Security

Review: Barracuda CloudGen Firewall VF50 Provides Powerful Security Advantages

This software solution can protect up to 50 websites or computing assets.

Twitter

John Breeden II is an award-winning reviewer and public speaker with 20 years of experience covering technology.

State governments must maintain complex, hybrid infrastructures to support their missions and the programs they administer on behalf of their citizens. Some states also may interface with or even assist in maintaining similar infrastructures for local governments or quasi-government organizations such as hospitals or schools.

That all makes for a complicated computing environment and an incredibly large footprint for attackers to target. One possible solution would be to install firewalls and other protections at every location or for every group of assets. That can work, managing a dispersed firewall system can become overwhelming.

To protect this large footprint, Barracuda introduced the next-generation CloudGen Firewall. As a virtual appliance, it can be installed almost anywhere, on-premises or in the cloud. And the VF50 model, which I evaluated, can additionally work to protect up to 50 IPs, so it works with multiple sites and assets.

Click the banner below to receive customized content by becoming an Insider.

Multilayered Defense Against Cybersecurity Threats

Installing the VF50 is incredibly easy for anyone with at least some IT experience. It works with most cloud providers and can also be installed on-premises on any workstation or server with at least 2GB of RAM and about 60GB of free hard drive space. Agencies can use a maximum of two CPU cores to drive it, which would provide a good deal of throughput and simultaneous operations before requiring an upgrade to a VF100 or higher-performing virtual firewall.

The VF50 provides all of the typical protection that users have come to expect from a firewall, plus quite a few advanced protections that form a layered defense to ensure that nearly every threat gets caught. The first level of protection consists of a firewall IPS and rule-based blocking, application control, dynamic routing, signature-based protection blocking and web filtering. More advanced protections include static code inspection, SSL interception, behavior analysis and detailed reporting with firewall analytics.

DIVE DEEPER: State and local agencies automate data analysis with Software as a Service.

Sandboxing Threats Eliminated with Ease

At the very high end of its on-board protections, the VF50 will put suspicious files or code into a sandbox that detonates any attachment that is not fully identified by the previous layers. Should a threat get detected in the sandbox, that threat is stopped and the VF50 learns the specific characteristics of the attack so that future threats of the same nature can be blocked. That saves resources and prevents shotgun-type attacks from overloading the firewall or bogging down operations.

In my testing, the VF50 was able to stop all of the polymorphic threats tossed at it from my in-house malware zoo, as well as several which were crafted on the fly with stealth and other obfuscation techniques. The VF50 even was able to stop so-called zero-day attacks using its defense in depth. Only a couple of threats made it all the way to the sandbox, and none got past the firewall completely.

SPECIFICATIONS

PRODUCT TYPE: Next-generation virtual firewall
FIREWALL DEFENSES: Application control, intrusion prevention, web filtering, anti-malware/anti-spam, advanced sandboxing and site-to-site VPN
HARDWARE REQUIREMENTS: 2G RAM, 60G hard drive
COMPATIBLE CLOUD PLATFORMS: VMware, Citrix XenServer, Oracle VirtualBox, Microsoft Azure, Amazon Web Services, Google Cloud Platform
MAX IP ADDRESSES PROTECTED: 50

The VF50 CloudGen Firewall Lets Defenders Be Everywhere at Once

The greatest asset of the Barracuda CloudGen Firewall VF50 is its ability to stop multiple and advanced threats made against up to 50 IP addresses. That is made even more impressive (and functional) thanks to a user interface that allows administrators to control all of those defenses from a single location.

As networks expand both on-premises and into the cloud, the VF50 becomes an increasingly good choice. It’s also built from the ground up to support multiple clouds, distributed sites, on-premises assets and even remote users. There is no need to purchase a new CloudGen firewall each time a new asset is added behind the firewall, unless an agency exceeds 50 IP addresses.

If all that sounds complicated, it’s because it really is a complex setup. However, no one would ever know that when using the VF50’s user interface. Right from the start, the installation of the virtual firewall is practically automatic and consists of pointing it to the correct location (on-prem or in the cloud) where the appliance will reside and letting the installation process put everything in place.

Once installed, adding protection to existing or new sites and assets is even easier and can be done in just a few clicks. The VF50 will handle setting up the APIs that control access to cloud features and link those assets to the protection engine. All a user needs to do is add any special firewall rules, such as specific websites that are allowed or restricted, or any other protection policies that are different from simply keeping threats away.

This would enable a state IT administrator, for example, to set up complete firewall protection for a branch or remote office even if there are no qualified IT personnel onsite, and to do so without having to physically visit that location.

One of the other advantages to using a VF50 is that Barracuda maintains a deep threat intelligence network that is constantly discovering new attack techniques and patterns and adding that data to its appliances. This is also an automatic process, so when the VF50 updates, it protects every covered asset from the latest network, email, website and web browser threats, all without requiring a human administrator to be in the loop.

Powerful protection coupled with a surprisingly easy-to-use interface provides VF50 administrators the power, control and automation they need to keep ahead of the most dangerous threats gunning for their highly distributed, modern networks.

Image Courtesy of Barracuda