Barracuda Sentinel Review

The system is set to automatically put all phishing emails or spam-type emails it suspects are suspicious, into the junk email folder

What is our primary use case?

We only use it for one purpose, which is to catch and report phishing attacks, account takeover attacks, or domain fraud.

How has it helped my organization?

In the past, whether we got phishing emails or spam emails, they all went into our inbox. Now, the system is set to automatically put all phishing emails or spam-type emails that it doesn't block but suspects that they're suspicious, into the junk email folder. It gives users a way of giving it a second look or a second thought as to whether it is a real email or not, rather than seeing all the emails in their inbox. Now that they see it in their junk email box, they take further consideration and look at the email harder and determine if it is a phishing email.

What is most valuable?

I find the phishing protection, the account takeover protection, the forensics, and incident response to be the most valuable features. The reason is that in the past we had no way of determining account takeover. If somebody logged in from a foreign country to one of our email accounts we had no way of knowing that. Now we do.

Regarding phishing, it automatically alerts us if it detects a phishing email to one or more people. Sometimes the email might go to five or 15 people within the company, then I could easily go to the forensics and response section, immediately identify all 15 of the emails, and delete all of those emails from the user's inbox.

API based inbox defense integrates seamlessly into users' inboxes. My users don't even know that it exists. It did not require any work at all to integrate it into the user's inboxes. There was some simple setup to go through and it just integrates right into the exchange in the Cloud. It was perfect.

The AI functionality to detect and block spear phishing attacks is 95% accurate. Maybe 5% or less of the time we get a false positive, but then the system has an easy way to click on a single button that says that it was a false positive. It then learns from that.

The AI functionality to detect account takeover threats is very good. Within the first month of using it, we had an alert about an account takeover from the prior example that I mentioned, where somebody from a foreign country was trying to take over one of our user's accounts in our East Coast office. It alerted us and we were able to immediately change the password of that user's email account and control the account takeover from happening.

When the solution detects an account takeover threat it sends an email to the administrators so that we can immediately see who was attacked and we can immediately change the user's password.

It has greatly reduced the number of phishing attacks getting through. In the past six months, it has stopped over 500 phishing attacks.

What needs improvement?

In terms of improvement, I would like for some of the reporting to be a little bit more robust. There should be more options for recording and searching. For example, there should be more fields to report against, more search criteria, more date filters, etc. They should also make the searching capability a little bit more flexible.

For how long have I used the solution?

I have been using Barracuda Sentinel for about six to eight months.

What do I think about the stability of the solution?

It's very stable. It's never had a problem.

What do I think about the scalability of the solution?

We have around 150 users.

Dedicated staff is really not required for maintenance. We have an IT staff but they're not only dedicated to that. They wear many hats and this is just one of them. It takes very little resources.

How are customer service and technical support?

The technical support is excellent.

Which solution did I use previously and why did I switch?

In the past, we only had a spam filtering checklist that we subscribed to, that we no longer use.

We went with Barracuda because of its reputation, everything that it can do, and the things that it was doing that we were not doing like being able to monitor account takeover.

How was the initial setup?

The initial setup was straightforward. It took less than a couple of hours.

We deployed with the help of Barracuda's technical staff.

What was our ROI?

We have seen ROI. Especially in the case of phishing emails that ask users to buy gift cards, scratch off the back numbers, and then report back the numbers so the person can get the value of the gift cards. We've already stopped several of those emails from going through. For example, we had an instance where it looked like the CEO of the company was asking a user to buy five $100 gift cards. That would be $500 lost if the user went ahead with it and did not know that it was a phishing email.

What's my experience with pricing, setup cost, and licensing?

I think the pricing is very reasonable for the licensing of what it can do. We have not found there to be any additional costs to the standard licensing. 

Which other solutions did I evaluate?

We evaluated very few other options. We already used other Barracuda products, so we knew the reputation of Barracuda and had done our research. We liked what Barracuda had to offer.

What other advice do I have?

My advice to someone considering Barracuda Sentinel is to go ahead and do it. I see no reason why someone would not want to have the knowledge that's behind the product and the artificial intelligence that's there.

I would rate it a ten out of ten. 

**Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Add a Comment
ITCS user