IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Barracuda NextGen Firewall F80 review

A fine range of network security measures for the price, but tempered by a steep learning curve

IT Pro Recommended
  • Buckets of application rules; Good real-time monitoring;
  • Dense, cluttered admin console; No anti-spam protection;

Barracuda's latest NextGen F-Series firewalls look like the perfect choice for small and medium-sized businesses that require the toughest network security, while sophisticated traffic shaping and quality-of-service (QoS) features put the focus firmly on optimising access to cloud-based apps.

The NextGen Firewall F80 on review has a claimed 500Mbits/sec IPS throughput that should be sufficient for the recommended 50-user limit. Moreover, the price includes one-year subscriptions to Barracuda's full web security, advanced threat protection, Energize Updates and instant replacement services.

The integral wireless access point (AP) is of the single-band 2.4GHz 802.11n variety, capable of presenting multiple virtual SSIDs. Anti-spam protection isn't available on this model - if you need this, look instead at the F180 and models above that.

However, Barracuda's Advanced Threat Detection (ATD) feature does combat the latest malware and zero-day exploits. It checks hashes of incoming files to confirm they're safe and, if any are unknown, it uses cloud-based sandbox technology to safely analyse them before they can pass through.

The device doesn't have a web interface and is managed individually through Barracuda's NG Admin portable client, or through the optional NG Control Center, which provides a single interface for multiple appliances.

The NG Admin wizard either creates a transparent bridge across the first two Gigabit ports for evaluation purposes, or sets it up in routing mode for production environments. Both modes only take a few seconds to configure - but take a deep breath, as it gets much harder from here on in.

The NG Admin console isn't very intuitive, and the sheer range of security features on offer makes some of them hard to find. Furthermore, each change requires the relevant configuration page to be unlocked for write access and subsequent modifications saved to the appliance and then activated.

The dashboard provides a complete status of all services and plenty of real-time activity graphs. Its Firewall tab shows the primary permitted and blocked applications, as well as URL categories and the latest threats. Courtesy of a vector chart, you can also see the geolocations from which they emanated.

The real-time views provide impressive levels of detail on traffic and apps, and PDF reports can be easily generated using the free NG Report Creator tool. We linked it to our appliance and scheduled regular reports to be emailed on topics such as the most frequently blocked apps and the latest detected threats.

Firewall rules comprise sources, destinations, services and action policies, in each of which we enabled application controls, URL filtering, SSL interception and ATD. For URL filtering, Barracuda provides around 100 categories.

We created a range of firewall objects with different sets of blocked categories, which we enforced using application rules, of which there are hundreds. Facebook alone has 12 options for controlling logins and allowing or denying access to chat, file transfer, video calls, posts and more.

For mobile users, the CudaLaunch app comes with the optional Remote Access subscription and provides an SSL VPN portal for iOS and Android, with quick links to favoured apps. Moreover, guest wireless users can be redirected to a custom web portal complete with an acceptable-use policy (AUP) agreement.

Antivirus settings are applied globally, through which we enabled both the Avira and ClamAV engines (they can also run separately). Global ATD policies are configured from here, and it was up to us whether Office documents, PDFs and ZIP archives were uploaded to the cloud and scanned first, or delivered first and then scanned.

The F80 is tricky to configure and it loses points for the lack of spam protection. However, it remains good value and offers frontline protection against the latest malware, as well as a remarkable level of control over web apps.

This review originally appeared in PC Pro issue 259


The F80 is tricky to configure and it loses points for the lack of spam protection. However, it remains good value and offers frontline protection against the latest malware, as well as a remarkable level of control over web apps.

Desktop chassis

1.7GHz Intel Atom C2358


4 x Gigabit Ethernet

802.11n wireless


4 x USB 2

RJ45 serial

External PSU

NG Admin and Control Center management

274 x 162 x 44mm (WDH)

Options: appliance and all services/3yr, £2,274 exc VAT

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Most Popular

Europe's first autonomous petrol station opens in Lisbon

Europe's first autonomous petrol station opens in Lisbon

23 May 2022
16 ways to speed up your laptop

16 ways to speed up your laptop

13 May 2022
Nvidia pauses hiring to help cope with inflation
Careers & training

Nvidia pauses hiring to help cope with inflation

23 May 2022