
Barracuda NextGen Firewall F-Series

Advanced Security and Traffic Control for Distributed Enterprises
The F-Series cloud-ready firewalls improve site-to-site connectivity and give you uninterrupted access to applications hosted in the cloud—all while simplifying network administration and reducing IT overhead for multi-site organizations and managed service providers.
The F-Series cloud-ready firewalls improve site-to-site connectivity and give you uninterrupted access to applications hosted in the cloud—all while simplifying network administration and reducing IT overhead for multi-site organizations and managed service providers.
Barracuda NextGen Firewall F-Series Technical Specs
Advanced Threat Protection
- Dynamic, on-demand analysis of malware programs (sandboxing)
- Dynamic analysis of documents with embedded exploits (PDF, Office, etc.)
- Detailed forensic analysis
- Botnet and spyware protection
- TypoSquatting and link protection for email
Central Management Options via Barracuda NextGen Control Center
- Unlimited firewalls
- Support for multi-tenancy
- Multi-administrator support & RCS
- Zero-Touch Deployment
- Pool license management
- Template & repository-based management
- REST API
High Availability
- Active-active (requires external load balancer) or active-passive
- Transparent failover without session loss
- Encrypted HA communication
Protocol Support
- IPv4, IPv6
- BGP/OSPF/RIP
- VoIP (H.323, SIP, SCCP [skinny])
- RPC protocols (ONC-RPC, DCE-RPC)
- 802.1q VLAN
VPN
- Drag & drop VPN tunnel configuration
- VPNC certified (basic interoperability)
- Network Access Control
- iOS and Android mobile device VPN support
- Multi-factor authentication for SSL VPN and CudaLaunch
Infrastructure Services
- DHCP server, relay
- SIP, HTTP, SSH, FTP proxies
- SNMP and IPFIX support
- DNS Cache
- Wi-Fi (802.11n) on selected models
Firewall
- Stateful packet inspection and forwarding
- Full user-identity awareness
- IDS/IPS • Application control and granular application enforcement
- Interception and decryption of SSL/ TLS encrypted applications
- Antivirus and web filtering in single pass mode
- Email security
- SafeSearch enforcement
- Google Accounts Enforcement
- Denial of Service protection (DoS/DDoS)
- Spoofing and flooding protection
- ARP spoofing and trashing protection
- DNS reputation filtering
- NAT (SNAT, DNAT), PAT
- Dynamic rules / timer triggers
- Single object-oriented rule set for routing, bridging, and routed bridging
- Virtual rule test environment
Traffic Intelligence & SD-WAN
- Simultaneous use of multiple uplinks (transports) per VPN tunnel
- FIPS 140-2 certified cryptography
- Auto-VPN tunnel creation between remote spoke locations based on application type
- Dynamic bandwidth detection
- Performance-based transport selection
- Application-aware traffic routing
- Adaptive session balancing across multiple uplinks
- Traffic Replication (forward error correction)
- Application-based provider selection
- Application-aware traffic routing (VPN)
- Traffic shaping and QoS
- Built-in data deduplication
Intrusion Detection and Prevention
- Protection against exploits, threats, and vulnerabilities
- Packet anomaly and fragmentation protection
- Advanced anti-evasion and obfuscation techniques
- Automatic signature updates