What needs improvement with Barracuda Web Application Firewall?
Thanks for sharing your thoughts with the community!
Ability to store logs for a longer time. Buying the Reporting server escalates costs and places solution above SMMs
I think the main area for improvement in this product is learning it, as can be seen when comparing it to the F5 web application firewall. F5 has a very powerful learning phase when you start using your web application firewall against your site. The company at this time collects information and parameters about all requests, such as: file downloads, file uploads, authentication, authorization processes, etc. During this period, F5 provides you with the ability to collect most of the necessary information to make a security provision for your web application firewall. Barracuda has something like this, but not with the same functionality from my point of view. Barracuda is a little bit lower in comparison with other web application firewalls, so the best way to improve Barracuda is to develop and add new features in this area. A good point for developing this area is to describe some particular use cases. For example, the implementation demands configuration of the application in conjunction with Web Application Firewall to make it available and hosted on the internal web services of Azure. It would be great to have instructions for Barracuda with Azure infrastructure, so we could get a step-by-step manual starting from the creation of the application interface and finishing with the available site including Barracuda. We implemented Barracuda Web Application Firewall and we see who checks the whole process. Each part of this manual relates to a particular service, but it would still help those who implement it to be quicker. The bottom line is I would like to see an improved learning model to make the creation of the first policy easier and more transparent for an engineer.
The usability of the interface could be improved. The interface is not easy to use or to configure. A feature that could be very powerful would be the capability to provide the monitoring of the security analogies, and proactive alerts in case of potential issues. The firewall protects and logs, but does not provide you with an analogy on that data.
I would like to see an improved capacity to store logs so that they will be available for a longer time. From my experience, and over time, I have noticed that Barracuda appliances do not store logs for a very long time. What this means is that people have to buy the Barracuda Reporting Server. This is quite expensive, at three or four times the price of the equipment. So, if users have only one or two appliances then it doesn't make sense for them to buy a Reporting Server. If they decide to export those logs from the Barracuda appliance to a SIEM then the format of the report gets lost because Barracuda has custom reports. Where I used to work, our logs would last for about one week. However, where I am now, we do not have logs beyond one day.
The solution could use more reports.
I would like to see better controlling of the traffic.
I would like this solution to be more detective of the needs of the organization.
This product could easily progress to be among the industry leaders. I think they need to improve enterprise level automation. It integrates with a small number of vulnerability scanners, so report results should be imported manually; same for SIEM integration.