I have been working with Barracuda Web Application Firewall for more than almost three and a half years.

Its main use case is to provide security to applications, to strengthen their security policies, to protect the applications from cyber attacks and to make them compliant against OWASP Top 10. Moreover, it allows only legitimate traffic, reduces false positives, makes application access easy, filters out non-legitimate traffic, verifies what exactly comes within the payload of the request, inspects everything that comes with a request, and fine-tunes according to the application logic based on the contents the application serves to their clients.

For example, if we consider a company that has an application with a payment gateway configured, which provides services including money transactions, we deploy Barracuda Web Application Firewall for that application. We host the service in Barracuda Web Application Firewall. When a client requests access to the application, the request goes to Barracuda Web Application Firewall first, which will verify the request contents and create a separate TCP connection to the backend server if the request is legitimate. This process protects against attacks including SQL injection or cross-site scripting, where Barracuda Web Application Firewall will block any request that matches attack signatures.

We have seen a return on investment as the manual work for monitoring attacks and generating reports is reduced significantly, saving money. Barracuda Web Application Firewall's features fulfill our requirements well, preventing us from needing to switch to more expensive vendors while still meeting our needs effectively.

For example, if we consider a company that has an application with a payment gateway configured, which provides services including money transactions, we deploy Barracuda Web Application Firewall for that application. We host the service in Barracuda Web Application Firewall. When a client requests access to the application, the request goes to Barracuda Web Application Firewall first, which will verify the request contents and create a separate TCP connection to the backend server if the request is legitimate. This process protects against attacks including SQL injection or cross-site scripting, where Barracuda Web Application Firewall will block any request that matches attack signatures.

The reporting features are quite good as they have reporting charts and dashboards that provide lists of attacks and real-time verification of those attacks, helping in better reporting by tracking requests based on time and unique endpoints.

I believe URL Profiles and Website Profiles are the most unique features offered. They create separate endpoints for each request integrated with the application, providing different security profiles based on the requirements. Moreover, the learning feature is very comprehensive, allowing us to monitor the applications before switching to protect mode, creating automatic profiles based on learned traffic, which helps to fine-tune security policy.

Barracuda Web Application Firewall's user interface automates the blocking of malicious IP addresses, reducing the manual burden. Additionally, enabling the learning feature allows for quick preparation of security profiles, creating URL profiles automatically, which significantly reduces manual intervention and false positives.

The areas where it could be better are in security profiles, where a single service can have only one policy. There is no feature to add multiple security policies for separate endpoints within the same application, and the traffic manager is not flexible enough to handle unusual traffic patterns, sometimes leading to crashes.

I believe there are improvements needed in API security and bot protection within Barracuda Web Application Firewall. Additionally, enhancing the traffic handling capabilities for unusual patterns is necessary to avoid simply relying on failovers to manage traffic efficiently.

Barracuda Web Application Firewall is stable in my experience, although as our resources grow, we might need to upgrade to different hardware solutions to maintain seamless traffic management.

The scalability of Barracuda Web Application Firewall is fine. We tend to go for higher versions to ensure we have enough resources as needed, and the VMSS feature allows for easy upgrades or scaling of virtual editions.

The support is excellent. However, regarding integrations, there are limitations with AWS, where bugs occur during integration that need fixing in order to enhance overall sales.

I believe the customer support for Barracuda Web Application Firewall is excellent, with knowledgeable and experienced technical assistance that surpasses other vendors including F5, Imperva, and Cloudflare.

I would rate customer support a solid ten, as they are consistently on top of every issue, addressing them without delays and providing excellent support twenty-four hours a day, seven days a week.

Barracuda Web Application Firewall was our first choice, and we did not deploy any other Web Application Firewall prior to using it.

We have seen a return on investment as the manual work for monitoring attacks and generating reports is reduced significantly, saving money. Barracuda Web Application Firewall's features fulfill our requirements well, preventing us from needing to switch to more expensive vendors while still meeting our needs effectively.

The pricing, setup cost, and licensing for Barracuda Web Application Firewall are reasonable. They are competitive when compared to other vendors including F5 and Imperva, who tend to have higher prices.

Before choosing Barracuda Web Application Firewall, we evaluated F5, Imperva, and Cloudflare.

If budget is a constraint and security is a priority, I advise others to consider Barracuda Web Application Firewall without hesitation. They would get the best return on investment by starting with Barracuda Web Application Firewall instead of jumping to higher-end vendors. I have provided this review with an overall rating of eight.

Our primary use case was to track the traffic on websites or webshops to identify potential malicious actors, such as bots. This involved analyzing the type of data being collected through websites to detect possible DDoS attacks.

The most valuable feature of Barracuda Web Application Firewall is managing bot traffic. During a presentation by Barracuda, it was demonstrated that the traffic on Coolblue, a Dutch platform similar to Amazon, was significantly reduced with Barracuda's intervention. Half of the traffic was identified as bots searching for the cheapest price. This traffic analysis and bot management were used as unique selling points for other customers.

Barracuda Web Application Firewall lacks some of the more specified and structured features offered by solutions like Tenable. Although Tenable is more expensive and less easily deployable, its features are more deepened and chiseled, particularly for IT personnel. For example, Tenable provides more comprehensive dark web scanning capabilities, which Barracuda could improve upon.

I have used Barracuda Web Application Firewall for approximately three years but have not worked with it in the past year.

The deployment process was straightforward. Initially, it took about two and a half hours due to some internal setup configuration mistakes. However, after understanding the deployment steps, it was done in about one hour without further guidance.

I would rate the stability of Barracuda Web Application Firewall as seven and a half, possibly an eight.

I believe Barracuda Web Application Firewall is quite scalable, and I would rate it as an eight.

The customer service and support are exceptional, and I would give them a ten out of ten.

The initial setup was very easy. For someone unfamiliar with IT, Barracuda Campus provides excellent resources and guidance, making it accessible even to those not specialized in IT.

Tenable was evaluated as an alternative solution.

For those new to cybersecurity, Barracuda Web Application Firewall offers an affordable and easy-to-deploy solution. Its accessible nature makes it a great choice for mid-segment use. The shift towards cybersecurity awareness has created a growing market, and Barracuda fits well with this trend with its non-technical usability and corresponding price point. I would rate the overall solution as eight out of ten.

I'm using Barracuda as a web application firewall for any application. It is too smart and user-friendly, making it easy to restrict applications and utilize many features.

It is very easy to restrict applications and utilize many features and ensures that it's not complicated to work with.

The most helpful feature is rate limiting, which acts as a security layer against DDoS attacks. Additionally, data leak prevention is very important and ensures protection against attacks.

I faced an issue when Barracuda decided not to support Azure Stack Hub anymore, which was a significant issue as we had many customers using it on that platform. Due to this decision, we had to replace Barracuda with another vendor, which was regrettable.

I have been working with Barracuda Application Firewall for more than four years.

When the SDM crashed, we experienced instability, yet support usually acted quickly and was very helpful, ensuring stability for customers.

Scalability is strong, rated eight to nine. The solution is capable of meeting scalability requirements efficiently.

Technical support may be rated as eight or nine out of ten. The support is very helpful and responsive.

Due to the decision by Barracuda not to support Azure Stack Hub, we replaced Barracuda WAF with another vendor for more than ten customers.

The setup process is too simple.

On a scale, pricing is nine out of ten. It's a reasonable price for this product.

There is no comparison, as Barracuda is too smart. Compared to FortiWeb, Barracuda is much better.

I would rate Barracuda Web Application Firewall at nine out of ten overall. I can recommend it to other users. Barracuda is one of the remarkable vendors in web security and is too smart.

Our clients primarily use Barracuda Web Application Firewall to filter their web traffic and ensure they are secure enough to protect their cybersecurity workloads.

We have sold these solutions to academic clients like universities. They appreciated the ease of use and the signature base.

The most valuable feature is the ease of use and the signature base.

As a service, Barracuda needs to host in Saudi Arabia, as they currently don't have this functionality. They need to enhance technical support to allow hosting within the region.

I have been working with Barracuda Web Application Firewall for a couple of years across different companies.

Barracuda Web Application Firewall is stable. We have had no issues, and there haven't been any specific comments about this.

I rate the scalability of Barracuda seven and a half due to some complexities and the inability to host as a service in Saudi Arabia.

I would compare Barracuda Web Application Firewall to Fortinet or Palo Alto.

The initial setup is simple. However, clients often require help as they may be more familiar with another OEM.

Clients require help as they might not have the core competency to implement the Barracuda technology.

The pricing is slightly expensive when compared to other OEMs.

I can 100% recommend Barracuda Web Application Firewall to other users.

I'd rate the solution eight out of ten.

I use the solution in my company to protect our website.

The solution's most valuable feature is that it actually protects our website, and it provides all the required security functions.

When we have multiple applications in Barracuda, everything is not managed in a single place. For example, Suppose I have four applications and want to make a common change across them. In the aforementioned case, it is not supported at the moment, and I have to go to individual applications and make changes.

Suppose I have four applications in the product and want to make similar changes in all of them together. In the aforementioned case, it is not possible to do anything with Barracuda Web Application Firewall.

I have to go to an individual obligation, make changes, and come out, and go to the next obligation and make the same changes. There is no grouping option.

I have been using Barracuda Web Application Firewall for six months. I am an end-user of the tool.

It is a mostly stable tool. I rate the stability as a nine out of ten.

I rate the scalability as an eight out of ten.

The number of users depends on the public who are accessing our website. It all depends on the popularity, so I can't say the number here. Let us say that there are probably thousands of users.

The solution's technical support is good. There is a delay in the response time when it comes to the support part. I rate the technical support a seven out of ten.

The product's initial setup phase is easy, but one needs some background knowledge. In terms of security products, one needs some background knowledge of the security practices. Nobody cannot configure the tool. Some certifications and technical knowledge is required to use the tool.

Depending on the person's knowledge of security, I can rate the setup phase as an eight on a one to ten scale, where ten means it is a very easy process.

The solution is deployed on the hybrid cloud.

The time required to deploy the solution depends on how many servers you want to set up in the hybrid environment. There are different components underneath it. There is no common time frame for the deployment. It all varies on a case-to-case basis, depending on how many deployments you are running in a hybrid environment and what services are offered to the user in the hybrid environment. We can't tell you the specific time for the deployment.

Cost is a bit on the higher side. Big companies can afford it.

The product offers protection against web exploitation. With code injection and SQL injection, everything is covered in the tool.

My company has around four applications on Barracuda Web Application Firewall. Everything has been working smoothly with the tool.

Speaking about AI-driven security measures, I would say that the solution has its own in-built machine learning techniques, so we are not using any other solution or AI solution, as it is all integrated with Barracuda Web Application Firewall itself.

Though it is a costly tool, it is a good product that is stable, secure and offers good protection.

I rate the tool an eight out of ten.

The product has fantastic support services. It provides complex solutions, including block mode and other default protection features.

We encountered a few glitches while implementing API security features into the product. Secondly, they could provide transparency for different types of protection parameters available. It will be beneficial if there is some visibility for the same. We faced some downtime issues the last two times due to Barracuda infrastructure. Thus, we are searching for alternate WAF solutions.

We have been using Barracuda Web Application Firewall for two years.

I rate the platform's stability a ten out of ten.

I rate the product's scalability nine out of ten. It is suitable for enterprise businesses.

The technical support services are fantastic. They share the knowledge transparently. This feature is more exceptional than that of other vendors.

The initial setup process is simple. We have deployed the product on the cloud.

I rate Barracuda Web Application Firewall a nine out of ten.

Our customers use it to enhance the security parameters of their web applications. Web Application Firewalls serve this exact purpose.

One of the strongest points is its robust issue discovery capabilities. Barracuda invests significant efforts in identifying and resolving issues. They have multiple products that work in tandem to perform these checks, which is beneficial because it automates security updates. This is the primary reason I recommend it to my customers.

One of Barracuda's limitations is its user interface. The GUI for configuration is not intuitive and has remained largely unchanged for the past 10 to 12 years. This is something I've discussed with Barracuda representatives here in Italy as well. It needs more modernization.

I have been working with this solution for 15 years.

I would rate the stability a nine out of ten. The solution has been fairly stable. Normally, there is a built-in kernel and an application. Some modules may crash, for example, the graphical user interface. But in another way, the engine continues to work fine. So from my point of view, the stability is very high.

I would rate the scalability of the solution an eight out of ten.

We have around six to seven customers using this solution.

The Barracuda support depends. Sometimes, they solve the issue promptly, but normally, they are not so fast and are not entirely focused on the problem. For example, sometimes I write many requests on the tickets, asking for one, two, three, or four steps and asking for one to three resolutions. Often, they respond with only one or two. So, I need to push again and again.

In other cases, I ask questions and get positive feedback immediately, depending on who the technician is. Barracuda has engineers in the USA, UK, and other countries, so it depends on the technician's location and expertise. So, I am not completely satisfied, but sometimes it is okay, and sometimes it is not okay.

So, depending on the region and depending on the person who actually receives these tickets, the technical support could be more knowledgeable. So they may need some training or education for the entire staff to respond immediately without any delays.

Often, it happens that they respond because they need to, not because they understand the technology I'm using. So they respond just because it's required by the service level agreement, which specifies a response time within four hours. But this is just a response, not a resolution of the case. Sometimes, the response is within the agreed time, but the solution takes much longer.

I have customers using it in both on-premises and cloud environments. The deployment is a straightforward procedure.

I act as a deployer, configuring the solution based on our customers' needs, whether they are big or small companies and whether they prefer on-premises or cloud deployment.

The deployment takes a couple of days. This application requires precise configuration to protect specific parts of a company's web application. Therefore, it typically takes me two or three days to deploy and fine-tune the solution before it's up and running.

We also handle the maintenance of the solution. We are a team of five technicians who work with the help desk. We do the first contact for the Italian customers. They call me, asking me, and then I escalate it to the Barracuda IT support in case.

The customers are using it and see an ROI. The biggest benefit is the increased security in the internal environment. It automatically enhances their security posture for the applications that should be protected by the WAF.

In Italy, we have a majority of small companies, around 95%. These are companies with 20 employees or fewer. The remaining 5% are what UK and USA define as medium companies, which can have up to 2,000 employees. For large companies and enterprise level, the pricing is right.

For small companies, the price is very expensive because the WAF is an enterprise-level application, not intended for smaller businesses. In my opinion, the price is right for enterprise-level use.

In Italy, the market is different; most companies are small, and the few larger companies with an enterprise approach tend to buy directly from companies like HP, F5, or others rather than through an engineering company like mine.

I've worked with many other vendors. Currently, we also use WatchGuard firewall and systems for protection. But I've also worked with vendors from various regions. For the WAF (Web Application Firewall).

In general, I would rate this solution an eight out of ten. It is not a ten because it works well, but there is room for optimization in a few areas. These include the kind of support, the graphical user interface, and the speed of the graphical interface. A better product that achieves these goals exists. In my 40 years of activity, I've never found a perfect one because all applications grow and change over time, and a new version is always an improvement in IT. So these are the reasons why there are two or three points that could be better optimized by Barracuda. The graphical interface, its speed, and the immediate support in case of issues. These aspects limit my evaluation.

People who host their applications on the cloud, global servers, on-premises, or various locations may encounter issues related to IT threading as well as volumetric attacks. To address these challenges, we provide the Barracuda Web Application Firewall. The most significant advantage of the Barracuda Web Application Firewall is that it offers a single subscription for Active DDoS protection.

There are two types of DDoS attacks: active DDoS and offline DDoS. With Barracuda Web Application Firewall, we only need one subscription to be protected against both. In contrast, other solutions and competitors often require separate subscriptions for DDoS protection, making their offerings more expensive.

When it comes to a comprehensive web application firewall solution, Barracuda stands out by providing an affordable and end-to-end approach. In comparison, other market solutions typically consist of separate boxes for different features, leading to higher pricing.

We only need one subscription to be protected against both active DDoS and offline DDoS attacks.

In the Barracuda Web Application Firewall, there should be more affordable options for WAF as a service. These options should cater to smaller businesses, with a focus on single-size configurations for fewer users and cloud applications. We currently offer WAF as a service for cloud-deployed applications, but the pricing is somewhat on the higher side. To enhance the service, I suggest that they work on improving their pricing strategy. It's crucial to provide competitive pricing in comparison to other competitors in the market.

I am currently using the Barracuda Web Application Firewall.

I give Barracuda Web Application Firewall nine out of ten for stability.

I give Barracuda Web Application Firewall nine out of ten for scalability.

I would rate the initial setup a ten out of ten for its ease.

Usually, deployment takes three to four weeks because it depends on the customer and what we can observe from their side. What SLA or scope of work have they shared with the partner? In essence, we are not a direct partner of Barracuda; instead, we serve as the brand custodian for multiple brands such as Sophos and Barracuda. During the deployment phase, we are not directly involved with the customers. Sometimes, the queries pertain to deployment issues or technical problems. For such cases, we typically respond within two to four hours, or at most, one to two days, depending on our schedule. Since we cater to multiple brands and settings, we are not exclusively focused on one particular brand. Our role involves supporting multiple brands and setting up various solution abilities or designs.

For instance, if a customer approaches us for web services, we can offer Sophos Firewall web services. However, if they require a dedicated web solution, we provide them with a Barracuda solution. In cases where the customer has budget constraints, we try to migrate them to cloud-based solutions. Consequently, we refer to them as end customers or partners as per the situation.

In most cases, we are not directly involved in the deployment phase, the configuration process, or the setup. However, we usually gather feedback from our partners or new partners, and based on that, I can estimate that the deployment will take around two to three weeks. The timeline depends on the specific requirements or wishlist of the end customer.

The Barracuda Web Application Firewall is quite expensive. The license is available on an annual or three-year term, with no monthly, quarterly, or semi-annual options. There is a bigger discount applied when a customer signs up for a three-year term.

I would give Barracuda Web Application Firewall nine out of ten.

Barracuda Web Application Firewall is marketed for the enterprise segment because of its high cost.

Barracuda Web Application Firewall is a comprehensive and dedicated web application firewall, and I highly recommend it.