Sign in
Sign in
or
Create a new account
Agent Mode
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Barracuda Application Protection Advanced

Barracuda Networks

Reviews from AWS customer

10 AWS reviews

External reviews

14 reviews
from and

External reviews are not included in the AWS star rating for the product.

    Gilbert White

Secure mobile access has protected remote hospital staff and simplifies threat management

  • April 13, 2026
  • Review from a verified AWS customer

What is our primary use case?

Barracuda Application Protection is primarily used for our mobile apps and remote users. We use the same secure gateway to protect the apps' integrity as well as the data going from the hospital campus to users remotely and in their homes.

A specific example of how Barracuda Application Protection helps with our mobile apps and remote users is the D level protection and its readiness to secure our data and network lines.

Being able to set as many rules as we like is a significant advantage for our main use case.

What is most valuable?

The best features Barracuda Application Protection offers include level protection, secure data on our network lines, building templates to ease use and make them our own, and the ability to work with how we do things.

Building templates to ease use is straightforward and customizable, making it easy to use.

Barracuda Application Protection has positively impacted my organization by increasing protection and securing our configuration networks.

Increased protection means providing threat protection, especially on emails that come from outside. Capturing potential spam and malware for emails from outside our network has been valuable.

What needs improvement?

Barracuda Application Protection can be improved by having more malware and intrusion solutions for sniffing more on the network and having the advanced ability to close off ports when they could be getting tested from hackers for intrusion.

I do not have additional feedback about the needed improvements, particularly around user experience or reporting features.

For how long have I used the solution?

I have been using Barracuda Application Protection for four and a half years.

What do I think about the stability of the solution?

Barracuda Application Protection is stable in my experience with no downtime or reliability issues.

What do I think about the scalability of the solution?

Barracuda Application Protection is scalable and handles growth easily.

How are customer service and support?

The customer support is swift and perfect in my experience. I would rate the customer support nine out of ten.

Which solution did I use previously and why did I switch?

I did not previously use a different solution.

What was our ROI?

I have seen a return on investment as it has been good in lessening threats from outside, with ease of use for our security team to be able to use templates and configure our threats. Being able to set as many rules as you like is a significant advantage.

What's my experience with pricing, setup cost, and licensing?

My experience with pricing, setup cost, and licensing was swift and easy.

Which other solutions did I evaluate?

Before choosing Barracuda Application Protection, I evaluated other options including Cisco Secure Access by Duo and Trend Micro Apex One.

What other advice do I have?

On a scale of one to ten, I rate Barracuda Application Protection nine out of ten.

I chose nine out of ten because it is lacking the advanced ability to close off ports since they can be used by hackers.

My advice to others looking into using Barracuda Application Protection is that it is easy to use, so I highly recommend them to consider.

My overall rating for Barracuda Application Protection is nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)

    Alice Shaniz

Secure protection for remote healthcare apps has increased client flow and improved decisions

  • April 12, 2026
  • Review from a verified AWS customer

What is our primary use case?

My main use case for Barracuda Application Protection is for mobile apps, as it has been used for the remote users we have. I used this as a secure gateway to protect the apps' integrity as well as the data going from one host hospital campus and users remotely. I also used this technology for a lot of customers, serving numerous healthcare institutions to financial sectors, and it provides many compliance features related to different security modules, including bot attacks, zero-day vulnerabilities, and credential stuffing.

A specific example of how I used Barracuda Application Protection for remote users is that I was able to reach clients who are remote, serving them and giving them the best app protection and security for their information. I saw a difference in client flow from 20% to 45% in my organization, which is a positive impact.

What is most valuable?

Barracuda Application Protection offers excellent features including identification of known attacks, straightforward configuration, automated policies, user-friendly interface, and ease of use.

The most valuable feature for my team has been the identification of known attacks. This has really helped us to know when there is a security attack, when there is anything that is an intrusion to our webs, and we were able to curb it and prevent hackers' intrusion.

Barracuda Application Protection has impacted my organization positively since I started using it, as I have seen a difference in customer flow. I have gained popularity in my organization and gained clients, from a 20% to 35% increase. Additionally, I have been able to save time from 55% to 65% since I started using Barracuda Application Protection. The time that I have saved has allowed me to dive deeper into Barracuda Application Protection and learn more as an organization, which has brought many positive impacts, including better decision-making.

What needs improvement?

Barracuda Application Protection can be improved with more innovative solutions for network sniffing. They should work on that to achieve a perfect rating.

For how long have I used the solution?

I have been using Barracuda Application Protection for four years and two months.

What do I think about the stability of the solution?

Barracuda Application Protection is stable.

What do I think about the scalability of the solution?

Barracuda Application Protection's scalability is very scalable.

How are customer service and support?

The customer support for Barracuda Application Protection is very proactive.

Which solution did I use previously and why did I switch?

Before Barracuda Application Protection, I used FireEye Endpoint Security.

I switched from FireEye Endpoint Security to Barracuda Application Protection because Barracuda Application Protection has the ability to satisfy and uphold my organization with all that it offers me. I chose it because it is the best and would recommend it 100%.

What was our ROI?

I have seen a return on investment as I have been able to save time since I started using Barracuda Application Protection, and it has also improved my customers' decision-making and departmental decision-making.

The time savings and the increase in client flow were measured from customer feedback and internal reports that my organization has received.

What's my experience with pricing, setup cost, and licensing?

My experience with pricing, setup cost, and licensing was that it was cost-friendly.

Which other solutions did I evaluate?

Before choosing Barracuda Application Protection, I evaluated other options including Trend Micro Apex One.

What other advice do I have?

My advice for others looking into using Barracuda Application Protection is that it is effective in providing threat protection, especially for emails that come in from the outside, capturing potential spam and malware. It has been effective for emails from outside my network. I would rate this product at a 9 out of 10.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)

    Graham William

Granular security controls have protected healthcare apps and reduce web security incidents

  • April 12, 2026
  • Review provided by PeerSpot

What is our primary use case?

My main use case for Barracuda Application Protection is that it is easy to deploy and easy to manage the application. I use Barracuda Application Protection to work on the technology for many customers, and it has been utilized for numerous healthcare institutions.

What is most valuable?

Barracuda Application Protection helps my customers with client fingerprinting, risk scoring, and bot identification. These features make a difference for my healthcare customers by limiting access and making the interface easy to access.

The best features Barracuda Application Protection offers are granular control and providing good compliance. I use granular control in my daily work to ensure accessibility, and Barracuda Application Protection helps me meet various compliance requirements.

Barracuda Application Protection has positively impacted my organization as it is easy to deploy, less costly, and its support is extraordinary. It saves costs primarily through time saved and guarantees improved security.

What needs improvement?

Barracuda Application Protection could be improved by integrating more bot categories and making URL profiles friendlier since the current feature is somewhat complicated.

For how long have I used the solution?

I have been using Barracuda Application Protection for four and a half years.

What do I think about the stability of the solution?

Barracuda Application Protection is very stable.

What do I think about the scalability of the solution?

Barracuda Application Protection is very scalable.

How are customer service and support?

The customer support for Barracuda Application Protection is perfect.

Which solution did I use previously and why did I switch?

I have not used a different solution.

What was our ROI?

I have seen a return on investment, as Barracuda Application Protection has a measurable and strategic impact on my overall business objectives. Within the first six months of deployment, I saw a 53% reduction in security incidents affecting the web, which directly translated to fewer service interruptions and less time spent on incident response.

What's my experience with pricing, setup cost, and licensing?

My experience with pricing, setup cost, and licensing was swift.

Which other solutions did I evaluate?

Before choosing Barracuda Application Protection, I evaluated other options such as Palo Alto Networks, Fortinet, FortiGate, HPE, and Check Point.

What other advice do I have?

There is nothing else about the features. There is nothing more about the needed improvements. My advice to others looking into using Barracuda Application Protection is that I recommend it. I would rate this product a 9 out of 10.

    Mercy Juliet

Secure remote healthcare access has strengthened data protection and improved client outreach

  • April 12, 2026
  • Review from a verified AWS customer

What is our primary use case?

My main use case for Barracuda Application Protection is that we use it to work on this technology for a lot of customers. It has been deployed across numerous healthcare institutions and the financial sector, and it provides many compliance features across different modules including the security module, bot attacks, zero-day vulnerabilities, credential stuffing, and API abuse.

We have also been using it for mobile apps used by our remote users. We use this as the secure gateway to protect the app's integrity as well as the data going from the hospital campus to other users remotely, as well as to those in-house.

One of the key elements where we have used Barracuda Application Protection is the WAF support for load balancing. We were looking to distribute the load of the web applications.

What is most valuable?

The best features Barracuda Application Protection offers include its configuration. Configuration is easy to do and use for our security team with its features and instructional pictures.

Barracuda Application Protection provides full spectrum security and DoD level protection, which is a significant help for us in securing our data. The ease of setup is also a strong point, as it is straightforward to set up. The ease of setup on our firewall for security for VPN users is good.

Barracuda Application Protection has positively impacted our organization since it is easy to use. It has helped us save between 55% to 65% of our time. Since it is easy to use, it is faster. We have also been able to reach our users who are in remote areas, which has led to our organization becoming popular in remote areas, resulting in a 40% increase in client flow.

What needs improvement?

Barracuda Application Protection can be improved by having a feature where you can achieve out-of-the-box requirements, meaning features that are not available could be included by writing code. URL profiles should be more user-friendly, as this feature is somewhat complicated. Additionally, having the advanced ability to close off ports when they could be getting tested from hackers for intrusion would be beneficial.

I would add that more innovative solutions for sniffing network activity should be improved.

For how long have I used the solution?

I have been using Barracuda Application Protection for five years and two months.

What do I think about the stability of the solution?

Barracuda Application Protection is stable.

What do I think about the scalability of the solution?

Barracuda Application Protection is very scalable.

How are customer service and support?

The customer support for Barracuda Application Protection is safe to use, and they are very proactive and responsive.

Which solution did I use previously and why did I switch?

I previously used Trend Micro Apex. Using the phishing and impersonation tool to rule out and capture phishing emails is a good feature that we are currently using.

How was the initial setup?

Regarding the ease of setup, it was easy for us to deploy Barracuda Application Protection in our organization, and it has really made things smooth for our remote users. We have been able to achieve secure gateway protection and app integrity through Barracuda Application Protection.

What was our ROI?

I have seen a return on investment, and it has been good in lessening threats from the outside. Being able to set as many rules as I would like is a big plus. We have been able to save 55% to 65% of our time since it is easy to use and very accommodating. The ease of use for our security team allows us to use templates and configure to our specifications.

What's my experience with pricing, setup cost, and licensing?

My experience with pricing, setup cost, and licensing for Barracuda Application Protection was cost-friendly.

Which other solutions did I evaluate?

Before choosing Barracuda Application Protection, I evaluated other options, including Cisco Secure Access by Duo.

What other advice do I have?

My advice to others looking into using Barracuda Application Protection is that it is good in providing threat protection, especially for our emails that come in from the outside. Capturing potential spam and malware from emails from outside our network has been good, keeping us alert from anything that could compromise our network. I would 100% recommend Barracuda Application Protection. I have given this product a rating of 9.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)

    Brian Bright

Security training has transformed our email protection and now safeguards remote healthcare data

  • April 08, 2026
  • Review from a verified AWS customer

What is our primary use case?

My main use case for Barracuda Application Protection is to educate our employees and our organization to be more aware of security risks in enterprise and home environments.

A quick specific example of how I use Barracuda Application Protection for this purpose is that we use it to pass the knowledge to them on how they should avoid their email from being hacked.

I also use Barracuda Application Protection to work on the technology for a lot of customers, and it has been used from numerous healthcare institutions to financial sectors. We also use it on our mobile apps for the remote users who have mobiles, and we use this as a secure gateway to protect the app's integrity as well as the data going from the hospital campus to the remote users, as well as once in-house.

What is most valuable?

Barracuda Application Protection offers automated policies, ease of use, straightforward configuration, and identification of known attacks.

The automated policies have helped our team by making our work easier in our organization since they have enabled us to dive deep into Barracuda Application Protection, and it has enabled us to gain more popularity.

Barracuda Application Protection is easy to deploy, has standard policies, and it is easy to create roles.

Barracuda Application Protection has positively impacted my organization by being scalable for simple environments, and it has a very quick deployment. I deploy it very quickly in my organization.

I have seen a specific outcome with Barracuda Application Protection of an improvement of 50% to 55% of our time since we started using it.

What needs improvement?

Barracuda Application Protection can be improved by implementing more innovative solutions for sniffing more on the network and also having the advanced ability to close off ports when they could be getting tested from hackers for intrusion.

For how long have I used the solution?

I have been using Barracuda Application Protection for four years.

What do I think about the stability of the solution?

Barracuda Application Protection is stable.

What do I think about the scalability of the solution?

Barracuda Application Protection is very scalable.

How are customer service and support?

The customer support for Barracuda Application Protection is very responsive and active.

I would rate the customer support for Barracuda Application Protection a nine out of 10.

Which solution did I use previously and why did I switch?

I previously used a different solution, which was Phishing, and I switched because of the need for better protection.

What was our ROI?

I have seen a return on investment with Barracuda Application Protection. For instance, the improvements reflect in the 50% metric provided, which represents a 50% improvement.

What's my experience with pricing, setup cost, and licensing?

My experience with pricing, setup cost, and licensing for Barracuda Application Protection was that it was easy and affordable to establish.

Which other solutions did I evaluate?

Before choosing Barracuda Application Protection, I evaluated other options, specifically FireEye Endpoint Security.

What other advice do I have?

Barracuda Application Protection is good in providing threat protection, especially on emails that come in from the outside. I would rate this review a nine out of 10.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)

    Charles Freddy

Giving staff control over email management has improved workflow and increased client acquisition

  • April 08, 2026
  • Review from a verified AWS customer

What is our primary use case?

Barracuda Application Protection is used company-wide for email filtering and email management. It is important for our organization because it gives every user the ability to manage their own email, blacklists, whitelists, blocking mail addresses, or entire domains. Most of our employees use it daily, and it has become a critical part of our everyday workflow.

Giving users control over their own email management has enabled us to gain more clients, and our organization has become very popular through using Barracuda Application Protection.

What is most valuable?

The best features Barracuda Application Protection offers are that employees can manage their own whitelist and blacklist. The interface is intuitive and easy to navigate, giving employees access to manage their own email instead of reaching out to the MSP. Bulk email detection and message blocking due to no PTR record are also included.

The feature that stands out as the most valuable for our team is giving employees access to manage their own email, which has really made our work easier and enabled our work to flow smoothly in our company.

Barracuda Application Protection has positively impacted our organization by helping us gain more clients and improve our workflow, making our company more popular. We have observed an increase of 65% in our client base and have been able to save 50 to 55% of our time since it is easy to use and intuitive to navigate.

What needs improvement?

Barracuda Application Protection can be improved since the price was increased about two years ago.

For how long have I used the solution?

I have been using Barracuda Application Protection for 5 years and 11 months.

What do I think about the stability of the solution?

Barracuda Application Protection is stable.

What do I think about the scalability of the solution?

Barracuda Application Protection is very scalable.

How are customer service and support?

The customer support for Barracuda Application Protection is very responsive and active.

Which solution did I use previously and why did I switch?

I previously used a different solution called Phished. I switched from Phished to Barracuda Application Protection because I found Barracuda Application Protection to be very easy to use with a very good and intuitive interface.

What was our ROI?

I have seen a return on investment because 50 to 55% of our time has been saved since we started using Barracuda Application Protection, and the time saved has allowed us to invest more in Barracuda Application Protection.

What's my experience with pricing, setup cost, and licensing?

Although Barracuda Application Protection increased their price about two years ago, I would say it is affordable based on my experience with pricing, setup cost, and licensing.

Which other solutions did I evaluate?

Before choosing Barracuda Application Protection, I evaluated other options such as KnowBe4 and the KnowBe4 KCM GRC platform.

What other advice do I have?

My advice for others looking into using Barracuda Application Protection is that it helps create more awareness among staff of targeted phishing campaigns in our organization thanks to Barracuda Security Awareness Training. I would rate this product an 8.

    Moses Gilbert

Secure mobile apps and remote hospital users have gained strong protection and time savings

  • April 06, 2026
  • Review from a verified AWS customer

What is our primary use case?

My main use case for Barracuda Application Protection has been for our mobile apps and for the remote users we have. I used this as the secure gateway to protect the app's integrity as well as the data going from hospital campus to the users remotely as well as one in-house.

A specific example of how Barracuda Application Protection is used to secure our mobile app is through security protection to several web applications hosted in AWS. I was looking to deploy a WAF out of the box with not too much maintenance, and one of the key elements was the WAF support for load balancing. I was also looking to distribute the load of web applications.

What is most valuable?

The best features Barracuda Application Protection offers are automated policies, identification of known attacks, and straightforward configurations.

The automated policies help me secure data applications for my clients. When I deployed WAF out of the box with not too much maintenance, I was able to automate policies and rules for my customers that prevent their data from being leaked or hacked.

Barracuda Application Protection has positively impacted my organization by helping me save time, as 60 to 70% of my time has been saved since it's easy and remotely reachable.

I measured that time savings by the task where I was able to reach my clients who are in remote areas, which enabled me to measure the time being saved and time being used when reaching those in remote areas.

What needs improvement?

Barracuda Application Protection can be improved by providing more innovative solutions for sniffing more on the network and having the advanced ability to close off ports when they could be getting tested by hackers for intrusion.

For how long have I used the solution?

I have been using Barracuda Application Protection for six years and eleven months.

What do I think about the stability of the solution?

Barracuda Application Protection is stable.

What do I think about the scalability of the solution?

Barracuda Application Protection is very scalable.

How are customer service and support?

The customer support is very responsive and proactive.

Which solution did I use previously and why did I switch?

I previously used a different solution, which was Fire iAdd Point Security.

I switched from iAdd Point Security to Barracuda Application Protection to be able to secure customers' data and also where my inserts were well received and my organization was helped and gained more clients.

What was our ROI?

I have seen a return on investment, as it is easy to use for my security team to be able to use templates and configure my specs. Being able to set as many rules as I can is a big plus for my organization and has also been good in lessening threats from the outside.

What's my experience with pricing, setup cost, and licensing?

My experience with pricing, setup cost, and licensing was that it was cost-efficient and affordable.

Which other solutions did I evaluate?

Before choosing Barracuda Application Protection, I evaluated other options, including Trend Micro Apex One.

What other advice do I have?

My advice to others looking into using Barracuda Application Protection is that it is good in providing threat protection, especially for emails that come in from the outside. Capturing potential spams and malware from emails from outside my network has been beneficial and keeps me alert for anything coming in from the outside that could compromise my network. I would rate this solution a 9.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)

    Robert Mills

Secure gateway has protected remote healthcare data and now supports compliant mobile access

  • April 06, 2026
  • Review from a verified AWS customer

What is our primary use case?

My main use case for Barracuda Application Protection is for our mobile apps, and I use it for the remote users we have. I use this as the secure gateway to protect the app's integrity as well as the data going from the hospital campus to the users remotely, as well as the ones in-house.

A quick specific example of how Barracuda Application Protection helps with our mobile apps and remote users is that it has helped us to manage customer's security and documents in their phones, and also to reach those who are in remote areas.

I used to work on this technology for a lot of customers, and it has been used from numerous healthcare institutions to financial sectors, and it has provided a lot of compliance features related to the different security models, so I have more to add about my main use case with Barracuda Application Protection.

What is most valuable?

The best features Barracuda Application Protection offers in my experience are full-spectrum security and DoD-level protection, which is a big help for us for security of our data, ease of setup on the firewall for security for VPN users, and the configuration is easy to do and use for the security team with its features and pictures of instructions.

The feature that has made the biggest difference for my team is that it has helped us as a secure gateway to protection apps' integrity, as well as the data going from the hospital campus to users remotely, as well as the one in-house.

Barracuda Application Protection has positively impacted my organization by lessening threats from the outside and providing ease of use for the security team to be able to use templates and configure to our specs. Being able to set up as many rules as I would like is a big plus, and it also has a positive impact on our organization.

We have seen an improvement of 45% in security since Barracuda Application Protection has been securing our customers' privacy, which is a specific metric demonstrating our benefits.

What needs improvement?

To improve Barracuda Application Protection, it would be beneficial to have the advanced ability to close off ports when they could be getting tested from hackers for intrusion.

For how long have I used the solution?

I have been using Barracuda Application Protection for four years and eight months.

What do I think about the stability of the solution?

Barracuda Application Protection is stable.

What do I think about the scalability of the solution?

Barracuda Application Protection's scalability is very scalable.

How are customer service and support?

The customer support for Barracuda Application Protection is very responsive and supportive. I would rate the customer support for Barracuda Application Protection a nine out of ten.

Which solution did I use previously and why did I switch?

I previously used a different solution, specifically HP Juniper Access Points, and I switched from HP Juniper Access Points to Barracuda Application Protection since it was easy to deploy, less costly, support is extraordinary, and it provides granular controls. It provides good compliances and is less prone to false positives.

What was our ROI?

Implementing Barracuda Application Protection has had a measurable and strategic impact on our overall business objectives, and within the first six months of deployment, I saw a 45% reduction in security incidents affecting the web applications.

What's my experience with pricing, setup cost, and licensing?

My experience with pricing, setup cost, and licensing was that it was very affordable.

Which other solutions did I evaluate?

Before choosing Barracuda Application Protection, I evaluated other options such as Palo Alto Networks Next-Generation Firewalls, PA-Series, and Fortinet FortiGate.

What other advice do I have?

My advice to others looking into using Barracuda Application Protection is that it is good in providing threat protection, especially for our emails that come in from the outside. I would rate this product a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)

    Iv Yo

Security gateway has protected remote hospital apps and has enabled faster AWS web access

  • April 06, 2026
  • Review from a verified AWS customer

What is our primary use case?

My main use case for Barracuda Application Protection is for mobile apps we use and for the remote users we have, using it as a secure gateway to protect app integration as well as the data going from the hospital campus to the users remotely, as well as the ones in-house.

A quick specific example of how I use Barracuda Application Protection in a real-world scenario is for security protection for several web applications hosted in AWS. We were looking to deploy a WAF out-of-the-box with not too much maintenance that would work right away. One of the key elements was the WAF support for the load balancers, as we were looking to distribute the load of the web applications.

What is most valuable?

The best features Barracuda Application Protection offers include client fingerprinting, bot identification, mitigation of false positives, and easy deployment in seconds.

Client fingerprinting has helped my organization in ways that ensure you cannot access a client's information without using fingerprints as the main element that we use to access the inside and all the information of a client.

Barracuda Application Protection has positively impacted my organization by helping us save time since it is easy to use. This has helped us tremendously since we no longer need to travel to remote areas, enabling us to reach those people in remote areas more efficiently.

We have saved our time by 40 to 65% with Barracuda Application Protection. The time we were using to travel to those remote areas to reach our clients has been saved since Barracuda Application Protection is helping in that sector, allowing us to save time and also witness some profit increase from those customers in remote areas.

What needs improvement?

Barracuda Application Protection can be improved by integrating more bot categories, including more mitigations in client-side integrity, and adding a feature where you can achieve out-of-the-box requirements, meaning the features that are not available can be included by writing code.

For how long have I used the solution?

I have been using Barracuda Application Protection for four years and eleven months.

What other advice do I have?

On a scale of one to ten, I rate Barracuda Application Protection an eight out of ten.

I rate it an eight out of ten because the issue of client-side integrity needing more inclusion in mitigation techniques has hindered it from being a perfect ten, and I believe they should invest in that.

My advice to others looking into using Barracuda Application Protection is that it is good in providing threat protection, especially for emails that come in from the outside. Capturing potential spam and malware from emails from outside our network has been excellent, keeping us alert for anything coming in from the outside that could compromise our network. I recommend the simple Barracuda WAF as a service where an out-of-the-box standard policy can be applied, making this Barracuda WAF as a service perfect for a basic environment and protection, particularly if you already have other Barracuda infrastructure elements in your network.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)

    Pavan Ingaleshwar

Improved SOC visibility has blocked web attacks and supports faster investigations

  • April 06, 2026
  • Review provided by PeerSpot

What is our primary use case?

I work with Barracuda Application Protection as part of SOC monitoring and web application security, which helped me to detect and block web-based attacks such as SQL injection, suspicious requests, and abnormal traffic patterns from a SOC perspective. It also provides good visibility to the web attacks and helps with faster investigation. The pattern is stable and scalable, but I think the UI and fine-tuning policies can be improved overall.

In my current company, for one of the clients which we are using, Barracuda Application Protection was mainly used to protect the web applications and monitor incoming traffic from external sources. From our SOC perspective, I work on analyzing alerts related to suspicious HTTP requests, possible SQL injection, abnormal traffic spikes, and blocking malicious IPs. Whenever the alerts were triggered, we validated whether it was a real attack or a false positive and took appropriate action accordingly.

In one scenario, we observed multiple requests from a single IP that was targeting the login for our client endpoints with unusual parameters. We suspected and started an investigation. Then we saw that Barracuda Application Protection had detected this suspicious behavior and blocked the IP already. On the SOC side, what we did was verify the logs and confirmed it. We even assumed that it might be a brute-force or injection attempt. After that, what we suspected became true, and that helped me in preventing unauthorized access attempts and reducing investigation.

What is most valuable?

The best features of Barracuda Application Protection are that it has good visibility. Log usability is very good, and the support for investigation is also good. These are the main features. One of the best key features I have seen is that it mainly detects and blocks web-based attacks. As I previously mentioned, SQL injection, cross-site scripting, and suspicious HTTP requests are detected in real-time.

The log visibility in Barracuda Application Protection is very useful from the SOC perspective. It provides detailed information such as the source IP address, the request type, what kind of request type was detected, the targeted URL, and the attack type. During investigations, these logs help to understand the pattern of the attack and the intention of the attack, and whether the activity is really malicious or normal activity. It also helps in identifying repeated attacks from the same IP and analyzing the traffic behavior. Overall, the logs make it easier to investigate web-based threats and correlate them with other security alerts in a SIEM solution. It gives detailed logs such as source IP, request details, and attack type, which help in quick investigation and identifying patterns.

Barracuda Application Protection is helping our current organization in a meaningful way by reducing web-based security incidents through blocking malicious traffic before it reaches the application and end-user machines. It improved visibility into the web attacks and made investigation easier for the SOC employees, especially since we could quickly identify suspicious IPs and attack patterns. It also reduces the manual effort since many attacks were automatically detected and blocked, allowing our SOC team to focus more on analysis rather than basic filtering.

What needs improvement?

I have one thing to share about the features. I did not observe any major stability issues. The platform works reliably during monitoring. If I want to tell what needs improvement, policy tuning requires effort. Policy fine-tuning because it requires a lot of effort and time from the employees, such as the senior SOC analyst. For us, it requires a lot of manual effort. Also, sometimes it gives a lot of false positives that also require manual effort. These two main things need improvement.

Another area for improvement is the visualization of the attack data. Barracuda Application Protection has better visualization of attack data, but it can make it even better. It should be very accessible because nowadays, employees from the data engineer team, the network team, or other departments should be able to easily understand it. I personally feel that is how the user interface should be for all applications. The current trending applications should be built with better UI and UX design for better visualization of the attack data. That would be very helpful for SOC analysts as well as other department employees and colleagues.

For how long have I used the solution?

I have been using Barracuda Application Protection for the past one point two years.

What do I think about the stability of the solution?

I did not observe any stability issues with Barracuda Application Protection in the past.

What do I think about the scalability of the solution?

Barracuda Application Protection is scalable and can even handle the traffic for multiple applications. It is a very good solution in the current market.

Which other solutions did I evaluate?

Cloudflare WAF is another tool I have seen. Cloudflare is also more user-friendly and has a strong CDN and DDoS capabilities, and it is easier to use. However, I would still go with Barracuda Application Protection.

What other advice do I have?

Barracuda Application Protection is a very fantastic tool and a very good solution, especially when talking about web application attacks, particularly from external attacks. Currently in the market, there are very few solutions, and few solution providers are there, but comparatively, they are the best. That is why I rate Barracuda Application Protection eight out of ten.

For example, in day-to-day work, I have observed a repeated request pattern from a particular IP that was targeting the login endpoints with unusual parameters that I noticed. Barracuda Application Protection already detected that suspicious activity and gave notifications on our SIEM solution as well. It even blocked that IP automatically on a temporary basis. We have set up and fine-tuned our SIEM solution so that if any such IPs are detected, they need to be blocked for one to two days because we are not sure about the IP's reputation. With fine-tuning, we have it set to block for two days. That is how we did it. That helped us quickly validate the alert, and we confirmed the potential attack and avoided further impact. It also reduces the manual effort, as many such threats have been handled automatically.

Barracuda Application Protection is a good solution for protecting the web application from external attacks. From my SOC perspective, it provides good visibility to the SOC analyst, and the logs it generates are very comprehensive. That helps us with the investigation and correlating all such logs to the SIEM solution and other things. In our organization, we have a public-facing application, so that is where I can tell this will provide the best benefit from this solution. Compared to other perspectives, Barracuda Application Protection is a very good one, and from my experience, I am really impressed with it. I would rate Barracuda Application Protection eight out of ten.

showing 1 - 10