Barracuda CloudGen Firewall Secure Access Concentrator for Amazon Web Service
Protecting your Digital Assets in Amazon Web Services
Our Price: $809.40
The growth in cloud computing capabilities and services has driven more data into places where traditional IT security measures cannot reach - into data centers not owned by your corporate IT group. Beyond its powerful network firewall, IPS, and VPN technologies, the Barracuda CloudGen Firewall F-Series integrates a comprehensive set of next-generation firewall technologies, including comprehensive Application Control, Availability, and Quality of Services (QoS) features.
Moving your IT Infrastructure to the Cloud? Running on Amazon Web Services?
Barracuda Networks is your partner for various kinds of deployments in Amazon Web Services. We understand your IT needs and provide best-of-breed solutions for firewalling, load balancing, web application security, and email security in the public cloud.
Barracuda Networks and Amazon Web Services
Today, many organizations are looking to the cloud to take advantage of the economic gains and operational efficiencies inherent to non-hardware-based solutions. While migrating to the cloud means companies need to adjust to new security threats, the ability to scale according to business needs means that AWS offers a powerful value proposition. The pay-as-you go model Amazon uses enables businesses of all sizes to access just the AWS services they need, and no more.
In the cloud, companies need security that can compensate for a broader attack surface and a new array of threat vectors. As Amazon seeks to provide more options for hybrid cloud and pay-as-you-go subscriptions, Barracuda’s security services have moved hand-in-hand with Amazon’s values. Not only is Barracuda committed to providing total threat protection to AWS customers, but we’re taking steps to emulate Amazon’s methodologies within our product offerings. Barracuda and Amazon work well together because we have the same end user in mind: A person Amazon calls the “whole stack professional” and Barracuda describes as a “mid-market IT professional who wears a lot of hats.”
Move Your Physical Data Center to the Cloud with Amazon Web Services
Get Secure Connectivity with Visibility and Control by using the industry's most advanced next-generation firewall solution for deployments in Amazon Web Services. The Barracuda CloudGen Firewall ensures highly secure, encrypted traffic from, to, and within AWS, provides secure remote and site-to-site access, and centralized management.
The growth in cloud computing capabilities and services has driven more data into places where traditional IT security measures cannot reach - into data centers not owned by your corporate IT group. Securing applications and data in AWS is far easier with tools that are dedicated to the task. Deploying the Barracuda CloudGen Firewall in the cloud is very similar to running local network firewalls, and provides the advantages of common policy enforcement and distributed security management in a hybrid-IT environment. It provides next generation firewalling and secure remote access to AWS. It enables organizations to deploy sophisticated multi-zone network architecture in the cloud, just like their on-premises networks. By using the proprietary high-performance VPN protocol extension TINA (Transport Independent Network Architecture), the Barracuda CloudGen Firewall deployment enables secure high speed site-to-site and client-to-site connectivity between on-premises networks and mobile-user devices. The Barracuda NextGen Control Center adds a powerful and intuitive centralized management portal that makes it extremely simple to deploy, configure, update, and manage multiple units from a single location, while also providing comprehensive, real-time network visibility and reporting.
The Barracuda Advantage
- Quick rollout
- Comprehensive reporting
- Highly scalable
- Fully compatible with Microsoft Azure
- Powerful next-generation network firewall
- Advanced Threat Detection
- Built-in web security and IDS/IPS
- Full application visibility and granular controls
- Centralized management of all functionalities
- Template-based and role-based configuration
Securing the Internet of Things
The Barracuda CloudGen Firewall F-Series is designed and built from the ground up to provide comprehensive, next-generation security while being simple to deploy and maintain, and highly scalable. Need to connect micro-offices, point of sales and machine-to-machine business? With the F-Series you're all set!
Easy to setup and maintain: SC1
The Secure Connector (SC1) is a hardware appliance purposebuilt to be an on-premises connectivity device that ensures high-performance and tamper-proof VPN connections to protect the data flow and, thus, guarantee data continuity.
Bundling the data stream: SAC
The Secure Access Concentrator is the collecting point for the data stream. This fully fledged CloudGen Firewall acts as VPN gateway for the SC1 deployments. SACs can be run on VMware, Hyper-V, XenServer, or KVM environments as well as directly in Microsoft Azure.
Grows with your needs
Integration within the Barracuda NextGen Control Center architecture ensures that your deployment can grow with your needs without technical or financial trapdoors. The template-based configuration ensures easy rollout of additional devices and maintain compliance.
The Secure Access Concentrator can be deployed in Azure and AWS if your FSCs are geographically dispersed and/or your backend systems hosted in Azure and/or AWS. The FSAC connects your Secure Connectors with your cloud resources and allows you to monitor the traffic between the FSC and the private subnets. If VPN connectivity is required, the FSAC is used in combination with an F-Series Firewall. You have two options for setting up the Secure Access Concentrator. The deployment steps are the same as the steps required for an on-premises FSAC.
FSAC and F-Series Firewall in the Public Cloud, Control Center located on-premises
In this scenario, the FSCs connect to the public IP address of the FSAC. In Azure, traffic to the backend subnets is routed over the F-Series Firewalls; in AWS, the FSAC connects directly to the backend subnets. The F-Series Firewall handles the VPN tunnels to the on-premises networks. Configuration data from the FSAC to the Control Center is sent through this site-to-site tunnel.
FSAC, F-Series Firewall, and Control Center in Azure and Amazon Web Services
The client connects to the public IP address of the FSAC. Traffic to the backend is routed either through the optional F-Series Firewalls, or directly to the backend subnets. The FSC can connect directly to the Control Center, which is located in another subnet. In Azure, the FSAC can also secure the traffic between the different backend subnets. An F-Series Firewall is required for site-to-site VPN connections to your on-premises networks.
|Number of Protected IPs||unlimited||unlimited||unlimited|
|Max. number of VPN Connections||500||1,200||2,500|
|Firewall & VPN Throughput||1 Gbit/s||2 Gbit/s||4 Gbit/s|
|Advanced Threat Detection4,5||Optional||Optional||Optional|
1 The Barracuda CloudGen Firewall F-Series SAC virtual image covers all editions.
2 Requires a valid Energize Updates subscription.
3 Barracuda CloudGen Firewall F-Series SAC editions include as many VPN licenses as the number of protected IPs. VPN clients with an active connection to the Barracuda CloudGen Firewall F-Series SAC are counted towards the protected IP limits.
4 Including FTP, mail and Web protocols.
5 Requires a valid Malware Protection subscription.
- Stateful packet inspection and forwarding
- Full user-identity awareness
- Intrusion Detection and Prevention System (IDS/IPS)
- Application control and granular application enforcement
- Interception and decryption of SSL/ TLS encrypted applications
- Antivirus and web filtering in single pass mode
- SafeSearch enforcement
- YouTube for Schools support
- Denial of Service protection (DoS/DDoS)
- Spoofing and flooding protection
- ARP spoofing and trashing protection
- DNS reputation filtering
- TCP stream reassembly
- NAT (SNAT, DNAT), PAT
- Dynamic rules / timer triggers
- Single object-oriented rule-set for routing, bridging, and routed bridging
- Virtual rule test environment
Hypervisor and Public Support (for SAC and NextGen Control Center)
- Microsoft Azure
Intrusion Detection & Prevention
- Protection against exploits, threats and vulnerabilities
- Packet anomaly and fragmentation protection
- Advanced anti-evasion and obfuscation techniques
- Automatic signature updates
Advanced Threat Detection
- Dynamic, on-demand analysis of malware programs (sandboxing)
- Dynamic analysis of documents with embedded exploits (PDF, Office, etc.)
- Detailed forensics for both malware binaries and web threats (exploits)
- Support for multiple operating systems (Windows, Android, etc.)
- Flexible malware analysis in the cloud
- Secure site-to-site
- Supports AES-128/256, 3DES, DES, Blowfish, CAST, null ciphers
- Transparent failover without session loss
- Network notification of failover
- Encrypted HA communication
Central Management Options
- Barracuda NextGen Control Center
– Unlimited SACs and SC1s
– Support for multi-tenancy
– Multi-administrator support & RCS
- VoIP (H.323, SIP, SCCP [skinny])
- RPC protocols (ONC-RPC, DCE-RPC)
- 802.1q VLAN
Barracuda Energize Updates
- Standard technical support
- Firmware updates
- IPS signature updates
- Application control definition updates
- Online web filter
- Advanced Threat Detection
- Malware Protection
- Pricing and product availability subject to change without notice.
Our Price: $809.40
Our Price: $2,394.00
Our Price: $9,348.00
Our Price: $109.44
Our Price: $302.10
Our Price: $1,368.00
Our Price: $121.98
Our Price: $315.78
Our Price: $1,482.00
Our Price: $158.46
Our Price: $467.40
Our Price: $1,938.00