Barracuda CloudGen WAF for AWS - PAYG

My main use case for Barracuda WAF-as-a-Service is that its main services are the most secure and predictable when we configure any applications behind the WAF. Barracuda WAF-as-a-Service is a Web Application Firewall where we can put the applications securely behind the applications without any disturbance of the HTTP and HTTPS products or services.

A quick specific example of how I use Barracuda WAF-as-a-Service in my daily workflow is that we are migrating from on-premises services to the cloud side with Barracuda WAF-as-a-Service. Daily, I integrate many applications that are in the live production environment, and from that, I can configure many security policies and ASM security policies. Many of the things I configure on a daily basis are based on fine-tuning. Apart from the integrations, we are doing fine-tuning, URL whitelisting, bypassing, and masking the data.

Barracuda WAF-as-a-Service has impacted my organization positively by providing a much higher quality experience, where we can easily trust it.

Regarding specific outcomes or metrics that show how Barracuda WAF-as-a-Service has helped my organization, everything is good. I need to add one more point where on a daily basis or on the quarterly outcome, we have to know about more security alerts from the Barracuda technical support, where we can be hassle-free from firmware or any security breach levels.

The best features Barracuda WAF-as-a-Service offers are, first of all, that it is a SaaS service, and the second thing is that it has more security and more availability scenarios where we can perform any of the things technically and strategically.

Regarding the high availability feature, in our environment, we are using active-active availability. If any of the applications are onboarding on the cloud WAF, then we have it configured on both application appliances. We are using the active-active appliance high availability where we can flow the traffic on both firewalls, and it is easier for us to maintain and secure the traffic without hesitation.

There are many application features where we can be useful in the daily scenario, such as using the iRest control, iMapping control, and application control where we can configure easily with the help of the application teams.

Barracuda WAF-as-a-Service can be improved by adding much more security features on a daily basis. As with other WAFs, we see that many of the appliances are doing many hardening assessments or something like that. That would be improved by Barracuda WAF-as-a-Service, where we can get that support from the assessment.

If there are any assessment modules coming into the feature of Barracuda WAF-as-a-Service, that would be helpful for us on a daily, weekly, monthly, or quarterly basis, allowing us to do the assessment.

Regarding Barracuda WAF-as-a-Service's AI capabilities, I think its governance and security is fine; it is a good initiative because most WAFs or other firewalls provide AI capability, thus presenting a good approach.

Regarding Barracuda WAF-as-a-Service's AI capabilities, its accuracy and reliability of output is a good approach. If we can get the AI capability in Barracuda WAF-as-a-Service, and although I am not very much experienced in AI, that would be the more preferable way where we can get those things instantly.

I have been using Barracuda WAF-as-a-Service for more than five years.

Barracuda WAF-as-a-Service is stable, and I can say that it is 100% stable.

Barracuda WAF-as-a-Service's scalability is pretty much 100% availability.

Customer support with Barracuda WAF-as-a-Service is also immediate; I get support either from the console access, a call, or from a meeting.

I previously used a different solution, specifically F5 WAF and their hardware, which were on-site, on-premises solutions. I am now moving to Barracuda WAF-as-a-Service because the main thing driving this decision is the cost-cutting of the product, as we are not using a physical device; it will be purely based on the cloud. The second thing is for security reasons, as most organizations have moved to SaaS services, which is the best way to approach the cloud. I have the most experience and am very happy with Barracuda WAF-as-a-Service.

I have seen a return on investment with Barracuda WAF-as-a-Service, as it makes it easy for employees to save time and money; it is a most trustable thing.

My experience with pricing, setup cost, and licensing involves doing BYOD. Based on the requirement, we are just opening the shield or the VM, and during working hours, we are using those things. For non-business hours, for applications not used during those hours, we are shutting down those things. That is the main fundamental we are using in our environment, allowing us to cut costs regarding pricing, setup costs, and licensing.

Before choosing Barracuda WAF-as-a-Service, I evaluated other options, although I do not have much more experience with other firewalls. I worked hands-on with F5 and Fortinet, but now I am moving to Barracuda WAF-as-a-Service, which provides solutions and security, and I can immediately receive support from the Barracuda technical team.

The advice I would give to others looking into using Barracuda WAF-as-a-Service is that it has the most secure performance, scalability, time scalability, performance security, and integrated security. It is easily used, handled, and managed, being fully based on the GUI. Most command line interface commands are not a surprise, making it hassle-free to execute. Most of these aspects are preferable for me and for other users who can use it easily without hesitation.

I rate Barracuda WAF-as-a-Service a nine out of ten because, as I said, if any major assessment module can come into the features of Barracuda WAF-as-a-Service, it will be easier for us to do the assessment on a quarterly, daily, or weekly basis. That would be more preferable because other WAFs, like BIG-IP F5, also provide the assessment reports globally, which would be helpful for us to get those things from Barracuda WAF-as-a-Service as well.

I deal with Barracuda WAF-as-a-Service and usually recommend it for private and government companies.

The automatic security updates are excellent. These updates help our customers transition smoothly between interface versions. We started with an old Barracuda interface, implemented everything there, and then moved to the new interface, which is very good and helpful.

Barracuda WAF-as-a-Service's real-time attack detection feature has improved our customers' threat response strategies significantly.

I have found value in the actionable analytics provided. Our customers have seen benefits such as access to a lot of data and the ability to analyze real-time threats through the actionable analytics.

I assess the impact of Barracuda WAF-as-a-Service on compliance efforts regarding security events as good in terms of compliance, although there are a few issues. There is one issue regarding local data storage, as they do not have that capability, and we are storing the data in another foreign country, which is against the law. Data is supposed to be within the South African border.

In my opinion, the main direction for improvement should be around the licensing part, as it should not be quite complex. The price of their licensing model is a bit steep. However, for other features such as web application threat detection and data compliance, they are very good, especially for application trafficking and caching. The pricing and SIEM integration sometimes create challenges, and we need to get professional help with those areas.

For the next release, Barracuda WAF-as-a-Service should include advanced APIs and perhaps AI-driven detections. They can improve the integration with SIEM and SOAR.

I have been working with Barracuda WAF-as-a-Service for quite a few years.

There are competitors to Barracuda WAF-as-a-Service. Depending on a client's requirement, I would recommend it, but there are competitors such as F5 and Cloudflare, and it depends on what the client wants. Sometimes, clients might want a firewall and choose something like Fortinet or Cisco secure firewall.

The price of their licensing model is a bit steep, but for other features such as web application threat detection and data compliance, they are very good, especially for application trafficking and caching. I am happy with it; it is just that the pricing and SIEM integration sometimes create challenges, and we need to get professional help with those areas.

Implementing Barracuda WAF-as-a-Service is quite complex, and you need to have substantial knowledge in this area. I rate Barracuda WAF-as-a-Service an overall score of six.

We primarily use Barracuda WAF-as-a-Service for raising security incidents by proactively blocking malware, ransomware, and phishing attacks to reduce breach risk and response time. Apart from that, we use it for streamlining added sites without performance drops, which also helps to support the growth of our teams. Additionally, we reduce hardware costs by decommissioning on-premises firewalls during our cloud migration with minimal disruption and a familiar UI for quick adoption.

When I mention reducing breach risk and streamlining added sites, there is one specific case I want to tell you about where Barracuda WAF-as-a-Service helped us directly. About three to four months back, there was a ransomware attack where it reportedly sent notifications to the admin panel, and Barracuda blocked the malware and phishing attack, sharing an advanced report with our team. This allowed us to directly contact the team, minimizing the risk of data breach. This was one case where we observed the benefits, and there have been multiple instances since we started using it.

The best features that Barracuda WAF-as-a-Service offers are an intuitive centralized dashboard, allowing us to manage policies, Internet protocol servers, antiviruses, anti-DDoS attacks, and traffic shaping across multiple sites. This feature enables seamless scaling of our environments, especially as we work within Amazon Web Services. Additionally, real-time threat intelligence helps us to detect threats in real-time. Another major feature I love is application control and VPN support, providing granular visibility and protection without needing separate appliances.

The centralized dashboard is helping us streamline visibility across our admin panels and provides site-to-site visibility deployed directly to our AWS environment, securing VPC traffic and ensuring the firewall is in place. The real-time threat intelligence is an advanced feature helping us track real-time attacks, such as anti-DDoS attacks, ransomware, or viruses that can compromise system integrity. Through the intuitive centralized dashboard, we can manage policies and set rules, assisting us effectively.

I see that cost can be a limitation for small businesses. Additionally, if they can provide more advanced features and customization for specific use cases, that would be beneficial. Apart from that, I do not feel there are any other problems. From our perspective, there is not an issue. All the data I have shared is in favor of Barracuda because the ROI they have given us is tremendous, and they are doing really well in terms of product, scalability, and service. We have seen that it is a great solution with no issues from our end.

I have been working in my current field for more than ten years.

Barracuda WAF-as-a-Service is definitely a stable solution, and I give it a ten out of ten as we have not faced any downtime, crashes, or lag.

Scalability is good for Barracuda WAF-as-a-Service; we can scale up or down based on our needs, as it comes with this model directly from the AWS Marketplace, which is really great.

Customer support for Barracuda WAF-as-a-Service is rated ten out of ten. We had an incident requiring direct support, and the representatives were really helpful, resolving our query within forty-five minutes, so it stands at ten out of ten for me.

We did not use any other solution prior to Barracuda WAF-as-a-Service; this is the first time we have used this service.

The initial deployment of Barracuda WAF-as-a-Service was really smooth. The team collaborated with our team and assisted with configuration. As we use a pay-as-you-go model, the licensing and every detail is managed well, backed by the AWS Marketplace, making it an excellent experience. Everything from provisioning to policies was set up on time, so my initial deployment experience was very positive with no issues at all.

The integration of Barracuda WAF-as-a-Service with other AWS services is seamless. Whatever services we are using with it, including non-related software, it integrates excellently. We have not faced any downtime, crashes, or lags while using this solution.

Barracuda WAF-as-a-Service has positively impacted our organization by reducing cyber threats like ransomware and phishing by ninety-five percent. This is a significant thing because we have seen a major drop in those numbers. Earlier, we faced many threats, but now I can say we see ninety to ninety-five percent fewer attacks. Additionally, centralized management has decreased by twenty-two to thirty percent, and costs related to avoiding breaches have decreased by at least seventy percent. On the ROI side, proactive blocking has led to efficiency gains and bandwidth optimization, boosting productivity and reliability for our distributed teams by thirty-three point eight percent.

The reduction in cyber threats and the increase in productivity I mentioned earlier are measured based on incident reports. Barracuda provides good data, and as I have said, it offers a clear dashboard where we can track progress. This data is a collective set from our admin and other teams closely working with engineering and other departments.

We have seen a return on investment of at least a million dollars, which could have been lost due to data breaches or attacks on the organization by effectively blocking threats. The downtime has decreased significantly, and our efficiency has improved by twenty-two point five percent thanks to real-time monitoring and traffic optimization. Additionally, we have reduced hardware costs by fifty percent by decommissioning on-premises firewalls during cloud migration with minimal disruption and a familiar UI for quick adoption. Productivity has increased as teams can focus more, leading to a rise of forty to fifty percent.

The metering and billing experience is really good because it operates on a pay-as-you-go model through hourly AWS billing, which includes features like the firewall and VPN. We also have a buy-your-own licensing option, which we do not utilize, sticking to AWS billing. This system allows us to pay only for what we use, saving a lot of money, so I give it a ten out of ten as it is both a money and time saver for the organization.

The pricing, setup cost, and licensing not only follow the same pay-as-you-go model but are also billed hourly by the AWS Marketplace. We select it based on our requirements, scaling up or down accordingly. This flexibility is how we have chosen this model.

Before selecting Barracuda WAF-as-a-Service, we evaluated other options, including AWS Network Firewall, Palo Alto Network VM-Series, Fortinet VM, a Force Firewall, and pfSense.

I rate Barracuda WAF-as-a-Service a five out of five overall. The reason I choose five out of five is that all the things I have mentioned earlier represent a great solution for our organization. It has effectively blocked malware and phishing attacks while optimizing bandwidth for our development environment. The deployment to our client network segmentation was really great, and the SD-WAN integration with on-premises and auto-scaling clusters for loads has been working well in our Agile ceremonies. Moreover, it leverages hybrid environments, helping to reduce unauthorized access during our CI/CD pipelines and ensuring compliant data flows.

I advise anyone looking for dedicated protection for their organization, aiding in threat prevention and unifying the threat management system with high performance at low cost, to go for Barracuda WAF-as-a-Service. They are a really good service.