We primarily use Barracuda WAF-as-a-Service for raising security incidents by proactively blocking malware, ransomware, and phishing attacks to reduce breach risk and response time. Apart from that, we use it for streamlining added sites without performance drops, which also helps to support the growth of our teams. Additionally, we reduce hardware costs by decommissioning on-premises firewalls during our cloud migration with minimal disruption and a familiar UI for quick adoption. When I mention reducing breach risk and streamlining added sites, there is one specific case I want to tell you about where Barracuda WAF-as-a-Service helped us directly. About three to four months back, there was a ransomware attack where it reportedly sent notifications to the admin panel, and Barracuda blocked the malware and phishing attack, sharing an advanced report with our team. This allowed us to directly contact the team, minimizing the risk of data breach. This was one case where we observed the benefits, and there have been multiple instances since we started using it.
Senior Consultant at a tech services company with 51-200 employees
Real User
Feb 2, 2022
It's a very specific solution that is only requested for a customer's web code or their global IT policy. For example, if a head office is using Barracuda, then they will make sure that the branch office is using the same. The use case is very subjective. The solution covers a lot of major protection, or threat management functions in the feature itself. They do DDoS protection on our application. It is also for protocol support. It is mainly used for application delivery. For example, we are able to do SSL authentication on the box itself. That was standard. They will free up all the resources on the server for the SSL authentication. It does the job quite well.
Senior Information Security Engineer at a tech services company with 10,001+ employees
Real User
Mar 8, 2021
We have a web application on AWS, and we wanted just one minimum utility firewall to take care of one site with limited traffic. It is an internal website that is used by less than 200,000 employees. To protect that site, we use Barracuda WAF. The internal website and the firewall were deployed only last year. We are running it on a minimal configuration, and no extensive changes were made. We will be making changes to the configuration periodically based on the requisites.
Learn what your peers think about Barracuda WAF-as-a-Service. Get advice and tips from experienced pros sharing their opinions. Updated: February 2026.
Barracuda WAF-as-a-Service is a comprehensive solution designed to provide application security, DDoS protection, SSL authentication, protocol support, and application delivery. It is a plug-and-play solution with automated policies, simple configuration, and easy rule creation.
The solution can be used for threat prevention or as a cloud-to-cloud backup system based on email protection with cloud security. It is also a web application firewall and covers major protection and threat...
We primarily use Barracuda WAF-as-a-Service for raising security incidents by proactively blocking malware, ransomware, and phishing attacks to reduce breach risk and response time. Apart from that, we use it for streamlining added sites without performance drops, which also helps to support the growth of our teams. Additionally, we reduce hardware costs by decommissioning on-premises firewalls during our cloud migration with minimal disruption and a familiar UI for quick adoption. When I mention reducing breach risk and streamlining added sites, there is one specific case I want to tell you about where Barracuda WAF-as-a-Service helped us directly. About three to four months back, there was a ransomware attack where it reportedly sent notifications to the admin panel, and Barracuda blocked the malware and phishing attack, sharing an advanced report with our team. This allowed us to directly contact the team, minimizing the risk of data breach. This was one case where we observed the benefits, and there have been multiple instances since we started using it.
We use the product for securing email systems, protecting websites, and safeguarding web-based applications and portals.
I use the solution in our company to protect our website.
It's a very specific solution that is only requested for a customer's web code or their global IT policy. For example, if a head office is using Barracuda, then they will make sure that the branch office is using the same. The use case is very subjective. The solution covers a lot of major protection, or threat management functions in the feature itself. They do DDoS protection on our application. It is also for protocol support. It is mainly used for application delivery. For example, we are able to do SSL authentication on the box itself. That was standard. They will free up all the resources on the server for the SSL authentication. It does the job quite well.
The solution can be used to provide application security.
We have a web application on AWS, and we wanted just one minimum utility firewall to take care of one site with limited traffic. It is an internal website that is used by less than 200,000 employees. To protect that site, we use Barracuda WAF. The internal website and the firewall were deployed only last year. We are running it on a minimal configuration, and no extensive changes were made. We will be making changes to the configuration periodically based on the requisites.