2019-06-26T05:25:00Z

What needs improvement with Barracuda Web Application Firewall?

Julia Miller - PeerSpot reviewer
  • 0
  • 26
PeerSpot user
28

28 Answers

Phakedi Mphela - PeerSpot reviewer
Real User
Top 5Leaderboard
2024-03-01T13:01:58Z
Mar 1, 2024

The platform's pricing needs improvement.

Search for a product comparison
Anuraj Nair - PeerSpot reviewer
Real User
Top 5Leaderboard
2024-02-01T08:55:18Z
Feb 1, 2024

There are some vulnerabilities that are reported across the tools offered by Barracuda for some devices, which need to be taken care of from an improvement perspective.

SubhajitChatterjee - PeerSpot reviewer
Real User
Top 20
2023-12-01T03:57:36Z
Dec 1, 2023

We encountered a few glitches while implementing API security features into the product. Secondly, they could provide transparency for different types of protection parameters available. It will be beneficial if there is some visibility for the same. We faced some downtime issues the last two times due to Barracuda infrastructure. Thus, we are searching for alternate WAF solutions.

ВН
Real User
Top 20
2023-10-12T07:50:00Z
Oct 12, 2023

Barracuda Web Application Firewall’s scalability needs improvement.

Carlo Bertini - PeerSpot reviewer
Reseller
Top 5
2023-09-08T13:18:00Z
Sep 8, 2023

One of Barracuda's limitations is its user interface. The GUI for configuration is not intuitive and has remained largely unchanged for the past 10 to 12 years. This is something I've discussed with Barracuda representatives here in Italy as well. It needs more modernization.

MN
Real User
Top 20
2023-08-28T12:23:53Z
Aug 28, 2023

We get false positives about phishing emails. The vendor must improve Barracuda Email Security Gateway.

Learn what your peers think about Barracuda Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
KA
Reseller
Top 5Leaderboard
2023-07-20T13:23:51Z
Jul 20, 2023

In the Barracuda Web Application Firewall, there should be more affordable options for WAF as a service. These options should cater to smaller businesses, with a focus on single-size configurations for fewer users and cloud applications. We currently offer WAF as a service for cloud-deployed applications, but the pricing is somewhat on the higher side. To enhance the service, I suggest that they work on improving their pricing strategy. It's crucial to provide competitive pricing in comparison to other competitors in the market.

Porleng Phatt - PeerSpot reviewer
Reseller
Top 5
2023-02-23T13:03:35Z
Feb 23, 2023

The policy updates could be improved.

SF
Vendor
Top 20
2022-12-12T20:13:08Z
Dec 12, 2022

I would like to see a native multi-cloud cover. Right now if I have applications that run both on Amazon and Google, I have to have two distinct licenses and two distinct implementations. But we are multi-cloud, so I do not want to have to deploy policies on essentially two apps that are essentially the same policies. I would prefer to have a multi-cloud console, in other words, one set of policies that apply to multiple implementations.

VijayKumar8 - PeerSpot reviewer
Consultant
Top 10
2022-11-09T10:30:42Z
Nov 9, 2022

The Barracuda team just needs to improve their product as per their competitors, like F5 and Imperva. They should improve their features, so they easily compare to the competition. They could always continue to improve their security so that they maintain up-to-date on any current threats.

PS
Real User
Top 10
2022-08-09T12:57:10Z
Aug 9, 2022

An area for improvement in Barracuda Web Application Firewall is attack identification. Other banks identified attacks and tracked logs that the solution wasn't able to identify because of its ready-made rules pre-deployed by the vendor. My organization raised this issue with the technical support team. Another area to improve in Barracuda Web Application Firewall is its service desk. The team resorted to stonewalling because they couldn't accept that a feature was missing in the solution, and it was only after a lot of drilling down that the service desk team accepted that, and would be adding that feature in the future. My organization had to submit a report to the Reserve Bank of India with information on the logs identified and the attacks that happened, and that there was a failure on the part of the Barracuda Web Application Firewall. The Reserve Bank of India conducts a tri-monthly cyber risk audit in all Indian banks. Even smaller banks identified and caught attacks that my organization wasn't able to do, so I was looking into other solutions that competitor banks could be using because Barracuda Web Application Firewall failed to identify some of the attacks.

LB
Reseller
2020-02-05T12:18:13Z
Feb 5, 2020

Ability to store logs for a longer time. Buying the Reporting server escalates costs and places solution above SMMs

Anuraj Nair - PeerSpot reviewer
Real User
Top 5Leaderboard
2021-12-28T14:46:00Z
Dec 28, 2021

Barracuda Web Application Firewall's load balancing feature could be improved.

FS
Real User
2021-09-03T07:56:27Z
Sep 3, 2021

There should be some some simple case settings offered, as well as documentation and video. As most people are aware, the implementation is not easy.

JB
Real User
2021-08-16T13:53:59Z
Aug 16, 2021

Occasionally, upon installation of the Energize Updates, the plans will go off track, something which necessitates us calling up their support team for another update. The frequency of the release of the updates is also an issue. In the production environment, Firmware cannot be frequently updated. It would be better if their updates would be released annually.

Ahmed MohammedKhan - PeerSpot reviewer
Real User
Top 10
2021-08-11T13:15:44Z
Aug 11, 2021

While the UI is good, it can get a little bit complicated. It's not like Next-Gen Firewalls. I need to remember all of the tabs. The sub-tabs should be at the right as they are in the Next-Gen. Mostly, Next-Gen firewalls have everything on the left panel and it will reappear. It would be nice if there was a little more consistency. I only really have one year of experience with the solution. Therefore, it's hard to discuss missing features. I need more time to explore the product first.

SA
Real User
2021-07-07T08:33:53Z
Jul 7, 2021

I did not go in-depth with the solution just yet. I just reviewed the product for a short time period, and not in-depth. I did not review every function. However, it's difficult to discuss features that may be lacking. That said, I see a huge number of false-positive attacks in Barracuda, as it shows you some hundreds or thousands of attacks per day in cookies. They need to work on the false-positives so that you know when to worry. It's too overwhelming right now with what they are recording.

DP
Real User
2020-11-24T13:48:52Z
Nov 24, 2020

We've had some blocks of the application and some false positives. Barracuda needs to ensure there are fewer false positives in general. There also needs to be less of a learning curve on the application in general. That might help us eliminate false positives as well. Basically, they need to help new users better learn and understand the solution. I have an issue with the console currently. I cannot access the console from inside the network. When I access the entire network, it kicks me off all the time. I opened a case with technical support. We've checked the firewall the perimeter firewall, and we've tried to fix that problem, however, it's still the problem. I have to access the console from outside all the time to this day.

DP
Real User
2020-11-24T08:44:00Z
Nov 24, 2020

Sometimes when we put it in action, we have some blogs that appear as false positives. I think that it's improving. Barracuda should minimize false positives. They should make it easier to learn how to use applications.

MM
Real User
2020-11-04T04:57:49Z
Nov 4, 2020

Its interface can be better. It is not very friendly.

MS
Real User
2020-09-17T08:05:53Z
Sep 17, 2020

The deployment isn't very user-friendly. There are a lot of up and coming competitors in the space, and there's always new technology coming out. The solution needs to make sure that it keeps up with what's going on in the industry to make sure they don't get left behind. The documentation is lacking. It's not like what you'd get if you were using Juniper or Cisco. They need to expand on it and make it more useful.

SolomonAwosina - PeerSpot reviewer
Real User
Top 10
2020-06-25T10:49:00Z
Jun 25, 2020

The reporting aspect of the solution needs improvement. I don't find that it's very good. They could do some work on it to make it much better. It's not that the reporting isn't secure. It's just that I would prefer to store my reports for an extended period of time. Right now, that's not possible and I'd prefer it if that could change. I also would say that the reports themselves are expensive.

Wealie Antar - PeerSpot reviewer
Real User
Top 20
2020-04-23T10:13:00Z
Apr 23, 2020

They could improve their performance, support, and their upgrades. Their updates used to be good. Their improvements were right on the money but nowadays, the updates are minor. I don't really like the product. They restricted the number of servers we can protect. They restrict how many servers you can protect based on appliance. They also don't support additional ATP. Customers also want ATP. They want something extra apart from the basic security package. Their appliances are very cheap. The quality is not that good. Their appliances should be more robust.

WW
Vendor
2020-01-19T06:38:00Z
Jan 19, 2020

The incident reporting needs to be improved. The local technical support in Poland is not very reliable.

IB
Real User
2019-09-19T08:39:00Z
Sep 19, 2019

I think the main area for improvement in this product is learning it, as can be seen when comparing it to the F5 web application firewall. F5 has a very powerful learning phase when you start using your web application firewall against your site. The company at this time collects information and parameters about all requests, such as: file downloads, file uploads, authentication, authorization processes, etc. During this period, F5 provides you with the ability to collect most of the necessary information to make a security provision for your web application firewall. Barracuda has something like this, but not with the same functionality from my point of view. Barracuda is a little bit lower in comparison with other web application firewalls, so the best way to improve Barracuda is to develop and add new features in this area. A good point for developing this area is to describe some particular use cases. For example, the implementation demands configuration of the application in conjunction with Web Application Firewall to make it available and hosted on the internal web services of Azure. It would be great to have instructions for Barracuda with Azure infrastructure, so we could get a step-by-step manual starting from the creation of the application interface and finishing with the available site including Barracuda. We implemented Barracuda Web Application Firewall and we see who checks the whole process. Each part of this manual relates to a particular service, but it would still help those who implement it to be quicker. The bottom line is I would like to see an improved learning model to make the creation of the first policy easier and more transparent for an engineer.

Carlo Bertini - PeerSpot reviewer
Reseller
Top 5
2019-09-05T16:30:00Z
Sep 5, 2019

The usability of the interface could be improved. The interface is not easy to use or to configure. A feature that could be very powerful would be the capability to provide the monitoring of the security analogies, and proactive alerts in case of potential issues. The firewall protects and logs, but does not provide you with an analogy on that data.

SolomonAwosina - PeerSpot reviewer
Real User
Top 10
2019-08-30T04:51:00Z
Aug 30, 2019

I would like to see an improved capacity to store logs so that they will be available for a longer time. From my experience, and over time, I have noticed that Barracuda appliances do not store logs for a very long time. What this means is that people have to buy the Barracuda Reporting Server. This is quite expensive, at three or four times the price of the equipment. So, if users have only one or two appliances then it doesn't make sense for them to buy a Reporting Server. If they decide to export those logs from the Barracuda appliance to a SIEM then the format of the report gets lost because Barracuda has custom reports. Where I used to work, our logs would last for about one week. However, where I am now, we do not have logs beyond one day.

it_user1030257 - PeerSpot reviewer
Real User
2019-06-26T05:25:00Z
Jun 26, 2019

The solution could use more reports.

Barracuda Web Application Firewall is a game-changing cloud-connected security solution that enables organizations to safeguard both their applications and their data from an ever-growing array of advanced cyber threats. It offers protection from cyber attacks that target not only data and applications stored on the cloud but also those that are housed on web servers. 43% of the time a breach takes place via a compromised application. Barracuda Web Application Firewall prevents these types...
Download Barracuda Web Application Firewall ReportRead more