Barracuda Web Application Firewall Reviews

Our company uses the solution to provide customers with a proxy service that secures transcriptions as part of a seven-layer process. We currently provide this service to twenty customers. 

The solution ensures layer seven is secure from attacks. 

The scripting is good. 

Layer four could be more secure like layer seven to prevent HTTP and HTTPS attacks. 

There are issues when upgrading firewalls and we experience different issues across customers. The communication metrics, ports, traffic, source, destination, and service must be enabled to upgrade firmware but there is no documentation or article for opening the communication matrix to upgrade smoothly. 

STM crashes are a repeat issue and they wipe out appliances. Each time, we have to open a ticket with support and get Apache to fix the issue. It is unclear why appliances have issues or fail and need to be recovered with Apache. 

Firmware upgrades cause automatic configuration changes without providing notifications. Configurations such as ports should not be changed automatically because they negatively affect customers. One customer's configuration issue was within the third layer and took seven days to solve. Support mitigation and work describes policies created automatically after upgrading firewalls but we already created and want to retain our own policies. 

I have been using the solution for two years. 

The solution is stable but ongoing issues with appliance failures, system crashes, and upgrading firmware affect its smooth operation. 

I opened a support ticket for resolving issues when upgrading firewalls. Support could not get to the issue and did not inform me to check traffic on the firewall. It is important to determine what is plugged in when a parameter is trying to communicate outside to download and upgrade firmware to the latest version. The issue was ongoing for three months until I accidently detected it myself. 

Tickets are not solved in one day and sometimes I have to close tickets without any solution from support. Only tickets at the second or third escalation level receive support. 

The setup is straightforward and installation can be finished in one day. 

We implement the solution for customers. 

The solution is based on a licensing model and might be $360 for the hybrid version. 

We have to migrate to another vendor because the solution no longer supports issues with the stack hub. 

We are a partner with Barracuda so recommend the application firewall to our customers but we now have thirteen customers who use Azure stack hub and cannot receive support. We communicated this issue with Barracuda's Middle East management and they suggested using a container as a service. We tried this in our lab but had issues with the installation which we finally resolved. We have some concerns about data being exposed because it is in the cloud. Our customers are administrators and will not accept their data being exposed. 

We would rather work with Barracuda because we have experience with their application firewalls and that makes it easier to support customers. We will have to go to another vendor and take classes to become experts. 

I rate the solution a seven out of ten. 

We used Barracuda Web Application Firewall to protect the banking system. There were cyber drills where we had to find some logs, share those logs, and identify the attacks.

What I like most about Barracuda Web Application Firewall is its availability. I also like that it's an easy-to-use solution.

An area for improvement in Barracuda Web Application Firewall is attack identification. Other banks identified attacks and tracked logs that the solution wasn't able to identify because of its ready-made rules pre-deployed by the vendor. My organization raised this issue with the technical support team.

Another area to improve in Barracuda Web Application Firewall is its service desk. The team resorted to stonewalling because they couldn't accept that a feature was missing in the solution, and it was only after a lot of drilling down that the service desk team accepted that, and would be adding that feature in the future.

My organization had to submit a report to the Reserve Bank of India with information on the logs identified and the attacks that happened, and that there was a failure on the part of the Barracuda Web Application Firewall. The Reserve Bank of India conducts a tri-monthly cyber risk audit in all Indian banks. Even smaller banks identified and caught attacks that my organization wasn't able to do, so I was looking into other solutions that competitor banks could be using because Barracuda Web Application Firewall failed to identify some of the attacks.

I've used Barracuda Web Application Firewall for six months in the past year.

Barracuda Web Application Firewall is a stable product.

Barracuda Web Application Firewall is a scalable product. Scaling it up isn't an issue.

I wasn't happy with the technical support for Barracuda Web Application Firewall, particularly because of the intentional stonewalling by the team. The support team should accept if a threat wasn't caught by the solution. Support should accept that there's a problem in Barracuda Web Application Firewall and improve or fix that problem. My organization had to do a lot of drilling down before the technical support team accepted that the solution was lacking, and that was frustrating.

My rating for the Barracuda Web Application Firewall technical support team is a two out of five.

Barracuda Web Application Firewall was easy to set up. It's a physical appliance, and I only needed one engineer to do the setup. My support engineer set the product up remotely, and it wasn't difficult.

I don't remember how long the deployment took for Barracuda Web Application Firewall because it was done by one of my engineers, but the solution was easy to deploy.

Barracuda Web Application Firewall was implemented by a support engineer from my organization.

I don't remember which version of Barracuda Web Application Firewall I used, but it was the latest at the time.

My organization has a few people using Barracuda Web Application Firewall. Only four or five people use the product.

What I would tell people to do before using Barracuda Web Application Firewall is to first have a POC with different vendors and solutions and even use one or more open source firewalls and WAFs before making a decision. You have to first do a lot of research before installing Barracuda Web Application Firewall because even some open source WAFs can identify some attacks that Barracuda isn't able to identify.

My rating for Barracuda Web Application Firewall is six out of ten.

I'm a product user and not a reseller or partner of Barracuda Web Application Firewall.

Typically these web application firewalls act as an additional layer primarily for traffic. The web application firewalls are more of a safeguard if a company still has legacy technologies, for which they don't have the patches. It's basically used for the protection and security of web applications.

The solution has been quite stable. It's reliable.

The initial setup is mostly straightforward.

I wouldn't say that the solution is flexible. The technology is moving towards having the firewall, which is distributed to each workload, rather than having a static firewall pertaining to a particular application or a cohort of applications. There are other solutions that are much more flexible in this regard. VMware, for example, gives good flexibility in this regard.

The solution needs to leverage some additional features to a broader scale of software-defined networks.

Given the distributed computing and decentralized architecture with people working in hybrid modules, there'll be lesser and lesser control. People would like to have, for example,  edge computing, et cetera, which is going to be the future for computing. Hence every organization would like to scale the design to the extent where they would like to have their defenses also go along with their workloads. 

If, for an SDN, I need to go to VMware, and, for WAF, I need to go to Barracuda, or different other firewalls, the company is losing market share. They need to increase flexibility, agility, scaling, et cetera, as that is going to be the new normal, maybe in the next two to five years. 

We've been using the solution for close to two years at this point.

The solution is quite stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable.

I'm not sure about the scalability. I would need to explore it more. The most scalable products are likely VMware's NSX, as it is a company that's bit on cloud migration cloud transformation strategies. They'd like to ensure their workloads are safe and secure. I don't see this in traditional RAFs or even firewalls. 

It's difficult to found how many users are on the solution at this time as we use multiple web application firewalls on different applications. It is not every application however, there would be certain applications that would have a WAF. Likely, it's around 10,000 users across applications.

We do plan to continue to use the solution into the future.

We haven't really had to engage with technical support. I can't speak to how helpful or responsive they are in general.

We did use a different solution before switching to Barracuda. Typically, we run a POC first before moving onto anything new, which is what happened in this case.

The initial setup is pretty straightforward. However, it does help to have some depth of knowledge with the solution. 

I cannot recall the exact amount of time the deployment took.

While I don't have dedicated staff on the solution to handle maintenance, I have about six people on my team that can cover whatever needs to be done when something arises.

Licensing is something the procurement team takes care of. I don't have any insights in terms of the licensing agreement or costs that may be involved.

We are customers and end-users.

Typically, we keep updating our infrastructure, and therefore, we are likely using the latest version of the solution, however, I do not have the version number on-hand.

I would recommend the solution to other organizations.

Overall, we've been quite satisfied with the capabilities of this product. I would rate it at an eight out of ten.

They could improve their performance, support, and their upgrades. Their updates used to be good. Their improvements were right on the money but nowadays, the updates are minor. 

I don't really like the product. They restricted the number of servers we can protect. They restrict how many servers you can protect based on appliance.

They also don't support additional ATP. Customers also want ATP. They want something extra apart from the basic security package. 

Their appliances are very cheap. The quality is not that good. Their appliances should be more robust. 

I have been using this solution for a year. 

The backend server capability is low. It's risky to put extra servers behind it because it may or may not protect it. The workload is not that high. 

It has worked fine until now. We have some projects that are overloaded. In the next phase, I will remove some servers and add one or two servers from our project team. 

I have not tested out the scalability. 

The software is running 24/7.

I am not satisfied with the support. It used to be better. 

You don't need help from Barracuda to help with the deployment. The deployment is easy. We deployed them all by ourselves. It took some research through the manuals and documentation to find the best way to deploy for your infrastructure. The research took two to three days and then it took another two to three days to install it. By 7-8 days we were ready to do a soft launch. We did the rest within a month. 

We only needed one team member to deploy it. I worked alongside him so that I could also understand it. 

There are costs in addition to the standard licensing. 

I would rate it a five out of ten. 

My advice would be to explore the market. There are many good players. If a solution is on the higher side, it could be a better investment. 

Our primary use case for this platform is to protect our web applications.

The product's advanced bot and threat protection capabilities are valuable.

There's potential for improvement in the platform's CMS integration.

I've been using Barracuda Web Application Firewall for five years now.

The platform has been quite stable, with minimal disruptions in our operations.

I would rate this solution a ten for scalability.

The customer service and support have been responsive and helpful whenever we've needed assistance.

The initial setup was straightforward.

We implemented the product with the help of a vendor.

The product pricing was competitive for the value it offers regarding security features. 

We evaluated other solutions like FortiWeb but chose this platform due to its comprehensive feature set and scalability options that suited our needs better.

The platform has been a reliable choice for securing our web applications. I recommend exploring their support and training offerings to maximize their effectiveness.

I rate it a seven out of ten. 

The product has valuable technical features.

Barracuda Web Application Firewall’s scalability needs improvement.

We have been using Barracuda Web Application Firewall for two years now. At present, we use the latest version.

I rate the product's stability a ten out of ten.

The product has low scalability, and it is three out of ten. It could be improved.

The initial setup is easy. I rate the process a ten out of ten. It takes a month to complete.

We implement the product with the help of a reseller.

The product is inexpensive. I rate its pricing a two out of ten. We purchase its monthly license.

We have medium businesses as our customers for Barracuda Web Application Firewall. I recommend it to others and rate it a ten out of ten.

We are using the Barracuda Web Application Firewall for website content and front-end web application protection.

I have been using Barracuda Web Application Firewall for a few years.

I have found F5 more stable than Barracuda Web Application Firewall. They should improve the stability.

Barracuda Web Application Firewall has been scalable in my experience.

I have used similar solutions to Barracuda Web Application Firewall, such as F5 and there are not any major differences between them.

The installation is straightforward.

We need a minimum of three to four people to do the implementation and maintenance of the solution.

I rate Barracuda Web Application Firewall a seven out of ten.

The solution is user-friendly and easy to set up.

There should be some some simple case settings offered, as well as documentation and video. 

As most people are aware, the implementation is not easy. 

We implemented Barracuda Web Application Firewall around four years ago. 

The product is stable. We have encountered no issues in this regard. 

The technical support is quite good. 

We have primarily been working with Barracuda Web Application Firewall, as we have not yet done much testing of other products. 

It is not easy to implement the solution, although its duration varies with the number of applications that one wishes to deploy. We are talking about a maximum of one hour for a basic configuration. 

The price is reasonable, more so than other products. 

The solution looks good to me. We find that its features provide us with solutions for practically all our needs. 

Our customers run the gamut from small, medium to enterprise. 

I rate Barracuda Web Application Firewall as an eight or nine out of ten.