Barracuda Networks' NG Firewall F400 boasts a bonanza of features including Layer-7 application control, intrusion prevention, SSL VPN, web filtering, antispam and antivirus, network access control and more. The NG F400 belongs to a family of Barracuda security devices that run on a common software platform and offer centralized administration and enterprise-level management.
The manufacturer acquired the technology, originally called netfence, when it purchased the Austrian company phion. Barracuda has been working to conform the netfence user interface and enterprise management to more strongly integrate with its own line of security appliances.
The Barracuda NG Firewall F400 is a highly flexible, multipurpose security device that can work as a replacement for a number of stand-alone appliances. It can serve as a gateway router and offers Dynamic Host Configuration Protocol and network address translation services. The NG F400 also contains content security features, although Barracuda recommends deploying a separate dedicated firewall for e-mail security.
What's perhaps its most interesting feature, the NG F400 can perform intrusion prevention and application profiling, and it can handle extremely detailed settings for application and access use. These can be customized on a per-user basis for both wired and wireless connections.
The application-level profiling can include route prioritization, so that critical network traffic is assigned a higher priority than noncritical traffic. In addition, the firewall can be configured to take advantage of multiple access links and prioritize them as required.
For example, if the firewall detects that a high-capacity link has gone down, it can assign high-priority traffic over a slower link, such as a 3G wireless connection; and if necessary, it can block access to low-priority traffic such as instant messaging or web browsing.
Why It Works for IT
The FG F400 offers a relatively low-cost solution for enterprises. Using the device to manage a wide variety of security threats means organizations can manage with a reduced administrative workload. And because IT staff can use a single controller to manage the NG firewalls throughout the enterprise, policies can be consistent, and traffic flow can be optimized to reduce communications costs.
The number of Gigabit Ethernet interfaces on the Barracuda NG F400
In addition, because the NG class of Barracuda firewalls keeps a highly detailed history of configuration and policy changes and security events throughout the enterprise, it provides the basis for an auditable compliance platform.
The intrusion protection, antispam and antivirus features reduce the risk of organizational data loss or the compromise of security or compliance requirements, such as staff access to prohibited websites, the transmission of controlled data, or outside access to restricted internal assets.
The Barracuda NG Firewall F400 is extremely complex to configure. At press time, the documentation provided for setup was incomplete, and the videos that the company makes available to help were also incomplete. An average IT worker skilled in firewall configuration would probably not be able to get the Barracuda NG firewalls fully operational without help. Until the documentation is completed later in 2011, IT organizations should probably purchase implementation and support services with this firewall, and train staff how to use it.