Barracuda Web Application Firewall Reviews

I am a system integrator and this is one of the solutions that I implement for my customers.

The most valuable feature of this solution is the simplicity of configuration. 

This solution makes management easy.

I really like the firewall weblog that allows me to see what is being blocked, why, and how I can apply a fix.

I would like to see an improved capacity to store logs so that they will be available for a longer time. From my experience, and over time, I have noticed that Barracuda appliances do not store logs for a very long time. What this means is that people have to buy the Barracuda Reporting Server. This is quite expensive, at three or four times the price of the equipment. So, if users have only one or two appliances then it doesn't make sense for them to buy a Reporting Server. If they decide to export those logs from the Barracuda appliance to a SIEM then the format of the report gets lost because Barracuda has custom reports.  Where I used to work, our logs would last for about one week. However, where I am now, we do not have logs beyond one day.

This is a very stable appliance.

This physical appliance is not a solution that scales because once I use it at capacity, I have to buy a new one. The virtual appliance is scalable because if I am at capacity then I can increase my license to another plan.

For the WAF, capacity is not a function of the number of users. Rather, it is based on the servers that it is protecting. Two of my current clients and one hundred and fifty, and two hundred and fifty users, respectively.

Technical support for this solution is wonderful. It is not just for the firewall, but all of Barracuda has good support. I have been dealing with them since 2009, and in my experience, they attend to you. They take the time to explain things. Even if you want to consider something new, they will guide you on what to do.

Overall, I would rate their support very high.

The initial setup of this solution is very straightforward.

When I first set up this solution in 2009, it was for my company and I didn't require assistance from anybody. I later when for training, and am now an integrator. Today I set this solution up for other companies, and I can say that the initial setup has been straightforward all along.

Definitely, I would recommend Barracuda because of its simplicity. I know that they are now integrating the Web Application Firewall on Prime, in the cloud, as well.

The only thing that is a challenge for me is storage, which limits my reporting.

I would rate this solution a nine out of ten.

Our company uses the solution to provide customers with a proxy service that secures transcriptions as part of a seven-layer process. We currently provide this service to twenty customers. 

The solution ensures layer seven is secure from attacks. 

The scripting is good. 

Layer four could be more secure like layer seven to prevent HTTP and HTTPS attacks. 

There are issues when upgrading firewalls and we experience different issues across customers. The communication metrics, ports, traffic, source, destination, and service must be enabled to upgrade firmware but there is no documentation or article for opening the communication matrix to upgrade smoothly. 

STM crashes are a repeat issue and they wipe out appliances. Each time, we have to open a ticket with support and get Apache to fix the issue. It is unclear why appliances have issues or fail and need to be recovered with Apache. 

Firmware upgrades cause automatic configuration changes without providing notifications. Configurations such as ports should not be changed automatically because they negatively affect customers. One customer's configuration issue was within the third layer and took seven days to solve. Support mitigation and work describes policies created automatically after upgrading firewalls but we already created and want to retain our own policies. 

I have been using the solution for two years. 

The solution is stable but ongoing issues with appliance failures, system crashes, and upgrading firmware affect its smooth operation. 

I opened a support ticket for resolving issues when upgrading firewalls. Support could not get to the issue and did not inform me to check traffic on the firewall. It is important to determine what is plugged in when a parameter is trying to communicate outside to download and upgrade firmware to the latest version. The issue was ongoing for three months until I accidently detected it myself. 

Tickets are not solved in one day and sometimes I have to close tickets without any solution from support. Only tickets at the second or third escalation level receive support. 

The setup is straightforward and installation can be finished in one day. 

We implement the solution for customers. 

The solution is based on a licensing model and might be $360 for the hybrid version. 

We have to migrate to another vendor because the solution no longer supports issues with the stack hub. 

We are a partner with Barracuda so recommend the application firewall to our customers but we now have thirteen customers who use Azure stack hub and cannot receive support. We communicated this issue with Barracuda's Middle East management and they suggested using a container as a service. We tried this in our lab but had issues with the installation which we finally resolved. We have some concerns about data being exposed because it is in the cloud. Our customers are administrators and will not accept their data being exposed. 

We would rather work with Barracuda because we have experience with their application firewalls and that makes it easier to support customers. We will have to go to another vendor and take classes to become experts. 

I rate the solution a seven out of ten. 

The product has fantastic support services. It provides complex solutions, including block mode and other default protection features.

We encountered a few glitches while implementing API security features into the product. Secondly, they could provide transparency for different types of protection parameters available. It will be beneficial if there is some visibility for the same. We faced some downtime issues the last two times due to Barracuda infrastructure. Thus, we are searching for alternate WAF solutions.

We have been using Barracuda Web Application Firewall for two years.

I rate the platform's stability a ten out of ten.

I rate the product's scalability nine out of ten. It is suitable for enterprise businesses.

The technical support services are fantastic. They share the knowledge transparently. This feature is more exceptional than that of other vendors.

Positive

The initial setup process is simple. We have deployed the product on the cloud.

I rate Barracuda Web Application Firewall a nine out of ten.

People who host their applications on the cloud, global servers, on-premises, or various locations may encounter issues related to IT threading as well as volumetric attacks. To address these challenges, we provide the Barracuda Web Application Firewall. The most significant advantage of the Barracuda Web Application Firewall is that it offers a single subscription for Active DDoS protection.

There are two types of DDoS attacks: active DDoS and offline DDoS. With Barracuda Web Application Firewall, we only need one subscription to be protected against both. In contrast, other solutions and competitors often require separate subscriptions for DDoS protection, making their offerings more expensive.

When it comes to a comprehensive web application firewall solution, Barracuda stands out by providing an affordable and end-to-end approach. In comparison, other market solutions typically consist of separate boxes for different features, leading to higher pricing.

We only need one subscription to be protected against both active DDoS and offline DDoS attacks.

In the Barracuda Web Application Firewall, there should be more affordable options for WAF as a service. These options should cater to smaller businesses, with a focus on single-size configurations for fewer users and cloud applications. We currently offer WAF as a service for cloud-deployed applications, but the pricing is somewhat on the higher side. To enhance the service, I suggest that they work on improving their pricing strategy. It's crucial to provide competitive pricing in comparison to other competitors in the market.

I am currently using the Barracuda Web Application Firewall.

I give Barracuda Web Application Firewall nine out of ten for stability.

I give Barracuda Web Application Firewall nine out of ten for scalability.

I would rate the initial setup a ten out of ten for its ease.

Usually, deployment takes three to four weeks because it depends on the customer and what we can observe from their side. What SLA or scope of work have they shared with the partner? In essence, we are not a direct partner of Barracuda; instead, we serve as the brand custodian for multiple brands such as Sophos and Barracuda. During the deployment phase, we are not directly involved with the customers. Sometimes, the queries pertain to deployment issues or technical problems. For such cases, we typically respond within two to four hours, or at most, one to two days, depending on our schedule. Since we cater to multiple brands and settings, we are not exclusively focused on one particular brand. Our role involves supporting multiple brands and setting up various solution abilities or designs.

For instance, if a customer approaches us for web services, we can offer Sophos Firewall web services. However, if they require a dedicated web solution, we provide them with a Barracuda solution. In cases where the customer has budget constraints, we try to migrate them to cloud-based solutions. Consequently, we refer to them as end customers or partners as per the situation.

In most cases, we are not directly involved in the deployment phase, the configuration process, or the setup. However, we usually gather feedback from our partners or new partners, and based on that, I can estimate that the deployment will take around two to three weeks. The timeline depends on the specific requirements or wishlist of the end customer.

The Barracuda Web Application Firewall is quite expensive. The license is available on an annual or three-year term, with no monthly, quarterly, or semi-annual options. There is a bigger discount applied when a customer signs up for a three-year term.

I would give Barracuda Web Application Firewall nine out of ten.

Barracuda Web Application Firewall is marketed for the enterprise segment because of its high cost.

Barracuda Web Application Firewall is a comprehensive and dedicated web application firewall, and I highly recommend it.

We use this solution as the firewall, the security, secure internet access, and protection from outside access.

The most valuable feature is the automatic content filtering.

The usability of the interface could be improved. 

The interface is not easy to use or to configure.

A feature that could be very powerful would be the capability to provide the monitoring of the security analogies, and proactive alerts in case of potential issues.  

The firewall protects and logs, but does not provide you with an analogy on that data. 

The availability and stability are very high.

We have one hundred employees within this company using this solution.

The appliance can grow only in the stack, but it's not an upgradable design, it is a closed appliance. 

It is unadjustable in performance, in growing or increasing.

The technical support is provided by the vendor. A ticket is opened with the vendor and they provide support.

We have direct contact via email and phone.

Because we have to repeat the issue more than once before we get support, I would rate them an eight out of ten.

Previously with a different vendor, we used many solutions. As a result, I have experience with many different solutions such as WatchGuard, Cisco, Cisco LEAP, Cisco Tools, SELFAS, and Fortinet.

The initial setup was both simple and complex. WatchGuard is easier to set up than Barracuda, but not as complex. It's something that works and you can start. 

The set up is a medium level of complexity, but if I had to choose between simple and hard, then I would say the initial set up is hard.

The implementation was anywhere from one to two days for the full implementation of all services.

It took one technician to deploy this solution. A couple of technicians for maintenance is required approximately four to five days a year.

I am an integrator and the implementation was done by myself with the help of my technicians and colleagues that are certified in different technologies.

Our licensing fees are paid annually and the cost is between €600 and €800 (approximately $665.00 to $885.00 USD).

It's a full-featured set and all of the capabilities are included.

I am not aware of any additional costs.

Before choosing Barracuda we evaluated WatchGuard.

One of my previous colleagues suggested this solution, they advised me of the company and the technologies.

I would recommend this solution.

I would rate this solution an eight out of ten.

Our primary use case for this platform is to protect our web applications.

The product's advanced bot and threat protection capabilities are valuable.

There's potential for improvement in the platform's CMS integration.

I've been using Barracuda Web Application Firewall for five years now.

The platform has been quite stable, with minimal disruptions in our operations.

I would rate this solution a ten for scalability.

The customer service and support have been responsive and helpful whenever we've needed assistance.

The initial setup was straightforward.

We implemented the product with the help of a vendor.

The product pricing was competitive for the value it offers regarding security features. 

We evaluated other solutions like FortiWeb but chose this platform due to its comprehensive feature set and scalability options that suited our needs better.

The platform has been a reliable choice for securing our web applications. I recommend exploring their support and training offerings to maximize their effectiveness.

I rate it a seven out of ten. 

The product has valuable technical features.

Barracuda Web Application Firewall’s scalability needs improvement.

We have been using Barracuda Web Application Firewall for two years now. At present, we use the latest version.

I rate the product's stability a ten out of ten.

The product has low scalability, and it is three out of ten. It could be improved.

The initial setup is easy. I rate the process a ten out of ten. It takes a month to complete.

We implement the product with the help of a reseller.

The product is inexpensive. I rate its pricing a two out of ten. We purchase its monthly license.

We have medium businesses as our customers for Barracuda Web Application Firewall. I recommend it to others and rate it a ten out of ten.

We primarily use this solution for security purposes. We use it as a firewall.

The interface is great. It's one of the most valuable aspects of the solution. 

The visibility we are able to achieve is quite good. 

The traffic monitoring is very helpful and the URL filtering has been excellent.

Even when we were upgrading to a new OS, we didn't have any difficulties with the product. The stability is good.

We have found that the technical support is very good.

The pricing of the product isn't overly expensive. 

While the UI is good, it can get a little bit complicated. It's not like Next-Gen Firewalls. I need to remember all of the tabs. The sub-tabs should be at the right as they are in the Next-Gen. Mostly, Next-Gen firewalls have everything on the left panel and it will reappear. It would be nice if there was a little more consistency.

I only really have one year of experience with the solution. Therefore, it's hard to discuss missing features. I need more time to explore the product first. 

I have been using the solution for one year.

We haven't had any issues with the stability or the performance, even when switching to a new OS. It's reliable. There are no bugs or glitches. It doesn't crash or freeze. 

While the solution may be scalable, I don't have enough background to really comment. I haven't been involved in scaling. 

Technical support is quite good. That's the main reason everyone is shifting to Barracuda.

It's from India. I'm in the Middle East. Even though the product is from the UAE, the Middle East, the support is from India. They have good engineers that are well-trained. That said, if you need an L3 issue resolved, those engineers are from other regions. Typically an Indian tech will communicate with the other region directly. The support in the case of L3s likely comes from Europe. In any case, everyone is very helpful and responsive, and we are satisfied with the level of support.

The initial setup is not overly complex or difficult. It's easy enough to execute. That said, the burden has to be getting a bit of the knowledge in regards to routing. That's a tricky area. However, it's pretty much the same as a Next-Gen Firewall configuration.

The pricing is okay, however, there are a few other competitors that are a little bit lower. It's still reasonable. 

I'm an end-user and a customer. 

I would rate the solution at an eight out of ten. Sometimes the solution can be tricky around filtering, which is why I don't give it perfect marks.