Barracuda CloudGen Firewall F280 identifies and blocks advanced evasion and obfuscation tactics, enhancing network security with comprehensive and real-time network protection. This multi-layered security product examines packets as they are passed and opened and then cross-references protocol-compliant packages with defined firewall rules. The high performance, stateful, deep packet inspection engine protects against a broad range of threats, vulnerabilities, and exploits. It also has sufficient flexibility to accommodate any infrastructure, including Industrial Internet of Things, Operational Technology, and Industrial Cyber Security use cases.
CloudGen Firewall goes beyond mere traffic intelligence. It distributes workloads and offers scalable central management and advanced security capabilities, such as extended protection against zero-day attacks. It also deeply integrates with public cloud platforms and covers public cloud use cases, delivering true automation across all platforms and optimized connectivity with secure SD-WAN capabilities.
Its advanced threat protection supports various protocols and includes on-box IPS, malware protection, and hash database. The machine learning engine conducts CPU emulation sandboxing for static, behavioral, and signature analyses to drive quick results and optimized threat detection. Administrators may further tailor threat detection to suit their established business needs and practices by choosing between two filetype policy options: scan-then-deliver or deliver-then-scan.
The product has a configurable dashboard and even has the added flexibility of using customized scripts, but we did encounter some problems with it. The search feature lacks some of the more advanced filtering options that we have seen with other products. The other products also make the CloudGen web interface design look dated by comparison. However, after taking the time to familiarize ourselves with CloudGen, we could navigate the interface and configure the platform successfully. The Firewall View shows all traffic passing through the firewall in real time, displaying extensive information from source ports to destinations. Administrators may change the quality of service to prioritize or deprioritize session bandwidths to shape traffic as they see fit.
Several exportable, predefined reports show useful information and insights into certain activities, such as the identities of users who have attempted to download malicious files and why particular files have been categorized as malicious. The system also offers sufficient logging information with search functionality to facilitate investigations.
Overall, security pros will find the Barracuda CloudGen Firewall a sound, centrally managed, VPN-based UTM product that offers security as well as simple, drag-and-drop configuration functionality. We are especially impressed with the powerful troubleshooting tool that displays a history of reasons for timed out connections, helping analysts identify problems quickly. CloudGen even has Perl Scripting capabilities, an ideal feature for advanced users who desire more complex troubleshooting. The same image runs on all models (hardware, virtual, and cloud) so the deployment options are transparent, and firmware upgrades and maintenance are readily available. Despite having some trouble navigating the interface, we believe that this UTM product offers an array of features that will help any organization willing to endure its moderate learning curve.
The product costs $3,273.27 and includes access to a knowledgebase with robust supplemental documentation and helpful online classes. However, it does not include no-cost support. A one-year subscription of basic support is available for an additional $605.16. Other levels of support, such as phone, email, and website support, are available for a fee.
Written by Katelyn Dunn
Tested by Tom Weil