Sold by: Barracuda Networks
Deployed on AWS
Free Trial
The Barracuda CloudGen WAF provides proven application security and data loss prevention for your applications on AWS. The Barracuda CloudGen WAF has achieved AWS Security competency certification and is available via metered usage-based billing.
4.5
Overview
The Barracuda CloudGen WAF detects all inbound web traffic and blocks SQL injections, cross-site scripting, malware uploads, volumetric & application DDoS, or any other attacks against your web applications. It also inspects the HTTP responses from the configured back-end servers for data loss prevention (DLP). The integrated access control engine enables administrators to create granular access control policies for Authentication, Authorization & Accounting (AAA), which gives organizations strong authentication and user control. The onboard L4/L7 load balancing capabilities enable organizations to quickly add back-end servers to scale deployments as they grow. Its application acceleration capabilities, including SSL offloading, caching, compression, and connection pooling, ensure faster application delivery of web application content. The Barracuda CloudGen WAF also supports autoscaling and bootstrapping.
NOTE: Only AMIs with version 10.x or higher version support the Elastic Network Adapters (ENA).
Highlights
- Detects and blocks SQL injections, cross-site scripting, malware uploads, volumetric & application DDoS, or any other attacks against your application. Authentication and access control gives organizations strong authentication and user control.
- Scans outbound traffic to detect sensitive data, and can either mask or block the information from being leaked out.
- Application acceleration capabilities, including caching, compression, and connection pooling for faster application delivery of web application content.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Autoscaling Cluster Deployment using AWS CFT
Latest version
Operating system
OtherLinux 2.4.9
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
t2.large Recommended | $1.318 |
m5.large | $1.318 |
m4.large | $1.318 |
t2.xlarge | $1.758 |
t3.xlarge | $1.758 |
c5.large | $1.318 |
c5.xlarge | $1.758 |
c4.large | $1.318 |
m3.medium | $1.038 |
c5.2xlarge | $2.996 |
Vendor refund policy
Terminate the instance at any time to stop incurring charges.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
- By default, the Barracuda Web Application Firewall web interface listens on HTTP/8000 and HTTPS/8443 ports so make sure these ports are added in the Inbound Rule of the security group which is associated with the Barracuda Web Application Firewall VM.
- Allow a few minutes before taking any further actions in the EC2 Portal after deploying the Barracuda Web Application Firewall. During this time the Barracuda Web Application Firewall is getting provisioned and licensed.
- Access the Barracuda Web Application Firewall using the associated Public IP/Public DNS with port 8000 over HTTP (i.e. http://<public IP>:8000)
- You will see the blue loading screen for some time and eventually you will be presented with the End User License Agreement (EULA).
- Click 'Accept' button and you will be redirected to the login page.
- Log in as 'admin' to begin configurations. Your initial password is the EC2 instance ID and can be changed later from Basic > Administration page.
For Deployment Guide and other instructions visit the Barracuda campus at https://campus.barracuda.com/product/webapplicationfirewall/article/WAF/AWS/
Support
Vendor support
Support Hours: Basic Support Hours: 8:00 AM - 5:00 PM PST, Monday through Friday.
Email and Phone Support offered 24x7 without any phone trees. You will actually speak to a live person. Please have your AWS Account ID available when you contact Barracuda Support; it is required for the support technican to assist you.
Support Phone Numbers: North America - 408 342 5300 Europe - +44 (0) 1256 300 102 Australia - +612 8019 7254 China - +86 400 720 8200 Japan - +81 3 5436 6236 India - +91 804 904 8600 Germany, Austria, Switzerland - +43 (0) 508 100 800
Support Website: https://www.barracuda.com/support
Support Email: support@barracuda.com
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Barracuda Networks
By Check Point Software Technologies
By Juniper Networks
Top
100
In Network Infrastructure, Security
Top
10
In Log Analysis, Network Infrastructure
Top
10
In Migration
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Web Application Attack Prevention
Detects and blocks SQL injections, cross-site scripting, malware uploads, volumetric and application DDoS attacks against web applications.
Data Loss Prevention
Inspects HTTP responses from back-end servers to detect sensitive data and can mask or block information from being leaked.
Authentication and Access Control
Integrated access control engine enables creation of granular Authentication, Authorization, and Accounting (AAA) policies for strong user authentication and control.
Load Balancing
Onboard Layer 4 and Layer 7 load balancing capabilities enable scaling of deployments by adding back-end servers.
Application Acceleration
Application acceleration features including SSL offloading, caching, compression, and connection pooling for faster web application content delivery.
Advanced Threat Prevention Capabilities
Firewall, Data Loss Prevention (DLP), Intrusion Prevention System (IPS), application control, IPsec VPN, URL filtering, antivirus, and anti-bot protection against known and unknown threats.
Network Traffic Inspection and Control
Inspects and secures encrypted data flows between on-premises networks and AWS VPCs, including North-South traffic entering and exiting private subnets and East-West traffic between VPCs.
Unified Security Management
Centralized management via Check Point CloudGuard Security Management Server enabling consistent policy, log, and report management across AWS, hybrid, and on-premises environments.
Infrastructure-as-Code Integration
Integrates with Terraform and Ansible for policy automation and cloud-native scaling with dynamic adaptation of security policies based on real-time cloud metadata.
AWS Service Integration
Supports Gateway Load Balancer, AWS Security Hub, VPC Ingress Routing, AWS Traffic Mirroring, AWS Transit Gateway, AWS Outposts, and Amazon Macie with deployment options including auto-scaling groups and multi-AZ redundancy.
Intrusion Detection and Prevention
Intrusion detection and prevention (IPS) capabilities for threat detection and mitigation
Application Security and Visibility
Application visibility and control through AppSecure with L4-L7 security services
VPN and Secure Connectivity
IPsec and full mesh VPN termination services for secure connectivity across on-premises data centers, campuses, branches, and geographically dispersed VPCs
Cloud-Native Integration
Integration with AWS services including Elastic Load Balancer, Auto-Scaling Groups, CloudWatch, Security Hub, Key Management Service, and Gateway Load Balancer (GWLB) with L3 gateway and L4 load balancer capabilities
Advanced Routing and Network Services
Cloud-grade routing capabilities with NAT, firewall, and network address translation services
Standard contract
No
No
No
Customer reviews
Verified User
Dependable Network Protection with Great Support
Reviewed on Feb 10, 2026
Review provided by G2
What do you like best about the product?
I find Barracuda CloudGen Firewall valuable for monitoring and controlling our network traffic. The technical support is always top notch and available, which really helps us. The initial setup was very easy, making it straightforward right from the start.
What do you dislike about the product?
I think an improvement could have to do with having some sort of log review by AI to determine if there are issues with the firewalls that are not being seen with the monitor.
What problems is the product solving and how is that benefiting you?
Barracuda CloudGen Firewall provides a single portal for firewall protection information and supports the monitoring and controlling of our network traffic.
Rajan S.
Simplified Control Centre Management with Powerful SDWAN TINA Tunnel
Reviewed on Feb 05, 2026
Review provided by G2
What do you like best about the product?
1. Simplified Management using control centre.
2. Separate management and data plane.
3. SDWAN feature with TINA Tunnel
2. Separate management and data plane.
3. SDWAN feature with TINA Tunnel
What do you dislike about the product?
1. Frequent software update causing service inconsistency.
2. Complex Configuration for new users.
2. Complex Configuration for new users.
What problems is the product solving and how is that benefiting you?
1. Branch to Central Side connectivity dependency on the pure MPLS based Technology to use of Any broadband connectivity for Site to Site SDWAN VPN tunnel.
2. Simplified management for Enterprise grade network infra.
2. Simplified management for Enterprise grade network infra.
Nar Kaji G.
Advanced Security + SD-WAN with Centralized Management and Strong VPN
Reviewed on Feb 05, 2026
Review provided by G2
What do you like best about the product?
1. Advanced Security features(IPS, Web Filtering, antimalware) along with SDWAN.
2. Cetralized Management(Seperate data and management plane)
3. VPN, SDWAN along with its own TINA VPN tunnel has added advantages.
2. Cetralized Management(Seperate data and management plane)
3. VPN, SDWAN along with its own TINA VPN tunnel has added advantages.
What do you dislike about the product?
1. Licencing and subscription model quite expensive.
2. Bugs on SDWAN features with friquent software update for bug fixing seems inconsistent.
3. Initial configuration seems quite complicated.
2. Bugs on SDWAN features with friquent software update for bug fixing seems inconsistent.
3. Initial configuration seems quite complicated.
What problems is the product solving and how is that benefiting you?
1. Branch to Central side connectivity made easy by using any broadband connection rather than depending on traditional MPLS based connectivity.
2. Clear visibiltiy of the traffic on each firewall.
3. Centralized management using controller helps efficient management.
2. Clear visibiltiy of the traffic on each firewall.
3. Centralized management using controller helps efficient management.
Tarandeep Kaur
Security management has reduced ransomware risk and now protects cloud workloads efficiently
Reviewed on Jan 05, 2026
Review from a verified AWS customer
What is our primary use case?
We primarily use Barracuda WAF-as-a-Service for raising security incidents by proactively blocking malware, ransomware, and phishing attacks to reduce breach risk and response time. Apart from that, we use it for streamlining added sites without performance drops, which also helps to support the growth of our teams. Additionally, we reduce hardware costs by decommissioning on-premises firewalls during our cloud migration with minimal disruption and a familiar UI for quick adoption.
When I mention reducing breach risk and streamlining added sites, there is one specific case I want to tell you about where Barracuda WAF-as-a-Service helped us directly. About three to four months back, there was a ransomware attack where it reportedly sent notifications to the admin panel, and Barracuda blocked the malware and phishing attack, sharing an advanced report with our team. This allowed us to directly contact the team, minimizing the risk of data breach. This was one case where we observed the benefits, and there have been multiple instances since we started using it.
What is most valuable?
The best features that Barracuda WAF-as-a-Service offers are an intuitive centralized dashboard, allowing us to manage policies, Internet protocol servers, antiviruses, anti-DDoS attacks, and traffic shaping across multiple sites. This feature enables seamless scaling of our environments, especially as we work within Amazon Web Services . Additionally, real-time threat intelligence helps us to detect threats in real-time. Another major feature I love is application control and VPN support, providing granular visibility and protection without needing separate appliances.
The centralized dashboard is helping us streamline visibility across our admin panels and provides site-to-site visibility deployed directly to our AWS environment, securing VPC traffic and ensuring the firewall is in place. The real-time threat intelligence is an advanced feature helping us track real-time attacks, such as anti-DDoS attacks, ransomware, or viruses that can compromise system integrity. Through the intuitive centralized dashboard, we can manage policies and set rules, assisting us effectively.
What needs improvement?
I see that cost can be a limitation for small businesses. Additionally, if they can provide more advanced features and customization for specific use cases, that would be beneficial. Apart from that, I do not feel there are any other problems. From our perspective, there is not an issue. All the data I have shared is in favor of Barracuda because the ROI they have given us is tremendous, and they are doing really well in terms of product, scalability, and service. We have seen that it is a great solution with no issues from our end.
For how long have I used the solution?
I have been working in my current field for more than ten years.
What do I think about the stability of the solution?
Barracuda WAF-as-a-Service is definitely a stable solution, and I give it a ten out of ten as we have not faced any downtime, crashes, or lag.
What do I think about the scalability of the solution?
Scalability is good for Barracuda WAF-as-a-Service; we can scale up or down based on our needs, as it comes with this model directly from the AWS Marketplace , which is really great.
How are customer service and support?
Customer support for Barracuda WAF-as-a-Service is rated ten out of ten. We had an incident requiring direct support, and the representatives were really helpful, resolving our query within forty-five minutes, so it stands at ten out of ten for me.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We did not use any other solution prior to Barracuda WAF-as-a-Service; this is the first time we have used this service.
How was the initial setup?
The initial deployment of Barracuda WAF-as-a-Service was really smooth. The team collaborated with our team and assisted with configuration. As we use a pay-as-you-go model, the licensing and every detail is managed well, backed by the AWS Marketplace , making it an excellent experience. Everything from provisioning to policies was set up on time, so my initial deployment experience was very positive with no issues at all.
What about the implementation team?
The integration of Barracuda WAF-as-a-Service with other AWS services is seamless. Whatever services we are using with it, including non-related software, it integrates excellently. We have not faced any downtime, crashes, or lags while using this solution.
What was our ROI?
Barracuda WAF-as-a-Service has positively impacted our organization by reducing cyber threats like ransomware and phishing by ninety-five percent. This is a significant thing because we have seen a major drop in those numbers. Earlier, we faced many threats, but now I can say we see ninety to ninety-five percent fewer attacks. Additionally, centralized management has decreased by twenty-two to thirty percent, and costs related to avoiding breaches have decreased by at least seventy percent. On the ROI side, proactive blocking has led to efficiency gains and bandwidth optimization, boosting productivity and reliability for our distributed teams by thirty-three point eight percent.
The reduction in cyber threats and the increase in productivity I mentioned earlier are measured based on incident reports. Barracuda provides good data, and as I have said, it offers a clear dashboard where we can track progress. This data is a collective set from our admin and other teams closely working with engineering and other departments.
We have seen a return on investment of at least a million dollars, which could have been lost due to data breaches or attacks on the organization by effectively blocking threats. The downtime has decreased significantly, and our efficiency has improved by twenty-two point five percent thanks to real-time monitoring and traffic optimization. Additionally, we have reduced hardware costs by fifty percent by decommissioning on-premises firewalls during cloud migration with minimal disruption and a familiar UI for quick adoption. Productivity has increased as teams can focus more, leading to a rise of forty to fifty percent.
What's my experience with pricing, setup cost, and licensing?
The metering and billing experience is really good because it operates on a pay-as-you-go model through hourly AWS billing, which includes features like the firewall and VPN. We also have a buy-your-own licensing option, which we do not utilize, sticking to AWS billing. This system allows us to pay only for what we use, saving a lot of money, so I give it a ten out of ten as it is both a money and time saver for the organization.
The pricing, setup cost, and licensing not only follow the same pay-as-you-go model but are also billed hourly by the AWS Marketplace. We select it based on our requirements, scaling up or down accordingly. This flexibility is how we have chosen this model.
Which other solutions did I evaluate?
Before selecting Barracuda WAF-as-a-Service, we evaluated other options, including AWS Network Firewall, Palo Alto Network VM-Series, Fortinet VM, a Force Firewall, and pfSense.
What other advice do I have?
I rate Barracuda WAF-as-a-Service a five out of five overall. The reason I choose five out of five is that all the things I have mentioned earlier represent a great solution for our organization. It has effectively blocked malware and phishing attacks while optimizing bandwidth for our development environment. The deployment to our client network segmentation was really great, and the SD-WAN integration with on-premises and auto-scaling clusters for loads has been working well in our Agile ceremonies. Moreover, it leverages hybrid environments, helping to reduce unauthorized access during our CI/CD pipelines and ensuring compliant data flows.
I advise anyone looking for dedicated protection for their organization, aiding in threat prevention and unifying the threat management system with high performance at low cost, to go for Barracuda WAF-as-a-Service. They are a really good service.
Nobi H.
User friendly and secure SASE system
Reviewed on Mar 27, 2025
Review provided by G2
What do you like best about the product?
The best thing I like about the Barracuda Cloud Native SASE is the zero trust network access, integrated secure gateway.
What do you dislike about the product?
There is nothing particular that I dislike about it.
What problems is the product solving and how is that benefiting you?
It Help me with Zero trust network access which is really important for Remote access for my organization.