Barracuda NextGen Firewall F180 review

Affordable enterprise-level security

Price
£1,599
  • Tough security measures; ATD; Cloud app controls; Informative dashboard
  • Complex configuration; Confusing array of pricing plans for the many optional features

Barracuda's latest NextGen F-Series of firewalls is aimed firmly at SMBs and scenarios such as branch office deployments. Four new desktop models join this big family of appliances and are designed to offer enterprise features such as advanced traffic optimisation and cloud app controls.

The F180 on review can handle around 75 users with all security services enabled or up to 150 users if it's deployed purely for secure remote access. Network options look good as it teams up six Gigabit Ethernet ports with an integral 8-port switch and adds 802.11n wireless services.

Barracuda has attempted to streamline its various subscriptions to avoid any hidden costs, but there are still far too many options to plough through. The F180 hardware costs 1,599 ex VAT. This includes the base license' which includes firewall, anti-spam, mail gateway and basic VPN server functions. To get updates for this though, you'll need an Energize Update subscription. A one-year Energize Update subscription costs 299, as does the separate Instant Replacement service which is essentially a next business day replacement warranty service for faulty hardware.

Barracuda has attempted to streamline its various subscriptions to avoid any hidden costs, but there are still far too many options to plough through

Advertisement
Advertisement - Article continues below

Mail gateway and anti-spam services, which are only available on the F180 and larger models, are included in the base license. The web security service costs another 498 per year and includes Barracuda's web filter and malware protection.

You also get IPSec VPN services included in the base license, but if you want Barracuda's slick CudaLaunch SSL VPN portal then you'll need a Premium Remote Access subscription which costs 169 for one year. There's more as Barracuda's new Advanced Threat Detection (ATD) service adds another 299 to the yearly bill.

A steep learning curve 

Barracuda claims the NextGen appliances are easy to configure, but we beg to differ. The F180 doesn't have a web interface. You manage individual firewalls using Barracuda's NG Admin portable client (which can be run off a USB flash drive), while multiple firewalls can be managed using the optional NG Control Center VM instead.

Initial deployment is hassle-free as NG Admin fires up a wizard on first contact with the appliance. It creates a transparent bridge across the first two Gigabit Ethernet ports for evaluation purposes or sets it up in routing mode for production environments.

It get a lot trickier from here on in, mainly due to the overwhelming range of security features on offer. Each modification also requires the relevant configuration page to be unlocked for write access. Subsequent modifications have to be saved to the appliance and then activated.

NG Admin can get very busy but its dashboard does provide a lot of useful information

Even so, we were impressed with the dashboard which provides a complete overview of all services and updates, a real-time traffic graph and alerts on major security events. The Firewall tab shows allowed and blocked applications and URL categories as well as the latest threats. The use of widgets means the view can be customised to suit.

Rules for everything 

Firewall rules comprise sources, destinations, services plus action policies. Within each one, you can enable application controls, URL filtering, SSL interception and ATD. Barracuda provides around 100 URL filtering categories and we created a range of firewall objects with different sets of blocked categories, enforcing them with application rules.

Barracuda provides a fine choice of URL categories for web filtering policies

Rules also control selected applications and Barracuda offers predefined rules for hundreds of apps, ready for use. Naturally, Twitter and Facebook are present with the latter providing twelve entries for controlling various social networking activities. Application rules can also be used to allow access to apps during specific times and apply QoS profiles to throttle or prioritise their traffic.

Barracuda's controls allow you to fine tune access to a wide range of business cloud apps

Advertisement
Advertisement - Article continues below

For anti-virus scanning, you can globally enable the Avira or ClamAV scanning engines on all policies. If performance isn't an issue, you can have them both active.

Wireless traffic will be subjected to all firewall checks and guest users can be redirected to a custom web portal complete with AUP agreement.

Anti-spam setup takes a little longer as we had to create mail gateway and spam filter services first as they aren't enabled by default. Along with scanning mail and sending it on to an internal mail server, there's also an option in the mail gateway service to transparently scan POP3 traffic.

Advanced Threat Detection 

ATD combats the latest malware threats and zero-day exploits by using Barracuda's cloud-based sandbox technology to safely execute and analyse files to determine if they're safe. It's easy enough to configure as you decide whether files, such as Office docs, PDFs and ZIP archives, are uploaded to the cloud and scanned first or delivered and then scanned. 

After testing ATD, we were sufficiently impressed to recommend it highly. It has its own dashboard status widget where we could see files being uploaded for scanning and those being blocked. We could also manually upload files and have them checked.

ATD produced a damning report on the suspect email attachment we gave it to check

We tried this out by uploading a suspect email attachment to the ATD cloud server and found its diagnosis chilling. The ATD report concluded that if the file had been opened, it would have run an external program, injected code into Chrome and Firefox, attempted to download executable content the list just went on and on.

Conclusions

We found the complex configuration could be very trying at times, but there's no doubting the F180's credentials. This firewall has some of the best security features available at this price. 

The NG Admin dashboard is very informative while ATD and the app controls were particularly impressive. Businesses that rely on cloud applications will find Barracuda's granular approach to network security a good fit. 

Verdict

It’s not the easiest to configure, but Barracuda’s NextGen Firewall F180 is packed to the gills with great security making it good value

Advertisement
Advertisement - Article continues below

Chassis: Desktop

Network: 6 x Gigabit Ethernet, 8-port Gigabit Ethernet switch, 802.11n wireless

Storage: 80GB

Other ports: 4 x USB 2, VGA, RJ-45 console port

Power: External PSU

Management: Barracuda NG Admin, NG Control Center

Warranty: Included in Instant Replacement 

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/business-strategy/digital-transformation/354201/boston-dynamics-dog-like-robots-sniff-out-bombs-for
digital transformation

Boston Dynamics dog-like robots sniff out bombs for Massachusetts police

26 Nov 2019
Visit/mobile/google-android/354189/samsung-galaxy-a90-5g-review-simply-the-best-value-5g-phone
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019
Visit/mobile/mobile-phones/354222/samsung-sails-past-apples-market-share-despite-smartphone-market-slump
Mobile Phones

Samsung sails past Apple's market share despite smartphone market slump

28 Nov 2019
Visit/hardware/354232/raspberry-pi-4-owners-complain-of-broken-wi-fi-when-using-hdmi
Hardware

Raspberry Pi 4 owners complain of broken Wi-Fi when using HDMI

29 Nov 2019