Presentation is loading. Please wait.

Presentation is loading. Please wait.

Barracuda NG Firewall The Next Generation Firewall for the Distributed Enterprise Barracuda NG Firewall is a next-gen firewall that was purpose built for.

Published byAbigayle Waters Modified over 6 years ago

Similar presentations

Presentation on theme: "Barracuda NG Firewall The Next Generation Firewall for the Distributed Enterprise Barracuda NG Firewall is a next-gen firewall that was purpose built for."— Presentation transcript:

1 Barracuda NG Firewall The Next Generation Firewall for the Distributed Enterprise Barracuda NG Firewall is a next-gen firewall that was purpose built for efficient deployment and operations in dispersed, highly dynamic, and security-critical environments. In addition to security, it provides industry-leading operations effectiveness and added business value by protecting traffic against outages and link congestion. It employs user and application awareness to select network path, priority, and bandwidth. In case of line failure, it transparently adjusts and keeps traffic flowing. All policies are centrally managed. Version 6.0.x | December 2014

2 Why today‘s Firewalls are broken
Visibility No visibility into user behavior No control over applications Manageability No centralized management No centralized deployment Intelligence No network optimization No traffic prioritization Security No Network Access Control No IDS/IPS No Secure Remote Access

3 Regaining Control is Essential
Control Application Usage Cloud enablement & WAN virtualization Access Control & Mobility Operations cost control Controlling Application Usage: Block unwanted application Throttle tolerated applications Application-based link selection Speed-up business-critical tools Always-on Connectivity: Integrated QoS and intelligent traffic shaping (dynamic path routing and application-based link selection) Multiple uplinks and redundancy Intelligent link failover and business critical traffic priorization in case of link loss Access Control and Mobility: Network Access Control and VPN Simple guest networking and WiFi Integrated SSL VPN Excellent Value: No per user fees Single appliance with fully integrated functionality Single pane of glass Cost-effective central management and lifecycle management

4 Introducing the Barracuda NG Firewall
Powerful network firewall Full application control Full user awareness Intelligent traffic management Comprehensive IDS/IPS Centrally manage all functionality

5 The Evolution of the Firewall
WAN optimization Centralized management Scalability Remote network access Reporting/Audit capabilities Quality of Service (QoS) Application control Identity awareness Ports, packets, protocols Anti-virus scanning Traditional Firewall/UTM Barracuda NG Firewall Next Generation Firewall

6 Regain Control – Application Awareness
Business Critical? Acceptable? Security Flaw? Block unwanted applications Control and throttle acceptable traffic Preserve bandwidth and speed-up business critical applications Intercept SSL encrypted application traffic Besides state-of-the-art application control, BNG lets you preserve bandwidth and speed up business applications.

7 Traditional Use Case – Block Traffic
Block unwanted applications for certain users or groups Based on specific authentication mechanisms (e.g. DC agent, MSAD, LDAP, RADIUS, ...) specific traffic for specific users/groups can be blocked.

8 Get Smarter – Selective Blocking
Block unwanted applications for certain users or groups Enable or disable application specific sub-functions (e.g. Facebook Mail) In addition to basic user/group blocking, you can allow subapplications/subfunctions for specific users and specific time frames. At the same time, you can enforce QoS for the allowed connections (more on QoS on the next slide).

9 Improving Overall Network Quality
Control and throttle acceptable traffic Throttle unimportant traffic (bulk traffic)

10 Protect and Support the Business
Control and throttle acceptable traffic Preserve bandwidth and speed up business-critical applications Throttle unimportant traffic (bulk traffic) and speed up business-critical applications.

11 Traffic Analysis and Live Application Control

12 Application-Based Provider Selection
The combination of next-generation security and adaptive WAN routing lets the Barracuda NG Firewall dynamically assign available bandwidth for several links not only based on protocol, user, location, and content, but also based on applications, application categories and web filter categories. This keeps expensive, highly available lines free for business and mission-critical applications, while significantly reducing response times and freeing up additional bandwidth.

13 All You Need to Know with Just One Click
Real-time information and quick history drill downs Live (active connections)

14 Application Context Discover the actual intentions of users & applications

15 Full User Awareness DC Agent (Domain Control Agent)
Automatic user-IP mapping Exclude IP addresses manually (e.g. HTTP proxies and Terminal Servers) Monitor Active Directory remotely TS Agent (Terminal Server Agent) Map users to specific port ranges TS Agent connections are SSL encrypted Mapping information is sent only after successful connection establishment Debug log of identifying connection issues DC Agent: User-IP-Mapping The Barracuda DC Agent is the connector between various Barracuda Networks products and Microsoft® domain controllers to transparently monitor user authentication. With the DC Agent, Barracuda Networks systems can monitor domain controllers to automatically detect when users log into their Windows domains. The Barracuda DC Agent lets you manually exclude IP addresses of user client PCs or known multi-user computer systems and provides a "learning mode" that proposes the exclusion of suspicious systems. Due to the complexity of today's network environments and multi-user computer systems, a user-to-IP association is not always possible or required. For example, you can exclude the HTTP Proxy and Terminal Server because they allow multiple users and use a single IP address for authentication against domain controllers. If you install the Barracuda DC Agent on a dedicated computer system instead of the Active Directory server, you can also remotely monitor Active Directory. Terminal Server Agent: To let the Barracuda NG Firewall get information about users who are logged into a Microsoft Terminal Server, install the Barracuda Terminal Server Agent (TS Agent). It functions similarly to the Barracuda DC Agent for Windows domain controllers, which authenticates users according to the IP addresses that are mapped to their usernames and group context. However, the Barracuda TS Agent authenticates users according to a specified port range because every user on the Terminal Server has the same IP address. The Barracuda TS Agent maps each user to a source port range and sends this mapping to the Barracuda NG Firewall with user information. When the Barracuda NG Firewall receives a TCP or UDP packet, it looks at the source port and IP address and then matches rules on the user’s distinguished name and group membership. Connections with the Barracuda TS Agent are SSL encrypted. Mapping information for users is only sent after connections are established. The Barracuda TS Agent also writes a debug log that helps you monitor your Terminal Server and identify possible problems.

16 Reports Create customizable Top Reports for:
Applications, risk, category Protocols Users Sources & destinations Geo locations URLs etc. Automatic generation and delivery Schedule reports via , or to a file share.

17 Barracuda Report Creator
Example report.pdf

18 Cloud Enablement The uplink is your weakest link % availability made easy. xDSL Ethernet xDSL Internet DHCP MPLS BNG allows the simultaneous use of multiple ISPs, provides link balancing and transparent failover. Animation description: can be sent via DHCP/cable connection, web traffic via multiple DSL connections (link balanced), VoIP via MPLS If DHCP breaks, traffic is automatically rerouted via the DSL connections

19 Virtual Appliances Barracuda NG Firewall virtual images are available for: VMware ESX Hyper-V KVM Citrix XenServer Public cloud offerings: In addition to the virtual appliances for Vmware ESX, Hyper-V, KVM, and XenServer, the Barracuda NG Firewall is also available for public cloud offerings including Microsoft Azure and Amazon Web Services.

20 Increase Network Throughput
WAN Optimization Data compression TCP-flow optimization Protocol acceleration Data deduplication Headquarters Branch Office

21 VPN – Effective Operations
VPN is hard to setup, maintain, and troubleshoot? REALLY? Really? Video 1: With other solutions a VPN is hard to maintain and troubleshoot. If you have to use CLI, it is even more difficult. Does it really have to be so difficult? With BNG, all you have to know is how to drag & drop. Video 2: Fully meshed VPN including WAN optimization (CIFS and mail).

22 Barracuda NG Control Center
C400/VC400 – Standard Edition C610/VC610 – Enterprise Edition VC820 – Global Edition For efficient and flexible management, Barracuda offers five different control centers. C400 (hardware appliance) and VC400 (virtual appliance fof VMware, KVM, XenCitrix) Unlimited firewalls (recommended 20) 1 tenant Multiadmin support Role-based administration Revision control system Central statistics Central syslog (host/relay) Firewall audit collector/viewer NG access monitor C610 (hardware appliance) and VC610 (virtual appliance fof VMware, KVM, XenCitrix) The above plus: Unlimited firewall (recommend 200 hardware-based; unlimited, but depending on hardware for virtual appliance) Multitenancy on cluster-base Barracuda NG Earth PKI Service VC820 Unlimited firewall (depending on hardware for virtual appliance) Multitenancy on range-base (5 tenants included; more available for purchase) High Availability license included

23 Industry Leading Centralized Management
Daily Tasks, 1 Firewall 10 minutes In our experience, it takes 10 minutes per day to manage a single firewall

24 Industry Leading Centralized Management
Daily Tasks, 100 Firewalls 16 hours So extrapolating from this to 100 firewalls (a standard sized BNG project), this adds up to over 16 hours each day for only managing tasks.

25 Industry Leading Centralized Management
Daily Tasks, 100 Firewalls 10 minutes Multiple Locations, Multiple Firewalls Barracuda NG Control Center So extrapolating from this to 100 firewalls (a standard sized BNG project), this adds up to over 16 hours each day for only managing tasks.

26 Improve your Security Posture
State-of-the-art inline IDS/IPS Real-time update of signatures Included with Energize Updates Network Access Client Customizable web-based SSL VPN Sophisticated Network Access Control (NAC) Centrally managed via the Barracuda NG Control Center

27 Improve your Security Posture
Advanced Threat Protection Protection against zero-hour-exploits advanced persistent threats advanced malware Granular delivery options Automatic quarantine capabilities Cloud-based, next-generation sandboxing with full OS emulation Instant Threat Visibility and Protection including detailed emulation reports More detailed information in the Advanced Threat Detection slide deck.

28 The Barracuda NG Firewall Product Line

29 Barracuda NG Firewall Advantage

30 Barracuda NG Firewall Advantage
Understand what users are doing on your network Improve your security posture Cloud-based web security Intelligently regulate network traffic Optimize bandwidth usage and link availability Increase network throughput Centrally manage the corporate network Globally monitor your WAN Reduce associated management costs

31 Next Steps

32 The last firewall you will ever buy
Moving Forward Talk to us Ask for a demo Free 30-day evaluation The last firewall you will ever buy

33

Download ppt "Barracuda NG Firewall The Next Generation Firewall for the Distributed Enterprise Barracuda NG Firewall is a next-gen firewall that was purpose built for."

Similar presentations

| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net 1 WX Client Rajoo Nagar PLM, WABU.

| Copyright © 2009 Juniper Networks, Inc. | 1 WX Client Rajoo Nagar PLM, WABU.
Barracuda Link Balancer Link Reliability and Bandwidth Optimization.

Barracuda Link Balancer Link Reliability and Bandwidth Optimization.
Content Overview Update Process Additional Tools.

Content Overview Update Process Additional Tools.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.
Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.

Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
Chapter 11: Dial-Up Connectivity in Remote Access Designs

Chapter 11: Dial-Up Connectivity in Remote Access Designs
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Barracuda Networks Steve Scheidegger Commercial Account Manager 734-887-2422

Barracuda Networks Steve Scheidegger Commercial Account Manager
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Barracuda Networks Confidential 1 Barracuda Web Filter Overview 1 Barracuda Networks Confidential11 Barracuda Web Filter Overview.

Barracuda Networks Confidential 1 Barracuda Web Filter Overview 1 Barracuda Networks Confidential11 Barracuda Web Filter Overview.
Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.

Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.

Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN
Barracuda Load Balancer Server Availability and Scalability.

Barracuda Load Balancer Server Availability and Scalability.
IGEL UMS Product Marketing Manager October 2011 Florian Spatz Universal Management Suite.

IGEL UMS Product Marketing Manager October 2011 Florian Spatz Universal Management Suite.

Similar presentations

Ads by Google