Regarding improvements for Barracuda WAF-as-a-Service, the UI and user experience can feel dated. While the interface is functional and centralized, some third-party reviews indicate that the UI can feel outdated, and enhancements are required to provide an executive look that can be aligned with modern and intuitive next-generation competitors. The licensing and cost structure perspective may need clear planning. Barracuda service is customizable but external references note that licensing and cost planning can become complex. Advanced analytics and executive reporting could be better. The platform provides visibility and compliance reporting but organizations looking for a very polished executive dashboard, deep attack visualization, or broader cloud-native security context may find it more focused on WAF operation. Barracuda WAF-as-a-Service is best suited for app and API protection and is not a full CNAPP platform. It is strong for application layer protection but is not positioned as a full CNAPP covering posture management. Modernizing the UI further, simplifying packaging and licensing clarity, enhancing the executive reporting and risk dashboard, and expanding broader cloud-native integration would be beneficial improvements.
I assess the impact of Barracuda WAF-as-a-Service on compliance efforts regarding security events as good in terms of compliance, although there are a few issues. There is one issue regarding local data storage, as they do not have that capability, and we are storing the data in another foreign country, which is against the law. Data is supposed to be within the South African border. In my opinion, the main direction for improvement should be around the licensing part, as it should not be quite complex. The price of their licensing model is a bit steep. However, for other features such as web application threat detection and data compliance, they are very good, especially for application trafficking and caching. The pricing and SIEM integration sometimes create challenges, and we need to get professional help with those areas. For the next release, Barracuda WAF-as-a-Service should include advanced APIs and perhaps AI-driven detections. They can improve the integration with SIEM and SOAR.
I see that cost can be a limitation for small businesses. Additionally, if they can provide more advanced features and customization for specific use cases, that would be beneficial. Apart from that, I do not feel there are any other problems. From our perspective, there is not an issue. All the data I have shared is in favor of Barracuda because the ROI they have given us is tremendous, and they are doing really well in terms of product, scalability, and service. We have seen that it is a great solution with no issues from our end.
One significant area for improvement in Barracuda WAF-as-a-Service lies in its market positioning and pricing strategy. Additionally, it could operate in a local data center. This limitation hinders its adoption in regions with strict data regulations.
My company had faced some downtime or an outage twice with Barracuda WAF-as-a-Service due to backend problems. The stability of the product is an area of concern where improvements are required. I don't know much about what additional features are required in the product's future releases since I think it has almost all users. One feature I want in the solution stems from the fact that there are almost 17 applications protected in our company with the help of Barracuda WAF-as-a-Service. If I need to block one IP address for all 17 applications together, it is not possible, and I need to block the IP address on each application separately, making it a time-consuming process. It would be great if the product allows users to block an IP address for all the applications in an environment in one go rather than having to block the IP address separately for each application.
Senior Information Security Engineer at a tech services company with 10,001+ employees
Real User
Mar 8, 2021
We found it a bit slow when accessing it through the web browser. The URL also exposed the user name and the hashed password. When I log into my Barracuda WAF user portal, I could see the username and the hashed password on the URL itself. So, it is not very secure, and it is important to take that off. I would like to have a threat radar that is updated on their security database. I would like to see if their IP is getting updated and the data detection notifications are the same as in the server.
Barracuda WAF-as-a-Service streamlines cloud security with features like automatic updates, real-time detection, and bot protection. It enhances AWS environments with simplified management and threat intelligence.Barracuda WAF-as-a-Service provides robust application security, leveraging automatic security updates and real-time attack detection to defend against threats. Its centralized dashboard offers an intuitive management experience, complemented by automated policies. Real-time threat...
Regarding improvements for Barracuda WAF-as-a-Service, the UI and user experience can feel dated. While the interface is functional and centralized, some third-party reviews indicate that the UI can feel outdated, and enhancements are required to provide an executive look that can be aligned with modern and intuitive next-generation competitors. The licensing and cost structure perspective may need clear planning. Barracuda service is customizable but external references note that licensing and cost planning can become complex. Advanced analytics and executive reporting could be better. The platform provides visibility and compliance reporting but organizations looking for a very polished executive dashboard, deep attack visualization, or broader cloud-native security context may find it more focused on WAF operation. Barracuda WAF-as-a-Service is best suited for app and API protection and is not a full CNAPP platform. It is strong for application layer protection but is not positioned as a full CNAPP covering posture management. Modernizing the UI further, simplifying packaging and licensing clarity, enhancing the executive reporting and risk dashboard, and expanding broader cloud-native integration would be beneficial improvements.
I assess the impact of Barracuda WAF-as-a-Service on compliance efforts regarding security events as good in terms of compliance, although there are a few issues. There is one issue regarding local data storage, as they do not have that capability, and we are storing the data in another foreign country, which is against the law. Data is supposed to be within the South African border. In my opinion, the main direction for improvement should be around the licensing part, as it should not be quite complex. The price of their licensing model is a bit steep. However, for other features such as web application threat detection and data compliance, they are very good, especially for application trafficking and caching. The pricing and SIEM integration sometimes create challenges, and we need to get professional help with those areas. For the next release, Barracuda WAF-as-a-Service should include advanced APIs and perhaps AI-driven detections. They can improve the integration with SIEM and SOAR.
I see that cost can be a limitation for small businesses. Additionally, if they can provide more advanced features and customization for specific use cases, that would be beneficial. Apart from that, I do not feel there are any other problems. From our perspective, there is not an issue. All the data I have shared is in favor of Barracuda because the ROI they have given us is tremendous, and they are doing really well in terms of product, scalability, and service. We have seen that it is a great solution with no issues from our end.
One significant area for improvement in Barracuda WAF-as-a-Service lies in its market positioning and pricing strategy. Additionally, it could operate in a local data center. This limitation hinders its adoption in regions with strict data regulations.
My company had faced some downtime or an outage twice with Barracuda WAF-as-a-Service due to backend problems. The stability of the product is an area of concern where improvements are required. I don't know much about what additional features are required in the product's future releases since I think it has almost all users. One feature I want in the solution stems from the fact that there are almost 17 applications protected in our company with the help of Barracuda WAF-as-a-Service. If I need to block one IP address for all 17 applications together, it is not possible, and I need to block the IP address on each application separately, making it a time-consuming process. It would be great if the product allows users to block an IP address for all the applications in an environment in one go rather than having to block the IP address separately for each application.
The solution can improve by bundling Security Operation Center (SOC) with the WAF-as-a-Service, it would provide a lot more value to customers.
We found it a bit slow when accessing it through the web browser. The URL also exposed the user name and the hashed password. When I log into my Barracuda WAF user portal, I could see the username and the hashed password on the URL itself. So, it is not very secure, and it is important to take that off. I would like to have a threat radar that is updated on their security database. I would like to see if their IP is getting updated and the data detection notifications are the same as in the server.