Barracuda NextGen Firewall F-Series
Advanced Security and Traffic Control for Distributed Enterprises
The F-Series cloud-ready firewalls improve site-to-site connectivity and give you uninterrupted access to applications hosted in the cloud—all while simplifying network administration and reducing IT overhead for multi-site organizations and managed service providers.

Barracuda NextGen Firewall F-Series Technical Specs

Advanced Threat Protection

  • Dynamic, on-demand analysis of malware programs (sandboxing)
  • Dynamic analysis of documents with embedded exploits (PDF, Office, etc.)
  • Detailed forensic analysis
  • Botnet and spyware protection
  • TypoSquatting and link protection for email

Central Management Options via Barracuda NextGen Control Center

  • Unlimited firewalls
  • Support for multi-tenancy
  • Multi-administrator support & RCS
  • Zero-Touch Deployment
  • Pool license management
  • Template & repository-based management

High Availability

  • Active-active (requires external load balancer) or active-passive
  • Transparent failover without session loss
  • Encrypted HA communication

Protocol Support

  • IPv4, IPv6
  • VoIP (H.323, SIP, SCCP [skinny])
  • RPC protocols (ONC-RPC, DCE-RPC)
  • 802.1q VLAN


  • Drag & drop VPN tunnel configuration
  • VPNC certified (basic interoperability)
  • Network Access Control
  • iOS and Android mobile device VPN support
  • Multi-factor authentication for SSL VPN and CudaLaunch

Infrastructure Services

  • DHCP server, relay
  • SIP, HTTP, SSH, FTP proxies
  • SNMP and IPFIX support
  • DNS Cache
  • Wi-Fi (802.11n) on selected models


  • Stateful packet inspection and forwarding
  • Full user-identity awareness
  • IDS/IPS • Application control and granular application enforcement
  • Interception and decryption of SSL/ TLS encrypted applications
  • Antivirus and web filtering in single pass mode
  • Email security
  • SafeSearch enforcement
  • Google Accounts Enforcement
  • Denial of Service protection (DoS/DDoS)
  • Spoofing and flooding protection
  • ARP spoofing and trashing protection
  • DNS reputation filtering
  • Dynamic rules / timer triggers
  • Single object-oriented rule set for routing, bridging, and routed bridging
  • Virtual rule test environment

Traffic Intelligence & SD-WAN

  • Simultaneous use of multiple uplinks (transports) per VPN tunnel
  • FIPS 140-2 certified cryptography
  • Auto-VPN tunnel creation between remote spoke locations based on application type
  • Dynamic bandwidth detection
  • Performance-based transport selection
  • Application-aware traffic routing
  • Adaptive session balancing across multiple uplinks
  • Traffic Replication (forward error correction)
  • Application-based provider selection
  • Application-aware traffic routing (VPN)
  • Traffic shaping and QoS
  • Built-in data deduplication

Intrusion Detection and Prevention

  • Protection against exploits, threats, and vulnerabilities
  • Packet anomaly and fragmentation protection
  • Advanced anti-evasion and obfuscation techniques
  • Automatic signature updates