We primarily use Barracuda WAF-as-a-Service for raising security incidents by proactively blocking malware, ransomware, and phishing attacks to reduce breach risk and response time. Apart from that, we use it for streamlining added sites without performance drops, which also helps to support the growth of our teams. Additionally, we reduce hardware costs by decommissioning on-premises firewalls during our cloud migration with minimal disruption and a familiar UI for quick adoption. When I mention reducing breach risk and streamlining added sites, there is one specific case I want to tell you about where Barracuda WAF-as-a-Service helped us directly. About three to four months back, there was a ransomware attack where it reportedly sent notifications to the admin panel, and Barracuda blocked the malware and phishing attack, sharing an advanced report with our team. This allowed us to directly contact the team, minimizing the risk of data breach. This was one case where we observed the benefits, and there have been multiple instances since we started using it.
Senior Consultant at a tech services company with 51-200 employees
Real User
Feb 2, 2022
It's a very specific solution that is only requested for a customer's web code or their global IT policy. For example, if a head office is using Barracuda, then they will make sure that the branch office is using the same. The use case is very subjective. The solution covers a lot of major protection, or threat management functions in the feature itself. They do DDoS protection on our application. It is also for protocol support. It is mainly used for application delivery. For example, we are able to do SSL authentication on the box itself. That was standard. They will free up all the resources on the server for the SSL authentication. It does the job quite well.
Senior Information Security Engineer at a tech services company with 10,001+ employees
Real User
Mar 8, 2021
We have a web application on AWS, and we wanted just one minimum utility firewall to take care of one site with limited traffic. It is an internal website that is used by less than 200,000 employees. To protect that site, we use Barracuda WAF. The internal website and the firewall were deployed only last year. We are running it on a minimal configuration, and no extensive changes were made. We will be making changes to the configuration periodically based on the requisites.
Find out what your peers are saying about Barracuda Networks, Cloudflare, Microsoft and others in Web Application Firewall (WAF). Updated: January 2026.
A Web Application Firewall (WAF) is a specialized security tool designed to protect web applications by monitoring and filtering HTTP traffic between a web application and the Internet. It plays a crucial role in safeguarding against threats and vulnerabilities.WAFs help defend web applications from several common threats by analyzing requests to prevent malicious data from passing through. These solutions work by effectively blocking common attacks such as SQL injection and cross-site...
We primarily use Barracuda WAF-as-a-Service for raising security incidents by proactively blocking malware, ransomware, and phishing attacks to reduce breach risk and response time. Apart from that, we use it for streamlining added sites without performance drops, which also helps to support the growth of our teams. Additionally, we reduce hardware costs by decommissioning on-premises firewalls during our cloud migration with minimal disruption and a familiar UI for quick adoption. When I mention reducing breach risk and streamlining added sites, there is one specific case I want to tell you about where Barracuda WAF-as-a-Service helped us directly. About three to four months back, there was a ransomware attack where it reportedly sent notifications to the admin panel, and Barracuda blocked the malware and phishing attack, sharing an advanced report with our team. This allowed us to directly contact the team, minimizing the risk of data breach. This was one case where we observed the benefits, and there have been multiple instances since we started using it.
We use the product for securing email systems, protecting websites, and safeguarding web-based applications and portals.
I use the solution in our company to protect our website.
It's a very specific solution that is only requested for a customer's web code or their global IT policy. For example, if a head office is using Barracuda, then they will make sure that the branch office is using the same. The use case is very subjective. The solution covers a lot of major protection, or threat management functions in the feature itself. They do DDoS protection on our application. It is also for protocol support. It is mainly used for application delivery. For example, we are able to do SSL authentication on the box itself. That was standard. They will free up all the resources on the server for the SSL authentication. It does the job quite well.
The solution can be used to provide application security.
We have a web application on AWS, and we wanted just one minimum utility firewall to take care of one site with limited traffic. It is an internal website that is used by less than 200,000 employees. To protect that site, we use Barracuda WAF. The internal website and the firewall were deployed only last year. We are running it on a minimal configuration, and no extensive changes were made. We will be making changes to the configuration periodically based on the requisites.