• Home
  • Barracuda Web Application Firewall vs. Checkmarx One

Barracuda Web Application Firewall vs Checkmarx One vs Citrix NetScaler comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Web Application Firewall (WAF)
April 2024
Executive Summary

We performed a comparison between Barracuda Web Application Firewall, Checkmarx One, and Citrix NetScaler based on real PeerSpot user reviews.

Find out what your peers are saying about Amazon Web Services (AWS), Microsoft, F5 and others in Web Application Firewall (WAF).
To learn more, read our detailed Web Application Firewall (WAF) Report (Updated: April 2024).
Download the complete report
767,319 professionals have used our research since 2012.
Featured Review
Anonymous User
Stable, great visibility, with smooth deployment.
Our organization has improved because it has created a new layer of security analytics. Typically we used to do study code analysis, but then by... Read more →
Prakash Ganesan
A good compliance solution that is best suited to small scale applications, and suffers from stability issues
This solution helps to remediate the compliance requirements we have. The product also increases the quality of the code the developers are able to... Read more →
VivekKumar10
Good stability and offers various valuable features like WAF
Our organization doesn't use it because we're very small. However, we have deployed the service for more than 10,000 users. Our smallest customer... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The volumetric DDoS defense is very good because I had a problem with a lot of volumetric DDoS attacks on my servers. After using Barracuda, those attacks have stopped and all the traffic is going smoothly to my servers and the system is working really well.""Its recommendation about the probabilities on the website is great. It also has free probability managers for the website, which is really helpful. The protection engine, signature-based protection behavior, and analysis features are also great. It also has an ATP module for sandbox scanning and behavior analysis for file uploads.""This product gives us visibility into what is going on in two servers, including connections and sessions, real-time alerts, very good reporting, and KPIs. It makes managing security of a critical server very easy, with a friendly GUI.""The installation is straightforward.""Barracuda Web Application Firewall provides optimized performance, a user-friendly environment, helpful dashboards, and is simple to use.""The product has fantastic support services.""There is no one special feature, but the WAF itself is valuable: user-friendly protection against web attacks etc., authentication, reporting, accountability, alerting, and hardened OS.""Has a good dashboard."

More Barracuda Web Application Firewall Pros →

"The report function is the solution's greatest asset.""Overall, the ability to find vulnerabilities in the code is better than the tool that we were using before.""The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database.""We use the solution for dynamic application testing.""It's not an obstacle for developers. They can easily write their code and make it more secure with Checkmarx.""The process of remediating software security vulnerabilities can now be performed (ongoing) as portions of the application are being built in advance of being compiled.""The value you can get out of the speedy production may be worth the price tag.""One of the most valuable features is it is flexible."

More Checkmarx One Pros →

"It's very easy to configure.""We appreciate that this solution facilitates our access to Citrix internet.""Scalability is great. One of the best features of NetScaler is that it can scale out.""It is a very stable solution.""Most of the functions are user-friendly and great.""I like app flows and custom flows. They integrate with multiple flows.""Global load balancing between data centers.""The best feature of Citrix is its track record of stability in its features."

More Citrix NetScaler Pros →

Cons
"An area for improvement in Barracuda Web Application Firewall is attack identification. Other banks identified attacks and tracked logs that the solution wasn't able to identify because of its ready-made rules pre-deployed by the vendor. My organization raised this issue with the technical support team. Another area to improve in Barracuda Web Application Firewall is its service desk. The team resorted to stonewalling because they couldn't accept that a feature was missing in the solution, and it was only after a lot of drilling down that the service desk team accepted that, and would be adding that feature in the future. My organization had to submit a report to the Reserve Bank of India with information on the logs identified and the attacks that happened, and that there was a failure on the part of the Barracuda Web Application Firewall. The Reserve Bank of India conducts a tri-monthly cyber risk audit in all Indian banks. Even smaller banks identified and caught attacks that my organization wasn't able to do, so I was looking into other solutions that competitor banks could be using because Barracuda Web Application Firewall failed to identify some of the attacks.""I would like to see an improved capacity to store logs so that they will be available for a longer time.""Its interface can be better. It is not very friendly.""Barracuda Web Application Firewall's load balancing feature could be improved.""The solution needs to leverage some additional features to a broader scale of software-defined networks.""If you know nothing about networks, then you can't set it up.""Barracuda Web Application Firewall’s scalability needs improvement.""There are issues when upgrading firewalls and we experience different issues across customers."

More Barracuda Web Application Firewall Cons →

"The pricing can get a bit expensive, depending on the company's size.""In terms of dashboarding, the solution could provide a little more flexibility in terms of creating more dashboards. It has some of its own dashboards that come out of the box. However, if I have to implement my own dashboards that are aligned to my organization's requirements, that dashboarding feature has limited capability right now.""They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server.""The reports are good, but they still need to be improved considering what the UI offers.""You can't use it in the continuous delivery pipeline because the scanning takes too much time.""The plugins for the development environment have room for improvements such as for Android Studio and X code.""Micro-services need to be included in the next release.""They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."

More Checkmarx One Cons →

"The solution is a bit more expensive than some of the available solutions in this region. One solution in particular that I noticed was cheaper was Kemp.""Citrix ADC can be really complex. It isn't very simple like some other appliances that I've worked with. You need a lot of skill and experience to manage it. I'm not talking about a year or two. You need at least four years to understand it very well. It is not that easy to learn. They should make it a lot simpler for users to understand the management of it. They can also provide some additional training. The material they have on the site is not sufficient enough for you to understand how to manage it. Their training is expensive, and not everyone has the funds and experience for it. Citrix isn't very popular around these parts of the world. So, it can use some more marketing, sales, enlightenment, and advertisement. These could bring more market for them. Basically, there are just a few companies that really go for Citrix. Most of the companies go for VMware because they marketed themselves more than Citrix. There isn't much difference between Citrix and VMware. VMware is a little more robust than Citrix. Citrix has focused more on desktops rather than server virtualization, and that's the advantage VMware has over Citrix. Citrix also needs to educate and inform users about the infrastructure that is supported with a version. Currently, if the customers don't look at the datasheet, they might miss this important information.""The technical support could be improved. They do not respond or assist customers in a timely manner.""In every release - and it doesn't matter if it's a minor release or a major release - they keep moving things around and they keep changing the mechanism. So certain things can work in one version one way, and everything works really well, then when you upgrade it to the next version, it breaks everything because they have a new way of doing it.""The technical support could be better. Whenever I contacted support, I rarely got the solution that we needed. And most of the time, I finished fixing the problem by looking on the internet or by finding documents about the problem on Google.""The vendor provides frequent patches, however, the security of the website has room for improvement.""The main areas for improvement would be around documentation and support. If a feature can be used in two or three ways, show that feature being used in all of those ways. Documentation seems to only cover the primary use case and leaves you to either run through trial and error or consult the user community. In terms of support, I have never actually had them solve any of my issues. I have always solved them myself and then provided the resolution to support.""We would like to see some fairly large scale improvement in the configuration process for this solution."

More Citrix NetScaler Cons →

Pricing and Cost Advice
  • "The pricing is less compared to other web applications."
  • "They have competitive pricing."
  • "Our licensing fees are paid annually and the cost is between €600 and €800 (approximately $665.00 to $885.00 USD)."
  • "Barracuda costs us $8,000 per year. Barracuda costs $20,000 for a full subscription, when you try to protect multi-site infrastructure, in different geographical zones and for different data centers. If you have only one site, Barracuda will be cheaper."
  • "The price of this solution is okay."
  • "The price of the solution is a little expensive. There is a license for this solution and it can be purchased every one, two, or five years."
  • "While I would have to check on the price of the solution, I feel it to be okay and it matches the market price."
  • "The price is reasonable, more so than other products."

    • More Barracuda Web Application Firewall Pricing and Cost Advice →

  • "It is the right price for quality delivery."
  • "I believe pricing is better compared to other commercial tools."
  • "The pricing was not very good. This is just a framework which shouldn’t cost so much."
  • "The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security."
  • "It is a good product but a little overpriced."
  • "The license has a vague language around P1 issues and the associated support. Make sure to review these in order to align them with your organizational policies."
  • "​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
  • "We got a special offer for a 30% reduction for three years, after our first year. I think for a real source-code scanning tool, you have to add a lot of money for Open Source Analysis, and AppSec Coach (160 Euro per user per year)."

    • More Checkmarx One Pricing and Cost Advice →

  • "It's not for startups or SOHO."
  • "Costly product and complicated licensing."
  • "It all depends on the features that will be used and the number of accesses."
  • "It is true that it is a bit pricey compared to newer technologies coming to the market. For example, A10 is a load balancer that does everything that Citrix can and it does a lot more than what NetScaler does when it comes to the security space, and their prices are so cheap. Every box comes with its own license and support built into it. When you compare that with NetScaler, you have to buy licenses separately, you have to buy a support agreement that is going to be separate. A small NetScaler, even if it is a VPX which is a virtual server, could cost you close to $150,000 to $200,000 dollars. So the pricing is really high."
  • "We have been evaluating F5, Citrix, and other ADC products. Citrix is the most expense of all of them."
  • "We are quite happy with price. It's not too high."
  • "I do not have any experience with the pricing of the product."
  • "You get the value for your money. There aren't any hidden fees."

    • More Citrix NetScaler Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    See Recommendations
    767,319 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Barracuda Web Application Firewall?
    Top Answer:It significantly improved our overall web security posture, addressing intrusions and enhancing control over web URLs in… more »
    Read all 32 answers   →
    What is your primary use case for Barracuda Web Application Firewall?
    Top Answer:My company uses the tool for HTTP protection and the protection of HTTP for a particular application that is exposed to… more »
    Read all 29 answers   →
    What is your experience regarding pricing and costs for Barracuda Web App...
    Top Answer:The product is expensive. It is overpriced.
    Read all 16 answers   →
    What alternatives are there for Fortify WebInspect and Fortify SCA?
    Top Answer:I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as… more »
    Read all 4 answers   →
    What do you like most about Checkmarx?
    Top Answer:Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Checkmarx?
    Top Answer:The solution's price is high and you pay based on the number of users.
    Read all 25 answers   →
    What do you like most about Citrix ADC?
    Top Answer:The most valuable feature for us is the application firewalling in Citrix NetScaler, ensuring only valid traffic enters… more »
    Read all 56 answers   →
    What is your experience regarding pricing and costs for Citrix ADC?
    Top Answer:After deployment, Citrix Netscaler shifted to a subscription-based license scheme for support, which is slightly more… more »
    Read all 37 answers   →
    What needs improvement with Citrix ADC?
    Top Answer:Citrix NetScaler is a robust product, but mastering it requires significant learning and training due to its complexity… more »
    Read all 55 answers   →
    Ranking
    14th
    out of 79 in Web Application Firewall (WAF)
    Views
    2,727
    Comparisons
    2,232
    Reviews
    10
    Average Words per Review
    429
    Rating
    8.2
    3rd
    out of 74 in Application Security Tools
    Views
    35,279
    Comparisons
    23,132
    Reviews
    21
    Average Words per Review
    513
    Rating
    7.7
    2nd
    out of 24 in Application Delivery Controllers (ADC)
    Views
    8,953
    Comparisons
    6,844
    Reviews
    26
    Average Words per Review
    384
    Rating
    8.3
    Comparisons
    Also Known As
    Citrix ADC, NetScaler, Citrix NetScaler VPX
    Learn More
    Barracuda Networks
    Checkmarx
    Citrix
    Overview

    Barracuda Web Application Firewall is a game-changing cloud-connected security solution that enables organizations to safeguard both their applications and their data from an ever-growing array of advanced cyber threats. It offers protection from cyber attacks that target not only data and applications stored on the cloud but also those that are housed on web servers. 43% of the time a breach takes place via a compromised application. Barracuda Web Application Firewall prevents these types of breaches from occurring.

    Barracuda Web Application Firewall denies hackers the ability to penetrate your system by using a number of techniques to keep your organization safely insulated. The first method of protection consists of two parts. The first part involves a thorough scanning of all inbound web traffic. This solution monitors everything that comes into the system. It employs IP reputation intelligence, which filters all incoming data. If the source of the data has a bad reputation, it is blocked by the firewall. Administrators now have a way of locking out many common threats that could otherwise compromise sensitive networks. These scans can also allow administrators to protect their systems from within as DLP (Data Loss Prevention) protocols. If any sensitive data attempts to leave, administrators will automatically be alerted and the data will be blocked from exiting.

    Barracuda Web Application Firewall can also be set up to apply the AAA (Authentication, Authorization & Accounting) framework to an organization’s network. If an intruder manages to get past the authentication stage, the authorization protocols kick in. After the authorization stage comes accounting, which works by tracking and logging users’ activities so that administrators will be in a position to prevent long-term damage from being done. This three-step process can be implemented without requiring administrators to make changes to their applications.

    Key Features

    Some of Barracuda Web Application Firewall’s key features include:

    • The ability to employ adaptive profiling. Administrators will have an easier time enforcing security policies once this feature is enabled. It takes data from safe sources and builds profiles that can be used to create whitelisting protocols that prevent unsafe actions from occurring on the system.
    • The ability to assess threats in real time. Barracuda Web Application Firewall uses machine learning to detect new threats and attacks as they emerge.
    • The ability to manage the Barracuda Web Application Firewall system from a single interface. Administrators can manage their Barracuda Web Application Firewall configurations from one centralized location.

    Reviews from Real Users

    Barracuda Web Application Firewall stands out among its competitors for a number of reasons. One of the main ones is the robustness of the solution. Users are given access to a vast variety of security features in a single product.

    PeerSpot user Muhammed S., a Presales Solutions Architect at Hilal Computers, notes this when he writes, "The solution offers multiple security features. There are machine learning features and great URL encryption. It also offers multi-protocol support against DDoS attacks."

    Other reviewers note that Barracuda Web Application Firewall is user-friendly, easy to set up, stable, and reliable.

    Checkmarx is a highly accurate and flexible static code analysis product that allows organizations to automatically scan uncompiled code and identify hundreds of security vulnerabilities in all major coding languages and software frameworks. Checkmarx is available as a standalone product and can be effectively integrated into the software development lifecycle (SDLC) to streamline vulnerability detection and remediation. Checkmarx is trusted by leading organizations such as SAP, Samsung, and Salesforce.com.

    Checkmarx is a global leader in software security solutions for modern software development. Checkmarx delivers a comprehensive software security platform that unites with DevOps by scanning uncompiled source code for security vulnerabilities early in the development life cycle to reduce and remediate risk from software vulnerabilities. Using Checkmarx, teams avoid software security vulnerabilities managed via a single and unified dashboard without slowing down their delivery schedule.

    Checkmarx balances the needs of the entire organization, delivering seamless security from the start and throughout the entire software development life cycle. Checkmarx can be deployed on-premises in a private data center or hosted via a public cloud.

    Checkmarx Features

    Some of Checkmarx’s features include:

    • Source code scanning: Detect and repair more vulnerabilities before you release your code.

    • Open-source scanning: Find and eliminate the risks in your open-source code.

    • Interactive code scanning: Scan for vulnerabilities and runtime threats.

    • Open-source security for infrastructure as code: Identify and fix insecure IaC configurations that put your application at risk.

    Reviews from Real Users

    Checkmarx stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to secure their code with a single management dashboard and its high-speed scanning abilities.

    PeerSpot users note the effectiveness of these features. A CEO at a tech services company writes, “The most valuable features are the easy-to-understand interface, and it’s very user-friendly. We spend some time tuning to start scanning a new project, which is only a few clicks. A few simple tunes for custom rules and we can start our scan. We can do the work quickly and we don't need to compile the source code because Checkmarx does the work without compiling the project. The scanning is very quick. It's about 20,000 lines per hour, which is a good speed for scanning.”

    A director at a tech services company notes, “The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important.”

    A senior manager at a manufacturing company writes, “The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."

    Citrix NetScaler is an application delivery controller (ADC) and load-balancing solution for multi-cloud environments. Because its software and hardware form factors are all built on a single code base, Citrix NetScaler provides operational and feature consistency with comprehensive security for monolithic and microservices-based applications on-premises and in the cloud. The solution is designed to optimize, manage, and secure network traffic. Switching features, security and protection features, and network integration efficiency capabilities are all part of its feature set.

    Citrix NetScaler Features

    Citrix NetScaler has many valuable key features. Some of the most useful ones include:

    • Citrix Gateway
    • Secure Access
    • Layer 7 content switching
    • Database load balancing
    • Triscale clustering
    • E-based policy enforcement
    • Surge protection and priority queuing
    • Application acceleration
    • Application security, including DoS attack defense, content rewriting and response control, SSL encryption, and more.
    • Network Integration

    Citrix NetScaler Benefits

    There are many benefits to implementing Citrix NetScaler. Some of the biggest advantages the solution offers include:

    • Improved Application Performance: Citrix NetScaler optimizes the delivery of applications, reducing latency and improving the user experience.
    • Scalability: The solution can scale to handle large amounts of traffic, ensuring that applications are available even during periods of high demand.
    • Advanced Security: Citrix NetScaler includes a range of security features, such as SSL offloading, to help secure applications and protect against threats.
    • Availability: Load balancing and failover capabilities ensure that applications are always available, even in the event of a failure.
    • Good user experience: The solution’s Global Server Load Balancing (GSLB) ensures that users are directed to the nearest available application, reducing latency and improving the user experience.
    • Reduced costs: By improving application performance and reducing downtime, Citrix NetScaler can help organizations reduce costs associated with application delivery.
    • Agility: Citrix NetScaler makes it easier for organizations to deploy and manage applications, helping to increase the speed and efficiency of IT operations.
    • Analytics and monitoring: Provides insight into network and application performance, helping organizations to identify and resolve issues quickly.

    Reviews from Real Users

    Citrix NetScaler is a solution that stands out when compared to many of its competitors. Some of its major advantages are that it is easy to use, is robust, and has good load balancing.

    A Senior Citrix Engineer at Troye, says, “The web application firewalling component is probably the most powerful feature as it can identify attacks on the network at an application level which is quite important. There is also good functionality where we use IP reputation and geofencing to mitigate threats from the outside world.”

    “The feature that I have found most valuable is its load balancing,” explains a Security Consultant at a tech services company.

    Timur G., Team Head of Network Security at DOM.RF, writes, “The most valuable feature of Citrix ADC is its ease of use.” 

    Another PeerSpot reviewer, Nirav S., Technical Solutions Architect at MindTree, mentions, "Compared to other solutions, Citrix ADC is much more robust in terms of the native integration to cloud platforms. It is far more robust from an operational point of view as well."

    Sample Customers
    Oracle, CBS, Pioneer, Hyundai, Publix, Barnes Noble, Calzedonia, Nordstrom, Samsung, Nascar
    YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
    ABB Schweiz, Aer Lingus, AIDS Healthcare Foundation, Amnet Technology Solutions, Aramex International, Ascenty, Atos, Autodesk
    Top Industries
    REVIEWERS
    Comms Service Provider25%
    Media Company13%
    Maritime Company13%
    Wholesaler/Distributor6%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm9%
    Manufacturing Company8%
    Government8%
    REVIEWERS
    Computer Software Company31%
    Financial Services Firm19%
    Comms Service Provider9%
    Manufacturing Company9%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company15%
    Manufacturing Company9%
    Insurance Company5%
    REVIEWERS
    Computer Software Company26%
    Financial Services Firm15%
    Manufacturing Company11%
    Healthcare Company8%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Financial Services Firm13%
    Government9%
    Healthcare Company6%
    Company Size
    REVIEWERS
    Small Business67%
    Midsize Enterprise6%
    Large Enterprise28%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise19%
    Large Enterprise56%
    REVIEWERS
    Small Business38%
    Midsize Enterprise13%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise11%
    Large Enterprise72%
    REVIEWERS
    Small Business36%
    Midsize Enterprise18%
    Large Enterprise45%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise15%
    Large Enterprise63%
    Buyer's Guide
    Web Application Firewall (WAF)
    April 2024
    Download Free Report
    Find out what your peers are saying about Amazon Web Services (AWS), Microsoft, F5 and others in Web Application Firewall (WAF). Updated: April 2024.
    DOWNLOAD NOW
    767,319 professionals have used our research since 2012.