Barracuda Email Security Gateway Reviews

We use Barracuda Email Security Gateway and also provide it for our customers to reduce incoming spam. It provides security for email delivery from our customer sites and also our sites. Most of our clients, who get a lot of spam, manage their own email server, but they do not have a dedicated spam filter or email security gateway. As a result, they get a lot of spam. Because of this, they end up searching for a solution that they can use. They do not want to buy a dedicated solution. Instead, they want to use a subscription option.

In our VM, we provide a subscription model. People are server scraping to us for incoming and outgoing purposes. 

This is an on-premise solution in our data center. We provide it to our remote customers as a hosted service.

This is a virtual appliance installed within a server. The VM is installed within the Hyper-V Server.

Remotely, we receive email from specific servers. We allow it outbound by using an IP address. If there is an email server delivering more email than the accepted value, then Barracuda Email Security Gateway utilizes the maximum connections per IP address in 30 minutes. By default, the recommended number is 50, but we customize it according to our requirements, e.g., having an email server handling more than 1,000 email boxes and sending 200 to 500 emails within 30 minutes. Sometimes, there is an emergency requirement where they want to send their 2,000 to 3,000 EGM-related or marketing-related emails, then we customize the value. We increase it to 2,000 or 3,000 so they can deliver those emails within a minute from their server through our Barracuda Email Security Gateway. 

From a front-end security point of view, Barracuda Email Security Gateway instantly reduced our spam. That is the main benefit that we are getting together with our customers. It instantly reduced spam emails or emails with a bad reputation from SpamCop and RBL. Those emails instantly get blocked by the Barracuda Email Security Gateway and not a single email is delivered to its destination. 

Every client gets their own administration panel, where they can add their users' emails and create accounts for administering their domain. This provides flexibility for the customer.

There are many customizable options:

• Attachment filtering, where we are filtering attachments according to our requirements. 
• IT-based configurations, where we allow domains. We are blacklisting domains that we do not want to pass through. 
• Rate Control feature, where we have the user license for 10,000 incoming and outgoing emails. Therefore, 10,000 users can use this device.

The client has the option to blacklist or whitelist any email address or domain based on the sender and recipient filters. If they want, they can restrict any IP addresses so email won't be received from those IP addresses. 

Another interesting feature of Barracuda Email Security is the content filtering. If there is any word or sentence that we or our customers want to block, then we can add that thing in Barracuda Email Security Gateway. The content contained in the email will not be delivered or received by the recipient. Maximum customization options are available. 

The solution has to improve in a very specific way. When we allow our customers to send or scan email through our Barracuda Email Security Gateway, we are permitting their email server IP address, but not any domain. One of our customers has an email server where they are hosting five domains within their server. They are sending and receiving email through that server by using Barracuda Email Security Gateway. Therefore, we allow their IP address to send email through our Barracuda Email Security Gateway, then we declare MX for receiving email on behalf of our customers. After receiving the email, we deliver it to the specific IP address of the customer. Since we are only allowing the IP address, if an incident happens within a customer's email server or an email server gets compromised, then it starts sending spam. That creates a huge problem for the solution as it allows all emails because the customer's IP address is allowed to relay email through our Barracuda Email Security Gateway. 

Barracuda should add an option where it can add multiple domains, such as abc.com, bbc.com, and cbc.com. Therefore, this domains' emails will be allowed and other domains' emails will not be relayed through Barracuda Email Security Gateway. Whereas, if you allow the IP address, then any of the domain's emails will be relayed through Barracuda Email Security Gateway. That is the drawback that I have observed. So, Barracuda should work on this.

We have been using it for more than seven years. We are using Barracuda Email Security Gateway to provide hosted security solutions for our customers.

In the last seven years, we have faced three major problems: One is security related and the other two are service functionality related. One of these happened this year. There was a bug within Barracuda Email Security Gateway where the antivirus system scanner was getting hung. We contacted the Barracuda Email Security Gateway support service who worked for a couple of days to make this stable. After that, it was fine.

I forgot that I changed the administrator password a year and a half ago. Then, I came to the office one day and was trying to log into my administration portal, but I gave the wrong password because I forgot it. Somehow, I was not able to remember the password. I tried giving several passwords, and then suddenly I put in the old password. So, I logged in by using the old password on this device. Then I thought, "What have I just done?" I am logged out again and put in my new password. I have logged in. I am again logged out, then put in the old password and was logged in. This was a problem. 

I contacted Barracuda's support team and raised a ticket about how both the old and new passwords were working for the admin account, as this was a security concern. Because if the admin account is compromised, that would be a direct security concern. Barracuda Email Security Gateway support team got involved. They logged into the solution, taking necessary steps. Then, the old server was made obsolete and did not work anymore.

We sent out a message that we are concerned about it. For example, if any customers using the physical or virtual appliance have an admin password that is tagged or an administrator has left their company, then the new administrator should change the password or the old administrator can gain access by using the old password. 

"How to remedy this security hazard?" That was our question. They said, "There are some cashing-related problems that did not propagate properly." Now, it is okay and functioning properly. 

Our main objective is reducing spam and delivering email accurately. That has been our objective. By using Barracuda Email Security Gateway, we are achieving this.

Scalability depends on the ability of the system. 

The scalability in Barracuda Email Security Gateway works separately in other platforms. If you think about virtualization technology, that works another way. You can make it scalable. If you have a 1,000 VM capacity in a virtual infrastructure, you can scale it by adding other nodes, physical hosts, memories, hard disks, etc. You can have a 2,000 capacity by keeping other infrastructure or servers online. Barracuda Vx300, Vx400, Vx600, Vx800, and Vx900 have their own capacity. For example, Barracuda Vx600 has a 10,000 users capacity. Whereas, Vx800 has a 22,000 user capacity and Vx900 has a 30,000 user capacity. Therefore, if you want to scale out, you need to buy a new version.

If we want to use the capacity for 22,000 users, we would need to purchase the license for the Barracuda Vx800 model, then download and install it. So, there is an option for backing up our existing solution in the Barracuda Cloud. After moving the backup to the Barracuda Cloud, we can restore the backup to another device and the configuration is done instantly. While Barracuda is not 100% scalable, it does give flexibility to restore your old configuration.

The support is divided in many ways. When we first generate a support case, it is accepted by their initial support teams on the front line, where the Level 1 technical guy takes the support case. If they are able to do anything, they do. Otherwise, they hand it over to their senior teams. That is the process that happens. 

When we get support from Europe or America, we instantly get proper support. During a recent support experience, it was admitted by their US team who acknowledged a problem, but the subcontinental teams did not acknowledge that they had a problem. 

Overall, their support is good. I would rate them as seven out of 10.

The initial setup is very simple. If you purchase an appliance or physical device, then you can just power it up in your data center. You then add the domains: one default domain and one public IP address. After that, you can handle it however you want. You can add new domains or allow other IP addresses for relaying emails. That is pretty simple. 

On the virtual end, you must download the virtual instance from their website if you support Hyper-V, VMware, or other virtual clouds. So, you can download the VM and import it to your hypervisor. After providing your IP address and setting up your password, it will run instantly. The rest of the process remains the same as the physical device setup.

After the download, if you have the VM, then it will take a maximum of two hours to make it go live.

We do the deployment ourselves. We download it from the Barracuda website portal, then we have our own server where we deploy it.

We are a service provider. We calculate our CapEx, OpEx, and ROI. While it is not returning the way we expected, it does get returns. 

For corporate customers or a single organization who have one to five domains and are using Barracuda Email Security Gateway, the concern is not the investment or money. The concern is security. They are thinking about their email security. In comparison to other products, I think Barracuda is giving them proper value.

This is one of the major points for integrating this solution in any organization. Barracuda Email Security Gateway needs to make it a bit more tolerable for customers because it is increasing every year. They should create a plan for reducing the cost. 

I have observed that the price if I purchase from an American/European site, a European vendor, a European distributor, or Barracuda distributor in the European, Canadian, or American regions online, they are selling the virtual Vx model license for less than subcontinental distributors. For example, there is only one distributor in our country, so the price depends on them. Nobody can purchase a physical appliance license from other regions, while anybody can purchase a virtual appliance license from another region. Therefore, the virtual appliance license in Europe, America, and Canada are lower than our regional price.

We did not evaluate any other vendors. We just chose Barracuda Email Security Gateway.

Research what you are looking for and why you want to use it, determining: 

• How critical is your email solution? 
• How is your organization thinking about security? 
• How is your company assigning value to email? 

If it is important or critical, then you can try the trial version of Barracuda Email Security Gateway Cisco IronPort, or any email security that is in the market. After that, you get the experience of a 30-day trial. This is very convenient for users or customers to make a decision on what platform they will use. 

If they have security concerns, they will not think about the money. However, if their company is an SME or needs to maximize their productivity regarding their investment, then they will want to get maximum productivity from that device to justify the investment. Therefore, they will need to think carefully about the email security gateway that they will use.

Everybody has their own perceptions in the security field. If anyone wants to use any security gateway for their email security purposes, then they need to decide which one they want, their objective, and what they want to achieve. 

I would rate the overall solution as nine out of 10.

All our Office 365 emails will first go through Barracuda. It checks for any EXEs and the like, checking the email contents to allow or stop those. We also use the solution for archiving and backups.

From a security point of view, Barracuda Email Security improved our mail environment. Other than that, its backups are valuable.

The dashboard's UI could be improved to make changes to the blocklist. We currently have to go into the mail and check the list and the dashboard, and it would be better if we could directly block particular domains or emails instead.

I've used this solution for almost four years.

Barracuda has been stable till now.

We have 100 users using Barracuda Email Security Gateway.

Barracuda's technical support is fine.

We used to have FortiMail, and we migrated to Barracuda. Barracuda is much more effective than FortiMail. Barracuda handles spam better.

An integrator handled the initial setup.

We find the solution's pricing okay.

Our management wants to migrate to E5 from E3 and says we don't need Barracuda Email Security. However, we are unsure if E5 will have the same features as Barracuda.

I recommend Barracuda, and from a security point of view, I would rate it a nine out of ten. It didn't let any EXEs or phishing emails through.

We primarily use the solution for email security.

The solution is largely stable. 

It can scale. 

Overall, it has been working fine without issue. 

The message tracking and messaging logs have proven to be quite useful. 

The initial setup can be a little bit complex.

When we implemented Barracuda three years back, although the deployment went smoothly, we also needed to implement some changes regarding the configuration, which were affecting the stamp control rate. Some options were not so easy to remember and we had to search for directions.

For example, if I want to change the mail flow settings, there are two different options available in Barracuda. If I apply a change on one option and didn't change the configuration on the other option, the mail flow doesn't work. Yet the second option is always hidden. I always need to search for it when I need to change some mail flow settings.

I've used the solution for more than three years. 

The product is stable. Sometimes some spamming issues occur, however, we manage to control those after making some changes.

We have a model that supports 5,000 users. We currently have 3,500 users. We have room to scale. 

The solution does work fine with a large number of users. 

I administer the solution and provide troubleshooting and issue resolution as required. The support from Barracuda is pretty good overall when I reach out. 

Neutral

I have an experience with Barracuda Email Security, Microsoft Exchange, and Microsoft Defender.

The initial setup and implementation process is complex. It is not exactly easy.

I'd rate it 2.5 out of five in terms of ease of setup.

The pricing is moderate. It was neither cheap nor expensive. 

I'd rate the cost 3.5 out of five in terms of affordability.

We're a Barracuda customer.

We are using virtual appliances, not the cloud version of the solution. That said, we do plan to move to the cloud. 

While we are not planning to change Barracuda, we are planning to improve Barracuda after purchasing the cloud solution. Our plan is to enhance our email security when we integrate our appliance with the Barracuda Cloud solution.

I'd rate the solution seven out of ten. Some of the exposed emails were not blocked by our Barracuda clients. Although we have engaged the principal, and they helped troubleshoot and tweak some configurations, it's still an issue. We still face some exposed emails delivered to our management level.

I'd advise potential new users that if they plan to implement Barracuda, they should find someone knowledgeable in implementations. They need someone who will follow best practices and understand procedures laid out in the documentation. After configuration and implementation, there may still be some fine-tuning required. 

Barracuda is similar to FortiMail. There is a cloud component that acts like a sandbox. The email enters, and you can open a suspicious attachment to see if it's malicious. If you find that it's malicious, you can block it and send it to Barracuda's on-prem device.

The on-prem device looks for other details like URLs and particular types of content. If everything looks okay, it's forwarded to the SMTP server and the user. We have around 20 to 30 users.

I like Barracuda's cloud sandbox feature. 

Barracuda's spam database isn't on par with its competitors. Users complain about the spam email they're receiving, and we report the issue. Barracuda said they are going to update their system to block the malicious email we received, but we're still getting the same spam. The signatures are not in their database. They need to update their spam signatures because spam is bypassing Barracuda.

I have been working with Barracuda for almost three years.

Barracuda is quite stable.

Barracuda scales as well as FortiMail. You can scale up based on the number of users per box and the email receiver.

Barracuda provides solid support, but they have a different model. They open the terminal, check the issue, and then tell us the problem. 

Barracuda is just like Kaspersky or FortiMail. The initial setup is seamless. They provide the box, and we must mount and configure it according to the customer's environment. It takes about a day or a half-day if you're familiar with the Barracuda environment.

I can easily configure it because it's so typical. When I configure any box, I go over the features. For example, I will first configure the SMTP server if I want to create an inbound flow. I look for that feature and configure it. The fundamentals don't vary much between devices. Some options might be different, or the features may have another name. There may be some additional features that FortiMail has, but Barracuda doe not. It varies from device to device, but the basic configuration is the same.

I rate Barracuda Email Security Gateway six out of 10. Based on my experience, we are recommending FortiMail or Barracuda because we find these two solutions the most stable. FortiMail has fewer issues with spam.

We are using Barracuda Email Security Gateway for ATP,  anti-spam, antivirus, and everything related to enabling flow.

The most valuable feature of the Barracuda Email Security Gateway is the ATP.

Barracuda Email Security Gateway can improve reporting and anti-spam. The anti-spam engine is not working well. We are seeing a lot of problems where spam is going through the gateway. Additionally, access privilege should be given to the IT support, because they don't have a lot of privileges. We are forced to give our IT support administrative access in order to clear and deliver emails and this should not be happening.

In the future, having a schedule reporting for quarantine for all users or for selected users, without reading the content of the message would be helpful.

I have been using Barracuda Email Security Gateway for approximately five years.

Barracuda Email Security Gateway is stable. We had issues with the on-premise version where they used to freeze from time to time, but with the cloud version, we have not had any issues.

Barracuda Email Security Gateway is a scalable solution.

We have approximately 500 people using the solution.

I have used the support from Barracuda Email Security Gateway.

I rate the support from Barracuda Email Security Gateway a three out of five.

Neutral

The initial setup of Barracuda Email Security Gateway took approximately two months to complete here in Lebanon. It was not an easy implementation.

We used Barracuda Email Security Gateway partners to complete the implementation of the solutions.

The price of Barracuda Email Security Gateway is approximately $17 per user annually.

We did not evaluate another solution prior to selecting Barracuda Email Security Gateway.

We chose the solution because it was high on the rating sites and some of my friends from other companies recommend it.

My advice to others is to make sure that their business use case is well optimized, to allow the solution to be set up in the right way.

We are a construction company and we make sure that the emails related to construction pass through the solution. Other companies, such as in marketing, will want to make sure that the marketing campaign passes through. We don't want any marketing campaigns to pass through. You need to see your business use case and your business needs, and you will have to adapt the solution.

I rate Barracuda Email Security Gateway an eight out of ten.

Barracuda Email Security Gateway is used to protect users' email inboxes from malicious threats coming from outside of the network. For example, it can be a malicious link or some malware as an attachment. If these threats are sent to our users, then it blocks and deletes the email.

The most valuable feature of Barracuda Email Security Gateway is that it blocks almost 99 percent of threats from users' email inboxes.

Barracuda Email Security Gateway should add auto-remediation to improve the solution. Additionally, there are times when we have false positives and our general emails get locked, we have mentioned this to Barracuda.

I have been using Barracuda Email Security Gateway for three years.

Barracuda Email Security Gateway is a stable solution.

Barracuda Email Security Gateway is a cloud solution, therefore it is highly scalable.

Everyone in our company is using this solution. It is protecting 10,000 users' inboxes. We do not plan to increase users.

The technical support is good, we did not find any issues with them.

We were using another security tool previously. We were looking for an advanced tool that helps us to log more threats and incident management. This is why we chose Barracuda Email Security Gateway.

The initial setup of Barracuda Email Security Gateway is straightforward. The process can take approximately 15 to 20 days.

We did the implementation of the solution ourselves without a partner.

We have a long agreement with Barracuda Email Security Gateway. We're very pleased with the cost and the solution. The cost is in the average range for this type of solution.

I would recommend this solution to others.

I rate Barracuda Email Security Gateway an eight out of ten.

The solution is primarily for email security. For example, if an email comes through, we need to know what sort of email it is. We have enabled the SPF and the DMARC on it. We've also enabled those security elements so that it has some threat prevention before any unsolicited email comes to our gateway. This basically does all the filtering, before we actually receive an email. There are a number of undeliverable emails we get in our inboxes. In that event, if we are not able to see these emails, we can always log onto the Barracuda Gateway to actually see the emails to say whether they're valid or not. If the authenticity of the email is revealed, we are able to release them.

All of it has been quite useful. All features it provides on the cloud environment are very, very useful, including the antivirus that is enabled on it. 

It also has a threat management tool on it. It does a self-scanning so that it actually does zero-day tolerance. It's able to look at other Barracuda databases and is able to find the latest data and protect the network. There are a number of features that it has that we actually use to protect our network from email.

The setup is straightforward. 

Barracuda itself should be actually working on their DMARC setup. There is a little bit of downtime in terms of that. There are some times when legit emails are trapped on Barracuda and we are unable to get that information unless we actually log on to the network to find out. The good thing is that we get logs now and you can schedule the logs and you'll be able to see the logs in the event. The user gets to see the logs. In the event you don't receive the email, so you can schedule it for every hour or whatever schedule is important for the organization.

We set ours at one hour and in the event, if there's an email that didn't reach you, you'll get a notification after an hour to say, okay, this email was trapped and you are able to self-release it with the user's login, or IT can release it.

I can't think of any other features that are needed. 

I've used the solution from 20016 or 2017 onwards. 

It is very reliable and stable at the same time.

We have between 45 and 50 users.

It is pretty easy to scale. In the event that you want to increase the number of users, you can always do so. All you have to do is buy additional licenses. 

In the event that you need technical support, the support team is always available and they'll probably respond to you in an interval of an hour or two.

If there is a need for escalation, they normally do that. They do give you a call. Once you log a ticket, they give you a call and if they are unable to resolve it at a particular time, they'll give you a timeline as to when it's going to be fixed.

Setting up the solution is simple and straightforward. It's not overly complex or difficult. 

The only thing to do is set up some protocols. You set up some protocols, you go and get some policies enabled, and you can choose whatever policy you want and you enable it on your exchange and that should kick you off. All you do is point your gateway to Barracuda instead of your exchange, and you'll be able to get your email through.

Deployment doesn't take long. It probably takes a day or two, depending on how you want to configure it. You don't really have to do much. It is just that the protocols are already out there. All you do is tick whatever you want and it gets deployed. You set your parameters.

Maintenance is done by the support team. It's cloud-based; we don't really have to do maintenance on our end unless we have a device on our end. We don't have a device on our end. In the event that we have user changes, we do it in-house. For example, if a newbie has joined the organization or somebody is leaving, we make administrative changes.

We did an in-house setup. We buy it from the retailer and the retailer gives us access to the vendor there, the actual supplier. Then we have that privilege too, in the event that if we get caught out for some reason, we are able to liaise with the vendors directly, the suppliers, and we are able to log calls, et cetera, and they're able to sort out issues. We have that kind of support.

It's pay-per-user licenses. We pay around 5,000 Fijian dollars for probably 50 users. The pricing is pretty good for the type of support they give us. We are not looking at anything more expensive than what we're currently paying.

Globally, it's used pretty extensively and it's regarded as one of the top three packages.

We are end-users.

I'm not sure which version of the solution I'm using.

I'd rate the solution eight out of ten. We are happy with the product.

Barracuda Email Security Gateway is primarily employed for safeguarding emails, focusing on email security.

It can effectively combat phishing attacks, block spam, provide confirmation, and ensure operational manageability with a strong focus on product stability.    

The pricing needs improvement.

I have been using Barracuda Email Security Gateway for the past ten years.

I would rate the stability nine out of ten.

I would rate it eight out of ten. 

There are occasional delays in their response. They do not always reply on time.

Neutral

We often encounter challenges because each customer has unique network configurations, security hardening requirements, and specific solutions. This includes migrations and email address configurations, which need to be updated periodically to stay in line with the solution. Regarding deployment, I believe we can complete a few files quickly, but the implementation phase will require more time.

We consistently monitor service support to handle various customer services, and we have a team of five individuals responsible for managing different customers.

It is an expensive solution and I would rate it a five out of ten.

Overall I would rate it seven out of ten.