Barracuda Web Application Firewall OverviewUNIXBusinessApplication

Barracuda Web Application Firewall is the #8 ranked solution in top Web Application Firewalls. PeerSpot users give Barracuda Web Application Firewall an average rating of 7.8 out of 10. Barracuda Web Application Firewall is most commonly compared to Fortinet FortiWeb: Barracuda Web Application Firewall vs Fortinet FortiWeb. Barracuda Web Application Firewall is popular among the large enterprise segment, accounting for 60% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 23% of all views.
Barracuda Web Application Firewall Buyer's Guide

Download the Barracuda Web Application Firewall Buyer's Guide including reviews and more. Updated: December 2022

What is Barracuda Web Application Firewall?

Barracuda Web Application Firewall is a game-changing cloud-connected security solution that enables organizations to safeguard both their applications and their data from an ever-growing array of advanced cyber threats. It offers protection from cyber attacks that target not only data and applications stored on the cloud but also those that are housed on web servers. 43% of the time a breach takes place via a compromised application. Barracuda Web Application Firewall prevents these types of breaches from occurring.

Barracuda Web Application Firewall denies hackers the ability to penetrate your system by using a number of techniques to keep your organization safely insulated. The first method of protection consists of two parts. The first part involves a thorough scanning of all inbound web traffic. This solution monitors everything that comes into the system. It employs IP reputation intelligence, which filters all incoming data. If the source of the data has a bad reputation, it is blocked by the firewall. Administrators now have a way of locking out many common threats that could otherwise compromise sensitive networks. These scans can also allow administrators to protect their systems from within as DLP (Data Loss Prevention) protocols. If any sensitive data attempts to leave, administrators will automatically be alerted and the data will be blocked from exiting.

Barracuda Web Application Firewall can also be set up to apply the AAA (Authentication, Authorization & Accounting) framework to an organization’s network. If an intruder manages to get past the authentication stage, the authorization protocols kick in. After the authorization stage comes accounting, which works by tracking and logging users’ activities so that administrators will be in a position to prevent long-term damage from being done. This three-step process can be implemented without requiring administrators to make changes to their applications.

Key Features

Some of Barracuda Web Application Firewall’s key features include:

  • The ability to employ adaptive profiling. Administrators will have an easier time enforcing security policies once this feature is enabled. It takes data from safe sources and builds profiles that can be used to create whitelisting protocols that prevent unsafe actions from occurring on the system.
  • The ability to assess threats in real time. Barracuda Web Application Firewall uses machine learning to detect new threats and attacks as they emerge.
  • The ability to manage the Barracuda Web Application Firewall system from a single interface. Administrators can manage their Barracuda Web Application Firewall configurations from one centralized location.

Reviews from Real Users

Barracuda Web Application Firewall stands out among its competitors for a number of reasons. One of the main ones is the robustness of the solution. Users are given access to a vast variety of security features in a single product.

PeerSpot user Muhammed S., a Presales Solutions Architect at Hilal Computers, notes this when he writes, "The solution offers multiple security features. There are machine learning features and great URL encryption. It also offers multi-protocol support against DDoS attacks."

Other reviewers note that Barracuda Web Application Firewall is user-friendly, easy to set up, stable, and reliable.

Barracuda Web Application Firewall Customers

Oracle, CBS, Pioneer, Hyundai, Publix, Barnes Noble, Calzedonia, Nordstrom, Samsung, Nascar

Barracuda Web Application Firewall Video

Archived Barracuda Web Application Firewall Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Especialista en Informática at a maritime company with 5,001-10,000 employees
Real User
Protects our applications and has good support

What is our primary use case?

We use Barracuda for all the cloud applications in Azure. 

What is most valuable?

We use Barracuda to protect the application. That's the main feature we use it for. 

What needs improvement?

Sometimes when we put it in action, we have some blogs that appear as false positives. I think that it's improving. Barracuda should minimize false positives. 

They should make it easier to learn how to use applications. 

For how long have I used the solution?

I have been using Barracuda Web Application for five years. 

Buyer's Guide
Barracuda Web Application Firewall
December 2022
Learn what your peers think about Barracuda Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
655,994 professionals have used our research since 2012.

What do I think about the stability of the solution?

The stability is okay. We haven't had any issues with stability. 

What do I think about the scalability of the solution?

We don't really scale it. We have around 500 users. 

How are customer service and support?

We don't have issues with support. I had an issue with the console where I could not access the console from the inside network. When I accessed it from the inside network, they kicked me. I opened the case with support, we checked the perimeter firewall, and we tried to fix the problem, but it's still the problem.

Support wants me to check the firewall. I checked the administrator for the perimeter firewall and put all the rules for the communication but they told me to upgrade the version. I did and the problem still persisted.

I would rate their support an eight out of ten. 

What about the implementation team?

We had a partner who did the installation. 

What other advice do I have?

I would rate Barracuda an eight out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Especialista en Informática at a maritime company with 5,001-10,000 employees
Real User
Stable with good security and a fairly straightforward setup
Pros and Cons
  • "The initial setup is pretty straightforward, especially if you enlist assistance."
  • "We've had some blocks of the application and some false positives."

What is our primary use case?

The solution is our WAF for Azure. It is for operation for Transit CAS applications.

What is most valuable?

We primarily use the solution for the protection of the active WAF. It offers quite good security.

The solution is stable.

The initial setup is pretty straightforward, especially if you enlist assistance.

What needs improvement?

We've had some blocks of the application and some false positives. Barracuda needs to ensure there are fewer false positives in general. There also needs to be less of a learning curve on the application in general. That might help us eliminate false positives as well. Basically, they need to help new users better learn and understand the solution.

I have an issue with the console currently. I cannot access the console from inside the network. When I access the entire network, it kicks me off all the time. I opened a case with technical support. We've checked the firewall the perimeter firewall, and we've tried to fix that problem, however, it's still the problem. I have to access the console from outside all the time to this day.

For how long have I used the solution?

I've been using the solution for a while now. It's been about five years.

What do I think about the stability of the solution?

The stability is okay. We don't have issues with the reliability of Barracuda. There aren't bugs or glitches. It doesn't crash or freeze at all. I'd describe it as stable for the most part.

What do I think about the scalability of the solution?

The scalability may be okay. However, we have only one Barracuda gateway. We don't really need to scale the solution fight now.

We might have about 500 users within our company using the solution right now.

How are customer service and technical support?

I've reached out to technical support in relation to a console problem and they have yet to fix the issue for us. All they've done is told me to check the firewall, which I have, and to install a new version. I upgraded the version, however, the issue persists. They haven't been extremely helpful and I'd have to say that I am disappointed with their level of service so far.

Overall, I would rate the support at an eight out of ten.

Which solution did I use previously and why did I switch?

We also use Imperva. We use both solutions at once.

How was the initial setup?

I'm not the administrator of the installation process. Therefore, it's hard for me to say if it was difficult or complex. I can't really comment on the initial implementation.

That said, it's my understanding, from talking to the administrator in the past, that it wasn't too complex.

I'm not sure how long the deployment took. I only really deployed the last application protection.

What about the implementation team?

We had the support of the partner for the implementation, which helped iron out any difficulties.

What other advice do I have?

We're just a transportation company. We're a customer. We don't have a business relationship with Barracuda.

I recommend the solution to other organizations for protecting applications specifically in Azure.

Overall, I would rate the solution at a nine out of ten.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Barracuda Web Application Firewall
December 2022
Learn what your peers think about Barracuda Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
655,994 professionals have used our research since 2012.
Maged Magdy - PeerSpot reviewer
Security Consultant at Global Solutions
Real User
Top 5
Great probabilities recommendations, great features, and great support

What is our primary use case?

We use it for website and web service protection.

What is most valuable?

Its recommendation about the probabilities on the website is great. It also has free probability managers for the website, which is really helpful. 

The protection engine, signature-based protection behavior, and analysis features are also great. It also has an ATP module for sandbox scanning and behavior analysis for file uploads.

What needs improvement?

Its interface can be better. It is not very friendly.

For how long have I used the solution?

I have been working with this solution for three years.

How are customer service and technical support?

They provide great support with a fast response.

How was the initial setup?

The initial setup was straightforward. It took us a day to deploy this solution.

What other advice do I have?

I would rate Barracuda Web Application Firewall a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Muhammed-Shafi - PeerSpot reviewer
Presales Solutions Architect at Hilal Computers
Real User
Good technical support and security features but needs better documentation
Pros and Cons
  • "The solution offers multiple security features. There are machine learning features and great URL encryption. It also offers multi-protocol support against DDoS attacks."
  • "The documentation is lacking. It's not like what you'd get if you were using Juniper or Cisco. They need to expand on it and make it more useful."

What is our primary use case?

We primarily use the solution to secure most data centers. We also use it for mobile apps for malicious automated attacks. 

What is most valuable?

The solution offers multiple security features. There are machine learning features and great URL encryption. It also offers multi-protocol support against DDoS attacks.

The API security they offer is quite good.

The technical support on offer is very good.

There's multiple application delivery which is impressive.

What needs improvement?

The deployment isn't very user-friendly.

There are a lot of up and coming competitors in the space, and there's always new technology coming out. The solution needs to make sure that it keeps up with what's going on in the industry to make sure they don't get left behind.

The documentation is lacking. It's not like what you'd get if you were using Juniper or Cisco. They need to expand on it and make it more useful.

For how long have I used the solution?

I've been using the solution for almost four and a half years.

What do I think about the stability of the solution?

The stability of the solution is good. It's pretty reliable. There aren't bugs or glitches. It doesn't crash or freeze. It's good.

What do I think about the scalability of the solution?

The scalability has been fine. It's been quite good for us. We don't have complaints in that regard.

How are customer service and technical support?

We've always been pretty happy with technical support. We find them helpful and knowledgable.

Which solution did I use previously and why did I switch?

I also work with Fortinet solutions and I find that sometimes they can be limiting and have their own set of difficulties.

How was the initial setup?

The initial setup is okay, however, it's not particularly user-friendly. I wouldn't describe it as complex. It's more difficult.

What about the implementation team?

We are system integrators. We can handle implementations.

What's my experience with pricing, setup cost, and licensing?

The pricing is okay. Unlike other competitors, you are able to negotiate a little bit, which can help drive down the cost to the company.

What other advice do I have?

We're a solution partner, an integrator. We have partnership-level agreements with the solution.

We have multiple deployment models. We use it on-premises as well as on the cloud using both Amazon Web Services and Azure.

Overall, I'd rate the solution seven out of ten. It would be hard for any product to rate a ten out of ten for me. However, to get a bit of a higher mark, it should offer better documentation and be more user-friendly, particularly where deployment is concerned. I'd still recommend Barracuda, though. It's pretty solid.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
SolomonAwosina - PeerSpot reviewer
CTO at GCET
Reseller
Top 10
Fantastic backend support and is easy to deploy
Pros and Cons
  • "The stability of the solution is good. I don't think we've experienced bugs, crashes, or glitches."
  • "The reporting aspect of the solution needs improvement. I don't find that it's very good. They could do some work on it to make it much better. It's not that the reporting isn't secure. It's just that I would prefer to store my reports for an extended period of time. Right now, that's not possible and I'd prefer it if that could change. I also would say that the reports themselves are expensive."

What is most valuable?

One of the best aspects of the solution is the support provided. Their backend support is fantastic. I've found it's superior to other products, including Cisco. The way the support team treats its customers is great. They really walk you through everything and show you how easy it is to mend issues.

I find the solution to be easy to deploy. You don't need too much technical skill, so you don't need an expert level of understanding.

What needs improvement?

The reporting aspect of the solution needs improvement. I don't find that it's very good. They could do some work on it to make it much better. It's not that the reporting isn't secure. It's just that I would prefer to store my reports for an extended period of time. Right now, that's not possible and I'd prefer it if that could change. I also would say that the reports themselves are expensive.

For how long have I used the solution?

I've been using the solution since 2009. It's been just over ten years now.

What do I think about the stability of the solution?

The stability of the solution is good. I don't think we've experienced bugs, crashes, or glitches.

What do I think about the scalability of the solution?

Scalability with the solution is good. It just requires more licenses, like every other product. If you only apply for the environment, it's scalable with the licenses you have. If you're on the physical appliance, you just have to scale it up by pressing the appliance. It probably won't be just deployed on Azure, because we would need to add more licenses.

We've been adding to our system for a while ago, and we haven't run into any issues with continuing to scale.

How are customer service and technical support?

The technical support offered by Barracuda is excellent. It's one of the greatest selling points of the solution, They are very supportive and help answer any questions we have.

Which solution did I use previously and why did I switch?

I have previous experience using Cisco.

How was the initial setup?

The solution doesn't require a user to be too technical. I would say the initial setup is very straightforward. The deployment is easy. It's not what I would call complex in any way.

What's my experience with pricing, setup cost, and licensing?

Overall, I would say that I'm satisfied with the pricing. It's got a good range of pricing, and the cost matches the quality level you get out of the solution.

What other advice do I have?

I used to be a customer before, however, now I am partners with Barracuda.

We use both on-premises and public cloud deployment models.

Overall, I'd give the solution a nine out of ten. I'd give it full marks, but it does have issues on the reporting side. The reports are a lot more expensive, even more so than the work itself. That's why I did not give it a 10.

That said, I would recommend Barracuda Firewalls to anybody, any day of the week. They're fantastic.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Wealie Antar - PeerSpot reviewer
Manager, Systems, Information Technology at a non-profit with 1,001-5,000 employees
Real User
It's easy to set up but they should improve their performance, support, and their upgrades
Pros and Cons
  • "You don't need help from Barracuda to help with the deployment. The deployment is easy."
  • "They could improve their performance, support, and their upgrades. Their updates used to be good. Their improvements were right on the money but nowadays, the updates are minor."

What needs improvement?

They could improve their performance, support, and their upgrades. Their updates used to be good. Their improvements were right on the money but nowadays, the updates are minor. 

I don't really like the product. They restricted the number of servers we can protect. They restrict how many servers you can protect based on appliance.

They also don't support additional ATP. Customers also want ATP. They want something extra apart from the basic security package. 

Their appliances are very cheap. The quality is not that good. Their appliances should be more robust. 

For how long have I used the solution?

I have been using this solution for a year. 

What do I think about the stability of the solution?

The backend server capability is low. It's risky to put extra servers behind it because it may or may not protect it. The workload is not that high. 

It has worked fine until now. We have some projects that are overloaded. In the next phase, I will remove some servers and add one or two servers from our project team. 

What do I think about the scalability of the solution?

I have not tested out the scalability. 

The software is running 24/7.

How are customer service and technical support?

I am not satisfied with the support. It used to be better. 

How was the initial setup?

You don't need help from Barracuda to help with the deployment. The deployment is easy. We deployed them all by ourselves. It took some research through the manuals and documentation to find the best way to deploy for your infrastructure. The research took two to three days and then it took another two to three days to install it. By 7-8 days we were ready to do a soft launch. We did the rest within a month. 

We only needed one team member to deploy it. I worked alongside him so that I could also understand it. 

What's my experience with pricing, setup cost, and licensing?

There are costs in addition to the standard licensing. 

What other advice do I have?

I would rate it a five out of ten. 

My advice would be to explore the market. There are many good players. If a solution is on the higher side, it could be a better investment. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Wojciech Wo?Yniak - PeerSpot reviewer
IT Manager at Toshiba Tec Poland
Reseller
Simple to manage with a good client VPN and content filtering

What is most valuable?

The most valuable features are the client VPN and content filtering.

This solution is simple to manage.

The interface and the dashboards are ok.

What needs improvement?

The incident reporting needs to be improved.

The local technical support in Poland is not very reliable.

For how long have I used the solution?

I have been using the Barracuda Web Application Firewall for three years.

What do I think about the stability of the solution?

This solution is very stable. It is great.

What do I think about the scalability of the solution?

I have only the single web application firewall running on-premises, so I cannot comment on scalability other than to say that I haven't had any problems.

We have 18 people who are being protected by this firewall and we do have plans to increase to approximately 100.

How are customer service and technical support?

I have been in contact with technical support and while I feel that they are not very reliable here in Poland, they are good enough and I am satisfied with them. The escalation was okay and the troubleshooting was also okay.

What's my experience with pricing, setup cost, and licensing?

The price of this solution is okay.

What other advice do I have?

My advice to anybody who is implementing this solution is to find a good partner to assist with the implementation.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
PeerSpot user
Igor-Bashtovyi - PeerSpot reviewer
Security Engineer at a tech services company
Real User
Gives an understanding of what is happening on your site and any attempts on your source
Pros and Cons
  • "It's very simple and predictable, because Barracuda provides a vision of the current state of your application. It gives you an understanding of what is happening on your site and any attempts against you at your source. This is the main value that Web Application Firewall provides our company. These aspects are also the main reason for this documentation process."
  • "I think the main area for improvement in this product is learning it, as can be seen when comparing it to the F5 web application firewall. F5 has a very powerful learning phase when you start using your web application firewall against your site. Barracuda has something like this, but not with the same functionality from my point of view."

What is our primary use case?

We use this as public cloud and a virtual appliance based on Azure Cloud.

How has it helped my organization?

It's very simple and predictable because Barracuda provides a vision of the current state of your application. It gives you an understanding of what is happening on your site and any attempts against you at your source. This is the main value that Web Application Firewall provides our company. These aspects are also the main reason for this documentation process.

What is most valuable?

I think the biggest value comes from the ability of Web Application Firewall to perform analysis of attacks that are registered by it, as well as its ability to analyze source code of those attacks and all traffic that is captured by Web Application Firewall. 

The basic functionality of the Web Application Firewall is pretty good. Therefore in comparison with CloudFlare, Barracuda has significant powerful instruments for analysis of main traffic of requests that we get on the application. If however, we try to compare Barracuda and F5, F5 is more powerful than Barracuda. In any case, it's very hard to make these comparisons, because one product has more powerful features from one point of view, while the other product is better from another point of view.

I can say that it's good only in comparison with some products. All products have approximately the same functionality, but some products are more powerful in certain aspects.

What needs improvement?

I think the main area for improvement in this product is learning it, as can be seen when comparing it to the F5 web application firewall. F5 has a very powerful learning phase when you start using your web application firewall against your site. The company at this time collects information and parameters about all requests, such as: file downloads, file uploads, authentication, authorization processes, etc. During this period, F5 provides you with the ability to collect most of the necessary information to make a security provision for your web application firewall.

Barracuda has something like this, but not with the same functionality from my point of view. Barracuda is a little bit lower in comparison with other web application firewalls, so the best way to improve Barracuda is to develop and add new features in this area.

A good point for developing this area is to describe some particular use cases. For example, the implementation demands configuration of the application in conjunction with Web Application Firewall to make it available and hosted on the internal web services of Azure. It would be great to have instructions for Barracuda with Azure infrastructure, so we could get a step-by-step manual starting from the creation of the application interface and finishing with the available site including Barracuda. We implemented Barracuda Web Application Firewall and we see who checks the whole process. Each part of this manual relates to a particular service, but it would still help those who implement it to be quicker.

The bottom line is I would like to see an improved learning model to make the creation of the first policy easier and more transparent for an engineer.

For how long have I used the solution?

I've been using Barracuda for two months.

What do I think about the stability of the solution?

If I remember correctly, when applying changes to a policy, the system tries to reward the current system. I didn't check if the site is available, but it seems that certain views could be unavailable during this process. Any changes or configurations submitted demand voiding. This can be a surprise because when you try only to save the configuration but don't commit it, you might think this doesn't take effect. If you don't want to commit this policy exactly at this time the appliance will still start to change it. This might be a quirk of this appliance.

What do I think about the scalability of the solution?

I read that you can scale this system by building redundant schemes and using special appliances to manage certificates, but I didn't try it. Therefore, as a manager I don't know, because I didn't try to make a redundant scheme.

Only a few users at our company implement this, but all visitors to our site are affected by this implementation.

How are customer service and technical support?

I didn't fight with them because all features and implementations that I tried didn't demand any help from technical support.

Which solution did I use previously and why did I switch?

We actually switched to Barracuda because it's cheaper than F5. This might not be the case for others, because there are several solutions that are cloud based. It is a service of a service and in some cases this kind of product would be cheaper than Barracuda. It depends on the implementation scheme and business needs. In some cases, Barracuda is cheaper, in some cases Barracuda is more expensive. In our case it was cheaper.

How was the initial setup?

The initial setup was very easy and straightforward. I don't remember how long deployment took, but it was very quick. If I remember, you just need to assign the address management interface and add additional IP addresses to other interfaces, enable them, etc. After that, your site is available already. It's much easier than F5, for example.

What about the implementation team?

We didn't use a vendor for implementation. I just used standard documentation from their resources and it was enough to roll out this appliance in our infrastructure. It's very easy. I didn't request them, because the documents provided by their site was enough to roll out this product by ourselves without additional help.

What's my experience with pricing, setup cost, and licensing?

Barracuda costs us $8,000 per year. Barracuda costs $20,000 for a full subscription, when you try to protect multi-site infrastructure, in different geographical zones and for different data centers. If you have only one site, Barracuda will be cheaper.

Which other solutions did I evaluate?

We chose Barracuda because in our case it was cheaper.

What other advice do I have?

The biggest lesson I learned is that our site is attacked every day.

I would recommend Barracuda, but this recommendation is based on our particular case. For some cases this solution is good, but for some cases it's not. It's very hard to answer directly because of all the aspects that should be taken into account when you try to answer this question.

I would rate it as eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Carlo Bertini - PeerSpot reviewer
IT Consultant and Project Manager at Cabar Srl
Consultant
Secure Internet Access with automatic content filtering
Pros and Cons
  • "The most valuable feature is the automatic content filtering."
  • "The usability of the interface could be improved."

What is our primary use case?

We use this solution as the firewall, the security, secure internet access, and protection from outside access.

What is most valuable?

The most valuable feature is the automatic content filtering.

What needs improvement?

The usability of the interface could be improved. 

The interface is not easy to use or to configure.

A feature that could be very powerful would be the capability to provide the monitoring of the security analogies, and proactive alerts in case of potential issues.  

The firewall protects and logs, but does not provide you with an analogy on that data. 

For how long have I used the solution?

I have been using this solution for approximately nine years.

What do I think about the stability of the solution?

The availability and stability are very high.

We have one hundred employees within this company using this solution.

What do I think about the scalability of the solution?

The appliance can grow only in the stack, but it's not an upgradable design, it is a closed appliance. 

It is unadjustable in performance, in growing or increasing.

How are customer service and technical support?

The technical support is provided by the vendor. A ticket is opened with the vendor and they provide support.

We have direct contact via email and phone.

Because we have to repeat the issue more than once before we get support, I would rate them an eight out of ten.

Which solution did I use previously and why did I switch?

Previously with a different vendor, we used many solutions. As a result, I have experience with many different solutions such as WatchGuard, Cisco, Cisco LEAP, Cisco Tools, SELFAS, and Fortinet.

How was the initial setup?

The initial setup was both simple and complex. WatchGuard is easier to set up than Barracuda, but not as complex. It's something that works and you can start. 

The set up is a medium level of complexity, but if I had to choose between simple and hard, then I would say the initial set up is hard.

The implementation was anywhere from one to two days for the full implementation of all services.

It took one technician to deploy this solution. A couple of technicians for maintenance is required approximately four to five days a year.

What about the implementation team?

I am an integrator and the implementation was done by myself with the help of my technicians and colleagues that are certified in different technologies.

What's my experience with pricing, setup cost, and licensing?

Our licensing fees are paid annually and the cost is between €600 and €800 (approximately $665.00 to $885.00 USD).

It's a full-featured set and all of the capabilities are included.

I am not aware of any additional costs.

Which other solutions did I evaluate?

Before choosing Barracuda we evaluated WatchGuard.

What other advice do I have?

One of my previous colleagues suggested this solution, they advised me of the company and the technologies.

I would recommend this solution.

I would rate this solution an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
SolomonAwosina - PeerSpot reviewer
CTO at GCET
Reseller
Top 10
Simple to manage and use, with good technical support
Pros and Cons
  • "The most valuable feature of this solution is the simplicity of configuration."
  • "I would like to see an improved capacity to store logs so that they will be available for a longer time."

What is our primary use case?

I am a system integrator and this is one of the solutions that I implement for my customers.

What is most valuable?

The most valuable feature of this solution is the simplicity of configuration. 

This solution makes management easy.

I really like the firewall weblog that allows me to see what is being blocked, why, and how I can apply a fix.

What needs improvement?

I would like to see an improved capacity to store logs so that they will be available for a longer time. From my experience, and over time, I have noticed that Barracuda appliances do not store logs for a very long time. What this means is that people have to buy the Barracuda Reporting Server. This is quite expensive, at three or four times the price of the equipment. So, if users have only one or two appliances then it doesn't make sense for them to buy a Reporting Server. If they decide to export those logs from the Barracuda appliance to a SIEM then the format of the report gets lost because Barracuda has custom reports.  Where I used to work, our logs would last for about one week. However, where I am now, we do not have logs beyond one day.

For how long have I used the solution?

I have been using this solution for about ten years.

What do I think about the stability of the solution?

This is a very stable appliance.

What do I think about the scalability of the solution?

This physical appliance is not a solution that scales because once I use it at capacity, I have to buy a new one. The virtual appliance is scalable because if I am at capacity then I can increase my license to another plan.

For the WAF, capacity is not a function of the number of users. Rather, it is based on the servers that it is protecting. Two of my current clients and one hundred and fifty, and two hundred and fifty users, respectively.

How are customer service and technical support?

Technical support for this solution is wonderful. It is not just for the firewall, but all of Barracuda has good support. I have been dealing with them since 2009, and in my experience, they attend to you. They take the time to explain things. Even if you want to consider something new, they will guide you on what to do.

Overall, I would rate their support very high.

How was the initial setup?

The initial setup of this solution is very straightforward.

When I first set up this solution in 2009, it was for my company and I didn't require assistance from anybody. I later when for training, and am now an integrator. Today I set this solution up for other companies, and I can say that the initial setup has been straightforward all along.

What other advice do I have?

Definitely, I would recommend Barracuda because of its simplicity. I know that they are now integrating the Web Application Firewall on Prime, in the cloud, as well.

The only thing that is a challenge for me is storage, which limits my reporting.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user1030257 - PeerSpot reviewer
Senior Operations Manager at samergl
Real User
A stable solution with a straightforward setup and continual updates
Pros and Cons
  • "I find the solution very stable."
  • "The solution could use more reports."

What is our primary use case?

We primarily use this solution for firewalls.

What is most valuable?

The features are all fine. We just fixed some bugs from three months ago, and we're waiting now for a final review. They sent us some features to fix the issue.

What needs improvement?

The solution could use more reports.

For how long have I used the solution?

I've been using the solution for 6 months.

What do I think about the stability of the solution?

I find the solution very stable.

How are customer service and technical support?

Technical support has been good. Currently, we don't have any issues.

Which solution did I use previously and why did I switch?

This is the first solution we are using.

How was the initial setup?

The initial setup was very straightforward. We applied what we needed to use and added different features. Each time we need to use a different feature, we go through configuring it and including more features as necessary. 

What about the implementation team?

I used my own team for the implementation. 

Which other solutions did I evaluate?

We did not evaluate other options before choosing this solution.

What other advice do I have?

I manage and operate the device. We are working with the operation team each time applying manual updates, which is continuous. I'd like to see different information, to help handle issues in an easier way. 

I would rate the solution a 9 out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Hamza Ahmed - PeerSpot reviewer
Assistant to the General Manager at a tech services company with self employed
Real User
Attacks have stopped and all of the traffic is going smoothly to my servers
Pros and Cons
  • "The volumetric DDoS defense is very good because I had a problem with a lot of volumetric DDoS attacks on my servers. After using Barracuda, those attacks have stopped and all the traffic is going smoothly to my servers and the system is working really well."
  • "I would like to see better controlling of the traffic."

What is our primary use case?

The primary use case is to protect from DDoS attacks and to protect my backend servers. That was the main concern for me. Barracuda has been very good. I'm very happy with the product.

How has it helped my organization?

Previously, attacks would make the systems go down and we couldn't connect with our customers and other things. We need our servers to be online 24-7 which is why I chose Barracuda. Now our servers are running smoothly and I have no problem running my servers.

What is most valuable?

The volumetric DDoS defense is very good because I had a problem with a lot of volumetric DDoS attacks on my servers. After using Barracuda, those attacks have stopped, all of the traffic is going smoothly to my servers and the system is working really well.

What needs improvement?

I would like to see better controlling of the traffic. 

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

The stability is very good. I would give it four and a half stars out of five.

How was the initial setup?

The initial setup was straightforward. It was easy to deploy. It took six to seven hours of work a day to deploy every policy that I wanted. The initial setup went well, there weren't any issues with it. 

What other advice do I have?

I would rate it a nine out of ten. The attacks that we used to get on servers are gone. My servers are now running 24-7 and I have no problems with them.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Alireza Ghahrood - PeerSpot reviewer
Consultant & Instructor -Cyber Security,GovernanceRIskCompliance (CISO as a Services) at Independent
Real User
Top 10
Strong updating features but the tech support is weak

What is our primary use case?

The updating and signature features are my primary use case for the solution. These features are beneficial to my organization.

What needs improvement?

I would like this solution to be more detective of the needs of the organization.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

I encountered issues with the stability of the product.

What do I think about the scalability of the solution?

I encountered issues with scalability.

How is customer service and technical support?

I would rate the level of tech support a six out of ten. 

How was the initial setup?

I would suggest that someone implementing this product is knowledgeable in the IT field and with the network needs. It is complex.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Director of Systems Infrastructure at a tech vendor
Real User
Allows us to scale out to multiple phase servers

What is our primary use case?

We use it for low balancing phase servers.

How has it helped my organization?

It allows us to scale out to multiple phase servers.

It is a great product. We are very pleased with it.

What is most valuable?

It works exactly by design. It works very well.

What do I think about the stability of the solution?

There are no stability issues.

What do I think about the scalability of the solution?

There are no scalability issues.

How is customer service and technical support?

Their technical support is great.

How was the initial setup?

If you are a networking guy, the initial setup is straightforward. If you know nothing about networks, then you can't set it up.

What's my experience with pricing, setup cost, and licensing?

They have competitive pricing.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Security Administrator at a tech services company with 10,001+ employees
Real User
We run it with no downtime, because it has good support

What is our primary use case?

We use it for mail protection.

How has it helped my organization?

It has helped the organizational function because we do not have an application hosted product. 

What is most valuable?

It mainly provides good support, and it is a good web application for us.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It is not stable nor mature, though it is not a problem for us.

What do I think about the scalability of the solution?

We have had scalability issues. However, since we do not have that many applications, it is not an issue for us.

How are customer service and technical support?

Technical support is very good.

Which solution did I use previously and why did I switch?

We did not previously use another solution.

How was the initial setup?

The initial setup was very straightforward.

What's my experience with pricing, setup cost, and licensing?

The pricing is less compared to other web applications, which is important to us.

Which other solutions did I evaluate?

We compared the solution to Imperva because of the support. Support is important to us.

What other advice do I have?

Just do it. We run it with no downtime, because it has good support.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
it_user848259 - PeerSpot reviewer
Network & Security Engineer at a tech services company with 11-50 employees
Real User
Give us visibility into server connections/sessions, real-time alerts, KPIs
Pros and Cons
  • "This product gives us visibility into what is going on in two servers, including connections and sessions, real-time alerts, very good reporting, and KPIs. It makes managing security of a critical server very easy, with a friendly GUI."
  • "There is no one special feature, but the WAF itself is valuable: user-friendly protection against web attacks etc., authentication, reporting, accountability, alerting, and hardened OS."
  • "This product could easily progress to be among the industry leaders. I think they need to improve enterprise level automation. It integrates with a small number of vulnerability scanners, so report results should be imported manually; same for SIEM integration."

What is our primary use case?

I have two primary use cases, one for a bank and the other one for an operator. I will speak about the bank case. The environment is very critical: securing an e-banking server and SMS banking.

How has it helped my organization?

This product gives us visibility into what is going on in two servers, including connections and sessions, real-time alerts, very good reporting, and KPIs.

It makes managing security of a critical server very easy with a friendly GUI.

What is most valuable?

There is no one special feature, but the WAF itself is valuable: user-friendly protection against web attacks etc., authentication, reporting, accountability, alerting, and hardened OS.

What needs improvement?

This product could easily progress to be among the industry leaders. I think they need to improve enterprise level automation. It integrates with a small number of vulnerability scanners, so report results should be imported manually; same for SIEM integration.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

Very stable product.

What do I think about the scalability of the solution?

No issues with scalability.

How is customer service and technical support?

Best support I have ever seen. I have experience with several products and their support. Barracuda support is very special: efficient, quick replies.

How was the initial setup?

There was some complexity because it requires special configuration in addition to some network changes.

What's my experience with pricing, setup cost, and licensing?

Very good price compared to other products. Some products, like Fortinet, give you good performance as well, and their price is probably lower than Barracuda, but you should pay attention to renewal prices and options. The BWAF license includes everything, even cloud control, which requires a license in other products.

OPEX/CAPEX should be looked at closely.

Which other solutions did I evaluate?

Fortinet, but BWAF was much better.

What other advice do I have?

I would rate it a 10 out of 10 because all requirements from a product are there: very good performance, robust equipment, pentest/vul scan success, very good support. The cost to value ratio is tops.

If you have a limited budget it’s the best, and if you have an open budget why spend more since BWAF can do the job.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user1194 - PeerSpot reviewer
Head of Infrastructure at a tech company with 51-200 employees
Consultant
Very good Web Application filter to protect your web applications from various hacker exploits

Valuable Features:

1) The Barracuda Networks Web Application Firewall can protect your vital web applications from various exploits by hackers. 2) Can be easily deployed and configured. 3) Can be used to protect many applications, like Microsoft Outlook Web Access, Oracle, FTP, SharePoint, XML, etc. It can also protect custom applications deployed within the environment. 4) Can be very easily integrated with Active Directory and various 2-factor authentication systems. 5) Has a built in virus scanner for any data uploads. 6) Reasonably priced 7) Checks both Inbound and Outbound traffic to ensure protection against any type of data leakage and theft. 8) Barracuda Web Application Firewall has a built in load balancer, which can easily distribute traffic to multiple backend servers.

Room for Improvement:

1) Generally speaking, the more complex your web application is, the greater the risk. Older sites are highly vulnerable to application layer security threats. Barracuda Networks Web Application Firewall is not tightly equipped to handle application layer security threats. 2) For SSL enabled sites, Barracuda Networks Web Application Firewall requires the duplication of the SSL certificate. This can pose SSL penetration and also significant scalability challenges. 3) Customer service and online support system is a bit slow and needs improvement.

Other Advice:

One of the best Web Application Filters to protect your web applications, like FTP, Microsoft Outlook Access, Sharepoint, etc. from hackers. Ease of integration, with various 2-factor authentication systems, is one of the highly sought after features. It needs improvement in the way that it handles various SSL enabled sites.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Barracuda Web Application Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2022
Buyer's Guide
Download our free Barracuda Web Application Firewall Report and get advice and tips from experienced pros sharing their opinions.