I have been working with Barracuda Web Application Firewall for more than almost three and a half years.

Its main use case is to provide security to applications, to strengthen their security policies, to protect the applications from cyber attacks and to make them compliant against OWASP Top 10. Moreover, it allows only legitimate traffic, reduces false positives, makes application access easy, filters out non-legitimate traffic, verifies what exactly comes within the payload of the request, inspects everything that comes with a request, and fine-tunes according to the application logic based on the contents the application serves to their clients.

For example, if we consider a company that has an application with a payment gateway configured, which provides services including money transactions, we deploy Barracuda Web Application Firewall for that application. We host the service in Barracuda Web Application Firewall. When a client requests access to the application, the request goes to Barracuda Web Application Firewall first, which will verify the request contents and create a separate TCP connection to the backend server if the request is legitimate. This process protects against attacks including SQL injection or cross-site scripting, where Barracuda Web Application Firewall will block any request that matches attack signatures.

We have seen a return on investment as the manual work for monitoring attacks and generating reports is reduced significantly, saving money. Barracuda Web Application Firewall's features fulfill our requirements well, preventing us from needing to switch to more expensive vendors while still meeting our needs effectively.

For example, if we consider a company that has an application with a payment gateway configured, which provides services including money transactions, we deploy Barracuda Web Application Firewall for that application. We host the service in Barracuda Web Application Firewall. When a client requests access to the application, the request goes to Barracuda Web Application Firewall first, which will verify the request contents and create a separate TCP connection to the backend server if the request is legitimate. This process protects against attacks including SQL injection or cross-site scripting, where Barracuda Web Application Firewall will block any request that matches attack signatures.

The reporting features are quite good as they have reporting charts and dashboards that provide lists of attacks and real-time verification of those attacks, helping in better reporting by tracking requests based on time and unique endpoints.

I believe URL Profiles and Website Profiles are the most unique features offered. They create separate endpoints for each request integrated with the application, providing different security profiles based on the requirements. Moreover, the learning feature is very comprehensive, allowing us to monitor the applications before switching to protect mode, creating automatic profiles based on learned traffic, which helps to fine-tune security policy.

Barracuda Web Application Firewall's user interface automates the blocking of malicious IP addresses, reducing the manual burden. Additionally, enabling the learning feature allows for quick preparation of security profiles, creating URL profiles automatically, which significantly reduces manual intervention and false positives.

The areas where it could be better are in security profiles, where a single service can have only one policy. There is no feature to add multiple security policies for separate endpoints within the same application, and the traffic manager is not flexible enough to handle unusual traffic patterns, sometimes leading to crashes.

I believe there are improvements needed in API security and bot protection within Barracuda Web Application Firewall. Additionally, enhancing the traffic handling capabilities for unusual patterns is necessary to avoid simply relying on failovers to manage traffic efficiently.

Barracuda Web Application Firewall is stable in my experience, although as our resources grow, we might need to upgrade to different hardware solutions to maintain seamless traffic management.

The scalability of Barracuda Web Application Firewall is fine. We tend to go for higher versions to ensure we have enough resources as needed, and the VMSS feature allows for easy upgrades or scaling of virtual editions.

The support is excellent. However, regarding integrations, there are limitations with AWS, where bugs occur during integration that need fixing in order to enhance overall sales.

I believe the customer support for Barracuda Web Application Firewall is excellent, with knowledgeable and experienced technical assistance that surpasses other vendors including F5, Imperva, and Cloudflare.

I would rate customer support a solid ten, as they are consistently on top of every issue, addressing them without delays and providing excellent support twenty-four hours a day, seven days a week.

Barracuda Web Application Firewall was our first choice, and we did not deploy any other Web Application Firewall prior to using it.

We have seen a return on investment as the manual work for monitoring attacks and generating reports is reduced significantly, saving money. Barracuda Web Application Firewall's features fulfill our requirements well, preventing us from needing to switch to more expensive vendors while still meeting our needs effectively.

The pricing, setup cost, and licensing for Barracuda Web Application Firewall are reasonable. They are competitive when compared to other vendors including F5 and Imperva, who tend to have higher prices.

Before choosing Barracuda Web Application Firewall, we evaluated F5, Imperva, and Cloudflare.

If budget is a constraint and security is a priority, I advise others to consider Barracuda Web Application Firewall without hesitation. They would get the best return on investment by starting with Barracuda Web Application Firewall instead of jumping to higher-end vendors. I have provided this review with an overall rating of eight.

I am not using the API protection feature right now because I don't host any APIs through Barracuda Web Application Firewall. I use a second procedure for API, which is point-to-point VPN connectivity with the banks. I'm using their API, and they are using my APIs, so our connectivity is over point-to-point VPN. Therefore, that traffic does not go through Barracuda Web Application Firewall, which is why I'm not using API protection at this moment.

The detailed analytics provided by Barracuda Web Application Firewall help in understanding application traffic patterns, although I find the built-in reports to be basic and not of a very advanced level. They are normal reports, not extraordinary analytics.

Real-time traffic monitoring is a time-consuming activity for my organization, and it often results in a lot of false positive events. When I go to check the real-time logs, it is difficult to find a valid attack among the false positives.

I have seen a return on investment because my application behind Barracuda Web Application Firewall is becoming obsolete technology-wise. My development team is working on the latest language tools or applications, so until then, this web application firewall is essential in my network to protect my existing online assets or software. It is definitely a good choice, providing a good ROI. I can imagine the consequences if I did not have it. During the COVID pandemic, we received plenty of attacks on our application, and at that time, I didn't have a web application firewall. Since implementing Barracuda, I sleep smoothly knowing I have protection.

I find the basic features of Barracuda Web Application Firewall plus advanced bot protection to be very valuable features, along with backup subscriptions.

I assess the effectiveness of the machine learning-driven threat detection in Barracuda Web Application Firewall as sometimes behaving abnormally, often showing me false positive attacks, so I have to fix these attacks from time to time.

From a stability point of view, I would definitely rate Barracuda Web Application Firewall a seven out of ten. There is definitely some room for improvement; nothing is perfect in the world.

I am not satisfied with the technical support from Barracuda. I am somewhat disappointed with the technical support that I have received so far. Whenever I generate a ticket for my problem, it goes to the Indian support team, and they all the time start with the most junior team member, consuming all my precious time. At the end, I have to close that ticket without any satisfactory solution. I have complained that they should shift my support to any other region because I don't need Indian support; they are simply pathetic and not up to mark.

To improve Barracuda Web Application Firewall, customers should be given ongoing training opportunities regarding the product and its features. I am not familiar with many features that are available, only using those which are necessary for my applications. I believe Barracuda must provide clearer product information or training sessions to make it more user-friendly, as sometimes its interface can be rigid and lacking in helpful resources or user tutorials about its features.

For it to get closer to a ten, I think advanced reporting is missing because, as I mentioned earlier, there are many false positive events being recorded. Often, when I analyze these attacks, they turn out to be genuine customers or users interacting with my product, but Barracuda tags them as attackers. Reducing false positives must be a priority.

I'm using Barracuda Web Application Firewall, and this is my fourth year using this product.

From a stability point of view, I would definitely rate Barracuda Web Application Firewall a seven out of ten.

I am not satisfied with the technical support from Barracuda. I am somewhat disappointed with the technical support that I have received so far. Whenever I generate a ticket for my problem, it goes to the Indian support team, and they all the time start with the most junior team member, consuming all my precious time. At the end, I have to close that ticket without any satisfactory solution. I have complained that they should shift my support to any other region because I don't need Indian support; they are simply pathetic and not up to mark.

I would rate the technical support a two out of ten.

Before Barracuda, I worked with other web application firewalls such as FortiWeb and F5, and I also explored a few demo versions of additional products. Compared to those, Barracuda is a very good product.

I have seen a return on investment because my application behind Barracuda Web Application Firewall is becoming obsolete technology-wise. My development team is working on the latest language tools or applications, so until then, this web application firewall is essential in my network to protect my existing online assets or software. It is definitely a good choice, providing a good ROI. I can imagine the consequences if I did not have it. During the COVID pandemic, we received plenty of attacks on our application, and at that time, I didn't have a web application firewall. Since implementing Barracuda, I sleep smoothly knowing I have protection.

At the time I was acquiring Barracuda Web Application Firewall, I found it costly compared to other products. To overcome that price factor, I excluded some features or subscriptions to align with the pricing of other products. Now, cost is okay because last April, I renewed Barracuda Web Application Firewall for the next three years. Interestingly, I received a local quotation from a partner, and then, because we have an office in the UK, I requested a quote from Barracuda's UK team, which was half the price I was quoted in Pakistan. Thus, I renewed through the UK office, making it definitely 50% cheaper than the Pakistan offer, so the price is good.

I do not think it is the best one on the market. I have seen other products offering additional features as next-generation firewalls, but as a dedicated web application firewall, Barracuda performs well among the basic features. However, I know there are more advanced products available, though I have not seen those to make a direct comparison. Therefore, I can't fully evaluate against them, but Barracuda has been a good product for me so far.

I rate Barracuda Web Application Firewall as a seven out of ten overall.

Interestingly, I received a local quotation from a partner, and then, because we have an office in the UK, I requested a quote from Barracuda's UK team, which was half the price I was quoted in Pakistan. Thus, I renewed through the UK office, making it definitely 50% cheaper than the Pakistan offer, so the price is good.

I have only been working with Barracuda Web Application Firewall. No local partner has introduced me to any other product lines. It was purely by chance that Barracuda Web Application Firewall came to me through a local partner; otherwise, local partners rarely bother introducing other products to customers.

Our primary use case was to track the traffic on websites or webshops to identify potential malicious actors, such as bots. This involved analyzing the type of data being collected through websites to detect possible DDoS attacks.

The most valuable feature of Barracuda Web Application Firewall is managing bot traffic. During a presentation by Barracuda, it was demonstrated that the traffic on Coolblue, a Dutch platform similar to Amazon, was significantly reduced with Barracuda's intervention. Half of the traffic was identified as bots searching for the cheapest price. This traffic analysis and bot management were used as unique selling points for other customers.

Barracuda Web Application Firewall lacks some of the more specified and structured features offered by solutions like Tenable. Although Tenable is more expensive and less easily deployable, its features are more deepened and chiseled, particularly for IT personnel. For example, Tenable provides more comprehensive dark web scanning capabilities, which Barracuda could improve upon.

I have used Barracuda Web Application Firewall for approximately three years but have not worked with it in the past year.

The deployment process was straightforward. Initially, it took about two and a half hours due to some internal setup configuration mistakes. However, after understanding the deployment steps, it was done in about one hour without further guidance.

I would rate the stability of Barracuda Web Application Firewall as seven and a half, possibly an eight.

I believe Barracuda Web Application Firewall is quite scalable, and I would rate it as an eight.

The customer service and support are exceptional, and I would give them a ten out of ten.

The initial setup was very easy. For someone unfamiliar with IT, Barracuda Campus provides excellent resources and guidance, making it accessible even to those not specialized in IT.

Tenable was evaluated as an alternative solution.

For those new to cybersecurity, Barracuda Web Application Firewall offers an affordable and easy-to-deploy solution. Its accessible nature makes it a great choice for mid-segment use. The shift towards cybersecurity awareness has created a growing market, and Barracuda fits well with this trend with its non-technical usability and corresponding price point. I would rate the overall solution as eight out of ten.

I use Barracuda Web Application Firewall mainly for web application protection. I have worked with Barracuda for six years, focusing on this specific product, which aligns with my company's and clients' security needs.

The most valuable features of Barracuda Web Application Firewall include advanced bot protection, DDoS protection, and addressing the top ten vulnerabilities. The solution provides robust support, which I particularly appreciate for its ability to address my inquiries and technical challenges effectively.

There are false positives that I am receiving when compared to other WAFs. The issues with false positives affect client transactions, leading to complaints about blocked transactions. Barracuda needs to improve its API security to address my evolving needs.

I have used the Barracuda solution for six years.

I face stability issues due to false positives. These result in clients complaining about blocked transactions on a daily basis. If these were reduced, Barracuda's stability would greatly improve.

The customer service and support from Barracuda have been excellent. I have a very supportive team that addresses my concerns. I have premium support as well.

Before Barracuda Web Application Firewall, I did not work with any other vendors or products.

The initial setup of Barracuda Web Application Firewall is straightforward and does not take more than half an hour. The installation is very easy.

My team manages the setup and requires one person for installation and three people for ongoing maintenance.

The pricing for Barracuda is quite high compared to other OEMs. Each transaction requires my purchase team to negotiate with Barracuda. Software licenses, premium support, and advanced bot protection all have different costs.

I would rate the overall solution as a seven out of ten, primarily due to issues with false positives.

I recommend Barracuda because of the strong support team I have.

I'm using Barracuda as a web application firewall for any application. It is too smart and user-friendly, making it easy to restrict applications and utilize many features.

It is very easy to restrict applications and utilize many features and ensures that it's not complicated to work with.

The most helpful feature is rate limiting, which acts as a security layer against DDoS attacks. Additionally, data leak prevention is very important and ensures protection against attacks.

I faced an issue when Barracuda decided not to support Azure Stack Hub anymore, which was a significant issue as we had many customers using it on that platform. Due to this decision, we had to replace Barracuda with another vendor, which was regrettable.

I have been working with Barracuda Application Firewall for more than four years.

When the SDM crashed, we experienced instability, yet support usually acted quickly and was very helpful, ensuring stability for customers.

Scalability is strong, rated eight to nine. The solution is capable of meeting scalability requirements efficiently.

Technical support may be rated as eight or nine out of ten. The support is very helpful and responsive.

Due to the decision by Barracuda not to support Azure Stack Hub, we replaced Barracuda WAF with another vendor for more than ten customers.

The setup process is too simple.

On a scale, pricing is nine out of ten. It's a reasonable price for this product.

There is no comparison, as Barracuda is too smart. Compared to FortiWeb, Barracuda is much better.

I would rate Barracuda Web Application Firewall at nine out of ten overall. I can recommend it to other users. Barracuda is one of the remarkable vendors in web security and is too smart.

Our clients primarily use Barracuda Web Application Firewall to filter their web traffic and ensure they are secure enough to protect their cybersecurity workloads.

We have sold these solutions to academic clients like universities. They appreciated the ease of use and the signature base.

The most valuable feature is the ease of use and the signature base.

As a service, Barracuda needs to host in Saudi Arabia, as they currently don't have this functionality. They need to enhance technical support to allow hosting within the region.

I have been working with Barracuda Web Application Firewall for a couple of years across different companies.

Barracuda Web Application Firewall is stable. We have had no issues, and there haven't been any specific comments about this.

I rate the scalability of Barracuda seven and a half due to some complexities and the inability to host as a service in Saudi Arabia.

I would compare Barracuda Web Application Firewall to Fortinet or Palo Alto.

The initial setup is simple. However, clients often require help as they may be more familiar with another OEM.

Clients require help as they might not have the core competency to implement the Barracuda technology.

The pricing is slightly expensive when compared to other OEMs.

I can 100% recommend Barracuda Web Application Firewall to other users.

I'd rate the solution eight out of ten.

Our primary use case for this platform is to protect our web applications.

The product's advanced bot and threat protection capabilities are valuable.

There's potential for improvement in the platform's CMS integration.

I've been using Barracuda Web Application Firewall for five years now.

The platform has been quite stable, with minimal disruptions in our operations.

I would rate this solution a ten for scalability.

The customer service and support have been responsive and helpful whenever we've needed assistance.

The initial setup was straightforward.

We implemented the product with the help of a vendor.

The product pricing was competitive for the value it offers regarding security features.

We evaluated other solutions like FortiWeb but chose this platform due to its comprehensive feature set and scalability options that suited our needs better.

The platform has been a reliable choice for securing our web applications. I recommend exploring their support and training offerings to maximize their effectiveness.

I rate it a seven out of ten.

I use the solution in my company to protect our website.

The solution's most valuable feature is that it actually protects our website, and it provides all the required security functions.

When we have multiple applications in Barracuda, everything is not managed in a single place. For example, Suppose I have four applications and want to make a common change across them. In the aforementioned case, it is not supported at the moment, and I have to go to individual applications and make changes.

Suppose I have four applications in the product and want to make similar changes in all of them together. In the aforementioned case, it is not possible to do anything with Barracuda Web Application Firewall.

I have to go to an individual obligation, make changes, and come out, and go to the next obligation and make the same changes. There is no grouping option.

I have been using Barracuda Web Application Firewall for six months. I am an end-user of the tool.

It is a mostly stable tool. I rate the stability as a nine out of ten.

I rate the scalability as an eight out of ten.

The number of users depends on the public who are accessing our website. It all depends on the popularity, so I can't say the number here. Let us say that there are probably thousands of users.

The solution's technical support is good. There is a delay in the response time when it comes to the support part. I rate the technical support a seven out of ten.

The product's initial setup phase is easy, but one needs some background knowledge. In terms of security products, one needs some background knowledge of the security practices. Nobody cannot configure the tool. Some certifications and technical knowledge is required to use the tool.

Depending on the person's knowledge of security, I can rate the setup phase as an eight on a one to ten scale, where ten means it is a very easy process.

The solution is deployed on the hybrid cloud.

The time required to deploy the solution depends on how many servers you want to set up in the hybrid environment. There are different components underneath it. There is no common time frame for the deployment. It all varies on a case-to-case basis, depending on how many deployments you are running in a hybrid environment and what services are offered to the user in the hybrid environment. We can't tell you the specific time for the deployment.

Cost is a bit on the higher side. Big companies can afford it.

The product offers protection against web exploitation. With code injection and SQL injection, everything is covered in the tool.

My company has around four applications on Barracuda Web Application Firewall. Everything has been working smoothly with the tool.

Speaking about AI-driven security measures, I would say that the solution has its own in-built machine learning techniques, so we are not using any other solution or AI solution, as it is all integrated with Barracuda Web Application Firewall itself.

Though it is a costly tool, it is a good product that is stable, secure and offers good protection.

I rate the tool an eight out of ten.

Barracuda Web Application Firewall’s most valuable features are real-time threat detection and automatic security updates.

The platform's pricing needs improvement.

The technical support services are good.

I have used Fortinet before. It has efficient AI capabilities compared to Barracuda.

The product has generated around 10% of return on investment.

The product is expensive. It is overpriced.

The product works effectively. However, it is complicated to understand and requires essential knowledge. It significantly improved our overall web security posture, addressing intrusions and enhancing control over web URLs in our environment. We can identify and block malicious URLs. With proper training, it is easy to manage templates and policies for this tool. They provide comprehensive documentation and training courses available for free on their website. It has good features for forensic analysis and reporting. It has a user-friendly interface and seamless integration with SQL.

I rate it a seven out of ten.

My company uses the tool for HTTP protection and the protection of HTTP for a particular application that is exposed to the internet. The product offers both the deployment models, which include the cloud and Barracuda WAF-as-a-Service.

There are some vulnerabilities that are reported across the tools offered by Barracuda for some devices, which need to be taken care of from an improvement perspective.

I have experience with Barracuda Web Application Firewall. I am a system integrator, and my company takes care of the deployment process for our customers.

The stability of the product is good. Stability-wise, I rate the solution a ten out of ten. I have never seen any downtime while using the solution.

It is a scalable product. In my company, we have been able to scale up from level one to level five using Barracuda Web Application Firewall.

My company deals with five or six customers of the product. One customer of my company who uses the product may have around 1,000 users in their environment.

The technical support offered by Barracuda is marvelous. When it comes to the technical support of the product, areas like responsiveness, resolutions, and reachability are unmatchable with any of the other products in the market.

The product's initial setup phase was very straightforward and easy.

The product's deployment process was pretty simple since you just select the instance, after which it can be deployed in ten minutes.

Barracuda Web Application Firewall is deployed on the cloud.

With all the prerequisites in place, one application can be deployed or onboarded in an hour.

In my opinion, the product is fairly priced. There is a need to make payments towards the licensing cause of the product on the basis of per application a user uses. Depending on the requirements, a user can make payments on a yearly, two-year, or three-year basis.

The solution has successfully helped meet the compliance requirement, considering the HTTP protection that the product offers along with the DDoS feature, making it a pretty good tool. The tool also offers protection against the OWASP Top 10 attacks, a default feature available in the product.

In terms of the effectiveness of the solution offered in our company, I would say that we are able to see the logs and get alerts. The actual effectiveness of the solution can only be witnessed when a company gets attacked, and to date, my company has never experienced such a scenario. I would say that the solution is working effectively.

The product is pretty straightforward when it comes to areas like configuration management and monitoring.

The policy management is very easy in the product.

If you have applications in the cloud, like AWS, then Barracuda Web Application Firewall-as-a-Service or Barracuda Web Application Firewall deployed on the cloud can be a good option.

The product has had no impact on the user experience front. Barracuda asks for the captures of DDoS attacks and asks the users about their challenges.

I rate the overall tool a seven to eight out of ten.