Application Firewall is a scalable product. Scaling it up isn't an issue.

I wasn't happy with the technical support for Barracuda Web Application Firewall, particularly because of the intentional stonewalling by the team. The support team should accept if a threat wasn't caught by the solution. Support should accept that there's a problem in Barracuda Web Application Firewall and improve or fix that problem. My organization had to do a lot of drilling down before the technical support team accepted that the solution was lacking, and that was frustrating.

My rating for the Barracuda Web Application Firewall technical support team is a two out of five.

Barracuda Web Application Firewall was easy to set up. It's a physical appliance, and I only needed one engineer to do the setup. My support engineer set the product up remotely, and it wasn't difficult.

I don't remember how long the deployment took for Barracuda Web Application Firewall because it was done by one of my engineers, but the solution was easy to deploy.

Barracuda Web Application Firewall was implemented by a support engineer from my organization.

I don't remember which version of Barracuda Web Application Firewall I used, but it was the latest at the time.

My organization has a few people using Barracuda Web Application Firewall. Only four or five people use the product.

What I would tell people to do before using Barracuda Web Application Firewall is to first have a POC with different vendors and solutions and even use one or more open source firewalls and WAFs before making a decision. You have to first do a lot of research before installing Barracuda Web Application Firewall because even some open source WAFs can identify some attacks that Barracuda isn't able to identify.

My rating for Barracuda Web Application Firewall is six out of ten.

I'm a product user and not a reseller or partner of Barracuda Web Application Firewall.

This solution is being used as a requirement for architect reference.

The Barracuda Web Application Firewall is more than perfect. It's a near-optimal solution. It has good performance.

The graphical user interface (GUI) of this solution needs improvement. Sometimes it hangs, so you'll need to restart it.

We have a problem with the license because we are unable to migrate the license from a permanent license to a one-year license, or from a temporary license to a permanent license. This is a critical point because we need support from the Barracuda team for this, all the time. They can't change it successfully from their side.

When you start on the licensing, usually during the deployment, we give the customer a temporary license. You can create this token from the website, then when the customer buys the license, you need to upgrade the current license from a one month license to a permanent license for one year, two years, or three years, depending on the license. 

Sometimes, when we are uploading from the old verification, e.g. from the old token to the new token, the VM hangs, and we'll need support from Barracuda's side: from the backend. Their  support team does it like this, and helps us from their side.

The firewall is a little bit complicated.

We've used this solution since last year.

The Barracuda Web Application Firewall is stable.

I find this solution scalable.

Technical support for this solution is acceptable. Sometimes the technical support takes longer because they could have a heavy load, or don't have much time to respond to all of the tickets at once, but that's normal.

The basic setup of this solution is straightforward, and it was nice for us.

We're still using the Barracuda Web Application Firewall, but not as much as we used to. We were using it more last year. Usage of it has been reduced, and I don't know why. It's up to the customer, and not up to me. I cannot select for the customer. I cannot change what the customer desires.

I'm still working with this solution, but not as frequently as I did last year. We had a lot of projects dedicated to the Barracuda Web Application Firewall last year. Now, not all of our customers prefer this product, and I don't know why.

The Barracuda Web Application Firewall works on the VM (virtual machine) on Azure cloud. Usually, when you install this solution, the template will provide you the latest version of the Barracuda Plus. On the Azure cloud, we use the JSON template from GitHub.

I can't explain the use case in detail because I'm working with government entity, so it's classified information.

The Barracuda Firewall is a little bit different, when compared to other firewall related products. These products don't have the same interface, sequence, or process, but the Barracuda Firewall has its own character. I noticed this on the firewall, not the WAF.

The deployment and maintenance of this solution requires more than 10 people.

I'll tell people looking into implementing the Barracuda Web Application Firewall that it's one of the best products in the market, and I totally recommended it. Even their support is able to respond fast to our licensing issues.

I'm rating the Barracuda Web Application Firewall a nine out of ten. No solution can get a ten. This solution deserves between an eight and nine rating. I'm putting it as a nine.

Our primary use case of this solution is protection of applications. If you have applications, for instance, in Azure, and you want to protect them, you can use Barracuda Web Application Firewall, and you have any input data available. This is one of the best use cases. 

For this solution, we have both cloud-based and VM for Azure. 

Some of the most valuable features are the ease of deployment, the Barracuda support, the easy-to-use console, and the granularity of the reports. 

Barracuda Web Application Firewall's load balancing feature could be improved.

I have been using Barracuda Web Application Firewall for four years. 

In our organization, there are around 1,200 to 1,800 users of this solution. 

I would rate Barracuda's technical support a nine and a half out of ten. The technical support is very good. 

The installation is straightforward. There are no hidden challenges or anything. Anybody can do it with the installation guide. 

One engineer is more than enough to handle maintenance. 

We implemented this solution through an in-house team. 

They only offer a yearly licensing plan. 

There are dedicated web application firewalls like Imperva that allow for enterprise level firewall web apps. The main competitors are FortiWeb and Cloudflare. 

I rate Barracuda Web Application Firewall an eight out of ten. Everything—support, efficiency, the tax rate—comes into the picture. I would recommend this solution to others who want to start using it. 

Typically these web application firewalls act as an additional layer primarily for traffic. The web application firewalls are more of a safeguard if a company still has legacy technologies, for which they don't have the patches. It's basically used for the protection and security of web applications.

The solution has been quite stable. It's reliable.

The initial setup is mostly straightforward.

I wouldn't say that the solution is flexible. The technology is moving towards having the firewall, which is distributed to each workload, rather than having a static firewall pertaining to a particular application or a cohort of applications. There are other solutions that are much more flexible in this regard. VMware, for example, gives good flexibility in this regard.

The solution needs to leverage some additional features to a broader scale of software-defined networks.

Given the distributed computing and decentralized architecture with people working in hybrid modules, there'll be lesser and lesser control. People would like to have, for example,  edge computing, et cetera, which is going to be the future for computing. Hence every organization would like to scale the design to the extent where they would like to have their defenses also go along with their workloads. 

If, for an SDN, I need to go to VMware, and, for WAF, I need to go to Barracuda, or different other firewalls, the company is losing market share. They need to increase flexibility, agility, scaling, et cetera, as that is going to be the new normal, maybe in the next two to five years. 

We've been using the solution for close to two years at this point.

The solution is quite stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable.

I'm not sure about the scalability. I would need to explore it more. The most scalable products are likely VMware's NSX, as it is a company that's bit on cloud migration cloud transformation strategies. They'd like to ensure their workloads are safe and secure. I don't see this in traditional RAFs or even firewalls. 

It's difficult to found how many users are on the solution at this time as we use multiple web application firewalls on different applications. It is not every application however, there would be certain applications that would have a WAF. Likely, it's around 10,000 users across applications.

We do plan to continue to use the solution into the future.

We haven't really had to engage with technical support. I can't speak to how helpful or responsive they are in general.

We did use a different solution before switching to Barracuda. Typically, we run a POC first before moving onto anything new, which is what happened in this case.

The initial setup is pretty straightforward. However, it does help to have some depth of knowledge with the solution. 

I cannot recall the exact amount of time the deployment took.

While I don't have dedicated staff on the solution to handle maintenance, I have about six people on my team that can cover whatever needs to be done when something arises.

Licensing is something the procurement team takes care of. I don't have any insights in terms of the licensing agreement or costs that may be involved.

We are customers and end-users.

Typically, we keep updating our infrastructure, and therefore, we are likely using the latest version of the solution, however, I do not have the version number on-hand.

I would recommend the solution to other organizations.

Overall, we've been quite satisfied with the capabilities of this product. I would rate it at an eight out of ten.

One of the best aspects of the solution is the support provided. Their backend support is fantastic. I've found it's superior to other products, including Cisco. The way the support team treats its customers is great. They really walk you through everything and show you how easy it is to mend issues.

I find the solution to be easy to deploy. You don't need too much technical skill, so you don't need an expert level of understanding.

The reporting aspect of the solution needs improvement. I don't find that it's very good. They could do some work on it to make it much better. It's not that the reporting isn't secure. It's just that I would prefer to store my reports for an extended period of time. Right now, that's not possible and I'd prefer it if that could change. I also would say that the reports themselves are expensive.

I've been using the solution since 2009. It's been just over ten years now.

The stability of the solution is good. I don't think we've experienced bugs, crashes, or glitches.

Scalability with the solution is good. It just requires more licenses, like every other product. If you only apply for the environment, it's scalable with the licenses you have. If you're on the physical appliance, you just have to scale it up by pressing the appliance. It probably won't be just deployed on Azure, because we would need to add more licenses.

We've been adding to our system for a while ago, and we haven't run into any issues with continuing to scale.

The technical support offered by Barracuda is excellent. It's one of the greatest selling points of the solution, They are very supportive and help answer any questions we have.

I have previous experience using Cisco.

The solution doesn't require a user to be too technical. I would say the initial setup is very straightforward. The deployment is easy. It's not what I would call complex in any way.

Overall, I would say that I'm satisfied with the pricing. It's got a good range of pricing, and the cost matches the quality level you get out of the solution.

I used to be a customer before, however, now I am partners with Barracuda.

We use both on-premises and public cloud deployment models.

Overall, I'd give the solution a nine out of ten. I'd give it full marks, but it does have issues on the reporting side. The reports are a lot more expensive, even more so than the work itself. That's why I did not give it a 10.

That said, I would recommend Barracuda Firewalls to anybody, any day of the week. They're fantastic.

They could improve their performance, support, and their upgrades. Their updates used to be good. Their improvements were right on the money but nowadays, the updates are minor. 

I don't really like the product. They restricted the number of servers we can protect. They restrict how many servers you can protect based on appliance.

They also don't support additional ATP. Customers also want ATP. They want something extra apart from the basic security package. 

Their appliances are very cheap. The quality is not that good. Their appliances should be more robust. 

I have been using this solution for a year. 

The backend server capability is low. It's risky to put extra servers behind it because it may or may not protect it. The workload is not that high. 

It has worked fine until now. We have some projects that are overloaded. In the next phase, I will remove some servers and add one or two servers from our project team. 

I have not tested out the scalability. 

The software is running 24/7.

I am not satisfied with the support. It used to be better. 

You don't need help from Barracuda to help with the deployment. The deployment is easy. We deployed them all by ourselves. It took some research through the manuals and documentation to find the best way to deploy for your infrastructure. The research took two to three days and then it took another two to three days to install it. By 7-8 days we were ready to do a soft launch. We did the rest within a month. 

We only needed one team member to deploy it. I worked alongside him so that I could also understand it. 

There are costs in addition to the standard licensing. 

I would rate it a five out of ten. 

My advice would be to explore the market. There are many good players. If a solution is on the higher side, it could be a better investment. 

Our primary use case for this platform is to protect our web applications.

The product's advanced bot and threat protection capabilities are valuable.

There's potential for improvement in the platform's CMS integration.

I've been using Barracuda Web Application Firewall for five years now.

The platform has been quite stable, with minimal disruptions in our operations.

I would rate this solution a ten for scalability.

The customer service and support have been responsive and helpful whenever we've needed assistance.

The initial setup was straightforward.

We implemented the product with the help of a vendor.

The product pricing was competitive for the value it offers regarding security features. 

We evaluated other solutions like FortiWeb but chose this platform due to its comprehensive feature set and scalability options that suited our needs better.

The platform has been a reliable choice for securing our web applications. I recommend exploring their support and training offerings to maximize their effectiveness.

I rate it a seven out of ten. 

The product has valuable technical features.

Barracuda Web Application Firewall’s scalability needs improvement.

We have been using Barracuda Web Application Firewall for two years now. At present, we use the latest version.

I rate the product's stability a ten out of ten.

The product has low scalability, and it is three out of ten. It could be improved.

The initial setup is easy. I rate the process a ten out of ten. It takes a month to complete.

We implement the product with the help of a reseller.

The product is inexpensive. I rate its pricing a two out of ten. We purchase its monthly license.

We have medium businesses as our customers for Barracuda Web Application Firewall. I recommend it to others and rate it a ten out of ten.