Barracuda Web Application Firewall Review
Give us visibility into server connections/sessions, real-time alerts, KPIs


What is our primary use case?

I have two primary use cases, one for a bank and the other one for an operator. I will speak about the bank case. The environment is very critical: securing an e-banking server and SMS banking.

How has it helped my organization?

This product gives us visibility into what is going on in two servers, including connections and sessions, real-time alerts, very good reporting, and KPIs.

It makes managing security of a critical server very easy with a friendly GUI.

What is most valuable?

There is no one special feature, but the WAF itself is valuable: user-friendly protection against web attacks etc., authentication, reporting, accountability, alerting, and hardened OS.

What needs improvement?

This product could easily progress to be among the industry leaders. I think they need to improve enterprise level automation. It integrates with a small number of vulnerability scanners, so report results should be imported manually; same for SIEM integration.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

Very stable product.

What do I think about the scalability of the solution?

No issues with scalability.

How is customer service and technical support?

Best support I have ever seen. I have experience with several products and their support. Barracuda support is very special: efficient, quick replies.

How was the initial setup?

There was some complexity because it requires special configuration in addition to some network changes.

What's my experience with pricing, setup cost, and licensing?

Very good price compared to other products. Some products, like Fortinet, give you good performance as well, and their price is probably lower than Barracuda, but you should pay attention to renewal prices and options. The BWAF license includes everything, even cloud control, which requires a license in other products.

OPEX/CAPEX should be looked at closely.

Which other solutions did I evaluate?

Fortinet, but BWAF was much better.

What other advice do I have?

I would rate it a 10 out of 10 because all requirements from a product are there: very good performance, robust equipment, pentest/vul scan success, very good support. The cost to value ratio is tops.

If you have a limited budget it’s the best, and if you have an open budget why spend more since BWAF can do the job.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

Add a Comment

Guest
Why do you like it?

Sign Up with Email