Barracuda Web Application Firewall’s most valuable features are real-time threat detection and automatic security updates.
IT Project Manager at Brilliant telecommunications
Has good technical support services, but the functionality is complicated to understand
Pros and Cons
- "It significantly improved our overall web security posture, addressing intrusions and enhancing control over web URLs in our environment."
- "The platform's pricing needs improvement."
What is most valuable?
What needs improvement?
The platform's pricing needs improvement.
How are customer service and support?
The technical support services are good.
How would you rate customer service and support?
Neutral
Buyer's Guide
Barracuda Web Application Firewall
November 2024
Learn what your peers think about Barracuda Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
Which solution did I use previously and why did I switch?
I have used Fortinet before. It has efficient AI capabilities compared to Barracuda.
What was our ROI?
The product has generated around 10% of return on investment.
What's my experience with pricing, setup cost, and licensing?
The product is expensive. It is overpriced.
What other advice do I have?
The product works effectively. However, it is complicated to understand and requires essential knowledge. It significantly improved our overall web security posture, addressing intrusions and enhancing control over web URLs in our environment. We can identify and block malicious URLs. With proper training, it is easy to manage templates and policies for this tool. They provide comprehensive documentation and training courses available for free on their website. It has good features for forensic analysis and reporting. It has a user-friendly interface and seamless integration with SQL.
I rate it a seven out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Last updated: Mar 4, 2024
Flag as inappropriateSr IT Manager at a financial services firm with 11-50 employees
Stable product with a simple setup process
Pros and Cons
- "The product has fantastic support services."
- "We encountered a few glitches while implementing API security features into the product."
What is most valuable?
The product has fantastic support services. It provides complex solutions, including block mode and other default protection features.
What needs improvement?
We encountered a few glitches while implementing API security features into the product. Secondly, they could provide transparency for different types of protection parameters available. It will be beneficial if there is some visibility for the same. We faced some downtime issues the last two times due to Barracuda infrastructure. Thus, we are searching for alternate WAF solutions.
For how long have I used the solution?
We have been using Barracuda Web Application Firewall for two years.
What do I think about the stability of the solution?
I rate the platform's stability a ten out of ten.
What do I think about the scalability of the solution?
I rate the product's scalability nine out of ten. It is suitable for enterprise businesses.
How are customer service and support?
The technical support services are fantastic. They share the knowledge transparently. This feature is more exceptional than that of other vendors.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup process is simple. We have deployed the product on the cloud.
What other advice do I have?
I rate Barracuda Web Application Firewall a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Barracuda Web Application Firewall
November 2024
Learn what your peers think about Barracuda Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
Network Security and Infrastructure Engineer at LDC
Good security for layer seven but repeat issues with appliance failures and system crashes
Pros and Cons
- "The solution ensures layer seven is secure from attacks."
- "There are issues when upgrading firewalls and we experience different issues across customers."
What is our primary use case?
Our company uses the solution to provide customers with a proxy service that secures transcriptions as part of a seven-layer process. We currently provide this service to twenty customers.
What is most valuable?
The solution ensures layer seven is secure from attacks.
The scripting is good.
What needs improvement?
Layer four could be more secure like layer seven to prevent HTTP and HTTPS attacks.
There are issues when upgrading firewalls and we experience different issues across customers. The communication metrics, ports, traffic, source, destination, and service must be enabled to upgrade firmware but there is no documentation or article for opening the communication matrix to upgrade smoothly.
STM crashes are a repeat issue and they wipe out appliances. Each time, we have to open a ticket with support and get Apache to fix the issue. It is unclear why appliances have issues or fail and need to be recovered with Apache.
Firmware upgrades cause automatic configuration changes without providing notifications. Configurations such as ports should not be changed automatically because they negatively affect customers. One customer's configuration issue was within the third layer and took seven days to solve. Support mitigation and work describes policies created automatically after upgrading firewalls but we already created and want to retain our own policies.
For how long have I used the solution?
I have been using the solution for two years.
What do I think about the stability of the solution?
The solution is stable but ongoing issues with appliance failures, system crashes, and upgrading firmware affect its smooth operation.
How are customer service and support?
I opened a support ticket for resolving issues when upgrading firewalls. Support could not get to the issue and did not inform me to check traffic on the firewall. It is important to determine what is plugged in when a parameter is trying to communicate outside to download and upgrade firmware to the latest version. The issue was ongoing for three months until I accidently detected it myself.
Tickets are not solved in one day and sometimes I have to close tickets without any solution from support. Only tickets at the second or third escalation level receive support.
How was the initial setup?
The setup is straightforward and installation can be finished in one day.
What about the implementation team?
We implement the solution for customers.
What's my experience with pricing, setup cost, and licensing?
The solution is based on a licensing model and might be $360 for the hybrid version.
Which other solutions did I evaluate?
We have to migrate to another vendor because the solution no longer supports issues with the stack hub.
We are a partner with Barracuda so recommend the application firewall to our customers but we now have thirteen customers who use Azure stack hub and cannot receive support. We communicated this issue with Barracuda's Middle East management and they suggested using a container as a service. We tried this in our lab but had issues with the installation which we finally resolved. We have some concerns about data being exposed because it is in the cloud. Our customers are administrators and will not accept their data being exposed.
We would rather work with Barracuda because we have experience with their application firewalls and that makes it easier to support customers. We will have to go to another vendor and take classes to become experts.
What other advice do I have?
I rate the solution a seven out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Manager, Systems, Information Technology at Icddr, b
It's easy to set up but they should improve their performance, support, and their upgrades
Pros and Cons
- "You don't need help from Barracuda to help with the deployment. The deployment is easy."
- "They could improve their performance, support, and their upgrades. Their updates used to be good. Their improvements were right on the money but nowadays, the updates are minor."
What needs improvement?
They could improve their performance, support, and their upgrades. Their updates used to be good. Their improvements were right on the money but nowadays, the updates are minor.
I don't really like the product. They restricted the number of servers we can protect. They restrict how many servers you can protect based on appliance.
They also don't support additional ATP. Customers also want ATP. They want something extra apart from the basic security package.
Their appliances are very cheap. The quality is not that good. Their appliances should be more robust.
For how long have I used the solution?
I have been using this solution for a year.
What do I think about the stability of the solution?
The backend server capability is low. It's risky to put extra servers behind it because it may or may not protect it. The workload is not that high.
It has worked fine until now. We have some projects that are overloaded. In the next phase, I will remove some servers and add one or two servers from our project team.
What do I think about the scalability of the solution?
I have not tested out the scalability.
The software is running 24/7.
How are customer service and technical support?
I am not satisfied with the support. It used to be better.
How was the initial setup?
You don't need help from Barracuda to help with the deployment. The deployment is easy. We deployed them all by ourselves. It took some research through the manuals and documentation to find the best way to deploy for your infrastructure. The research took two to three days and then it took another two to three days to install it. By 7-8 days we were ready to do a soft launch. We did the rest within a month.
We only needed one team member to deploy it. I worked alongside him so that I could also understand it.
What's my experience with pricing, setup cost, and licensing?
There are costs in addition to the standard licensing.
What other advice do I have?
I would rate it a five out of ten.
My advice would be to explore the market. There are many good players. If a solution is on the higher side, it could be a better investment.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Systems & Security Administrator at a maritime company with 501-1,000 employees
Useful to offer protection to websites
Pros and Cons
- "The solution's most valuable feature is that it actually protects our website, and it provides all the required security functions."
- "I have to go to an individual obligation, make changes, and come out, and go to the next obligation and make the same changes. There is no grouping option."
What is our primary use case?
I use the solution in my company to protect our website.
What is most valuable?
The solution's most valuable feature is that it actually protects our website, and it provides all the required security functions.
What needs improvement?
When we have multiple applications in Barracuda, everything is not managed in a single place. For example, Suppose I have four applications and want to make a common change across them. In the aforementioned case, it is not supported at the moment, and I have to go to individual applications and make changes.
Suppose I have four applications in the product and want to make similar changes in all of them together. In the aforementioned case, it is not possible to do anything with Barracuda Web Application Firewall.
I have to go to an individual obligation, make changes, and come out, and go to the next obligation and make the same changes. There is no grouping option.
For how long have I used the solution?
I have been using Barracuda Web Application Firewall for six months. I am an end-user of the tool.
What do I think about the stability of the solution?
It is a mostly stable tool. I rate the stability as a nine out of ten.
What do I think about the scalability of the solution?
I rate the scalability as an eight out of ten.
The number of users depends on the public who are accessing our website. It all depends on the popularity, so I can't say the number here. Let us say that there are probably thousands of users.
How are customer service and support?
The solution's technical support is good. There is a delay in the response time when it comes to the support part. I rate the technical support a seven out of ten.
How would you rate customer service and support?
Neutral
How was the initial setup?
The product's initial setup phase is easy, but one needs some background knowledge. In terms of security products, one needs some background knowledge of the security practices. Nobody cannot configure the tool. Some certifications and technical knowledge is required to use the tool.
Depending on the person's knowledge of security, I can rate the setup phase as an eight on a one to ten scale, where ten means it is a very easy process.
The solution is deployed on the hybrid cloud.
The time required to deploy the solution depends on how many servers you want to set up in the hybrid environment. There are different components underneath it. There is no common time frame for the deployment. It all varies on a case-to-case basis, depending on how many deployments you are running in a hybrid environment and what services are offered to the user in the hybrid environment. We can't tell you the specific time for the deployment.
What's my experience with pricing, setup cost, and licensing?
Cost is a bit on the higher side. Big companies can afford it.
What other advice do I have?
The product offers protection against web exploitation. With code injection and SQL injection, everything is covered in the tool.
My company has around four applications on Barracuda Web Application Firewall. Everything has been working smoothly with the tool.
Speaking about AI-driven security measures, I would say that the solution has its own in-built machine learning techniques, so we are not using any other solution or AI solution, as it is all integrated with Barracuda Web Application Firewall itself.
Though it is a costly tool, it is a good product that is stable, secure and offers good protection.
I rate the tool an eight out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Jun 27, 2024
Flag as inappropriateIT Administrator at SPSP
A scalable solution that protects internal applications from cybersecurity threats and provides fantastic technical support
Pros and Cons
- "Parameter Protection is a valuable feature."
- "We get false positives about phishing emails."
What is our primary use case?
We use the solution to protect our internal applications from cybersecurity threats.
What is most valuable?
Parameter Protection is a valuable feature. Most of the features are quite useful. It is a helpful tool. It helped us with penetration testing.
What needs improvement?
We get false positives about phishing emails. The vendor must improve Barracuda Email Security Gateway.
For how long have I used the solution?
I am using the solution currently.
What do I think about the stability of the solution?
The tool is quite stable. I have no issues with it. It depends on the fine-tuning of customized applications based on our requirements.
What do I think about the scalability of the solution?
The solution is scalable.
How are customer service and support?
The technical support is fantastic.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup was easy. However, we needed to do some fine-tuning in the applications. It was not difficult.
What other advice do I have?
Overall, I rate the tool a ten out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network secur eng at Qatar Free Zone
Great technical support, good stability, and offers reasonable pricing
Pros and Cons
- "Even when we were upgrading to a new OS, we didn't have any difficulties with the product. The stability is good."
- "While the UI is good, it can get a little bit complicated."
What is our primary use case?
We primarily use this solution for security purposes. We use it as a firewall.
What is most valuable?
The interface is great. It's one of the most valuable aspects of the solution.
The visibility we are able to achieve is quite good.
The traffic monitoring is very helpful and the URL filtering has been excellent.
Even when we were upgrading to a new OS, we didn't have any difficulties with the product. The stability is good.
We have found that the technical support is very good.
The pricing of the product isn't overly expensive.
What needs improvement?
While the UI is good, it can get a little bit complicated. It's not like Next-Gen Firewalls. I need to remember all of the tabs. The sub-tabs should be at the right as they are in the Next-Gen. Mostly, Next-Gen firewalls have everything on the left panel and it will reappear. It would be nice if there was a little more consistency.
I only really have one year of experience with the solution. Therefore, it's hard to discuss missing features. I need more time to explore the product first.
For how long have I used the solution?
I have been using the solution for one year.
What do I think about the stability of the solution?
We haven't had any issues with the stability or the performance, even when switching to a new OS. It's reliable. There are no bugs or glitches. It doesn't crash or freeze.
What do I think about the scalability of the solution?
While the solution may be scalable, I don't have enough background to really comment. I haven't been involved in scaling.
How are customer service and technical support?
Technical support is quite good. That's the main reason everyone is shifting to Barracuda.
It's from India. I'm in the Middle East. Even though the product is from the UAE, the Middle East, the support is from India. They have good engineers that are well-trained. That said, if you need an L3 issue resolved, those engineers are from other regions. Typically an Indian tech will communicate with the other region directly. The support in the case of L3s likely comes from Europe. In any case, everyone is very helpful and responsive, and we are satisfied with the level of support.
How was the initial setup?
The initial setup is not overly complex or difficult. It's easy enough to execute. That said, the burden has to be getting a bit of the knowledge in regards to routing. That's a tricky area. However, it's pretty much the same as a Next-Gen Firewall configuration.
What's my experience with pricing, setup cost, and licensing?
The pricing is okay, however, there are a few other competitors that are a little bit lower. It's still reasonable.
What other advice do I have?
I'm an end-user and a customer.
I would rate the solution at an eight out of ten. Sometimes the solution can be tricky around filtering, which is why I don't give it perfect marks.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CTO at GCET
Fantastic backend support and is easy to deploy
Pros and Cons
- "The stability of the solution is good. I don't think we've experienced bugs, crashes, or glitches."
- "The reporting aspect of the solution needs improvement. I don't find that it's very good. They could do some work on it to make it much better. It's not that the reporting isn't secure. It's just that I would prefer to store my reports for an extended period of time. Right now, that's not possible and I'd prefer it if that could change. I also would say that the reports themselves are expensive."
What is most valuable?
One of the best aspects of the solution is the support provided. Their backend support is fantastic. I've found it's superior to other products, including Cisco. The way the support team treats its customers is great. They really walk you through everything and show you how easy it is to mend issues.
I find the solution to be easy to deploy. You don't need too much technical skill, so you don't need an expert level of understanding.
What needs improvement?
The reporting aspect of the solution needs improvement. I don't find that it's very good. They could do some work on it to make it much better. It's not that the reporting isn't secure. It's just that I would prefer to store my reports for an extended period of time. Right now, that's not possible and I'd prefer it if that could change. I also would say that the reports themselves are expensive.
For how long have I used the solution?
I've been using the solution since 2009. It's been just over ten years now.
What do I think about the stability of the solution?
The stability of the solution is good. I don't think we've experienced bugs, crashes, or glitches.
What do I think about the scalability of the solution?
Scalability with the solution is good. It just requires more licenses, like every other product. If you only apply for the environment, it's scalable with the licenses you have. If you're on the physical appliance, you just have to scale it up by pressing the appliance. It probably won't be just deployed on Azure, because we would need to add more licenses.
We've been adding to our system for a while ago, and we haven't run into any issues with continuing to scale.
How are customer service and technical support?
The technical support offered by Barracuda is excellent. It's one of the greatest selling points of the solution, They are very supportive and help answer any questions we have.
Which solution did I use previously and why did I switch?
I have previous experience using Cisco.
How was the initial setup?
The solution doesn't require a user to be too technical. I would say the initial setup is very straightforward. The deployment is easy. It's not what I would call complex in any way.
What's my experience with pricing, setup cost, and licensing?
Overall, I would say that I'm satisfied with the pricing. It's got a good range of pricing, and the cost matches the quality level you get out of the solution.
What other advice do I have?
I used to be a customer before, however, now I am partners with Barracuda.
We use both on-premises and public cloud deployment models.
Overall, I'd give the solution a nine out of ten. I'd give it full marks, but it does have issues on the reporting side. The reports are a lot more expensive, even more so than the work itself. That's why I did not give it a 10.
That said, I would recommend Barracuda Firewalls to anybody, any day of the week. They're fantastic.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Buyer's Guide
Download our free Barracuda Web Application Firewall Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Web Application Firewall (WAF)Popular Comparisons
Prisma Cloud by Palo Alto Networks
Microsoft Azure Application Gateway
Azure Front Door
F5 BIG-IP Local Traffic Manager (LTM)
F5 Advanced WAF
Fortinet FortiWeb
Imperva Web Application Firewall
Kemp LoadMaster
Radware Alteon
Buyer's Guide
Download our free Barracuda Web Application Firewall Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Imperva WAF vs. Barracuda: Which One is Better?
- Which is better, Barracuda Web Application Firewall or F5 Advanced WAF?
- Which WAF solution would you recommend to cater to 100 to 125 concurrent sessions?
- What do you recommend for a securing Web Application?
- Fortinet vs Sophos? Help choose a NGFW solution that can replace Microsoft TMG.
- Imperva WAF vs. Barracuda: Which One is Better?
- F5 vs. Imperva WAF?
- When should companies use SSL Inspection?
- NGFW with URL Filtering vs Web Proxy
- How does a WAF help to protect against DDoS attacks?