Looking for opinions on Barracuda F380 Cloud Gen Firewalls
Posted by ihatemsps@reddit | sysadmin | View on Reddit | 8 comments
Hey y'all,
Back in January I started with a new company. We're a relatively new internal IT team, the previous team was the IT Director, desktop support, and an MSP. The Director & Desktop support team have completely cycled out. Our new team has experience in various IT disciplines, so we're pretty well rounded now and are looking to cut the MSP loose sometime in the near future.
That being said, around the time of the team transition, the previous director penned a deal with the MSP to replace aging firewalls with upgraded NGFWs. This project went live shortly before I started here at the organization. I was pretty surprised when the firewalls turned out to be made by Barracuda. I wasn't even aware that they made firewalls, just only have experience with them from my K-12 sysadmin days for web filtering.
So not knowing much about them, I took to google, reddit, friends in the industry, hell, even things like spiceworks and can't really find that much on the overall opinion of them. Just marketing fluff, posts about their Web Filtering appliance, and LLM generated articles.
My initial thought is that we got fleeced with these things. I've been in the administrative applet and poked around and it seems not very next generation. Very janky, and feels like an appliance from 2013.
Has anyone had experience with these things?
Horsemeatburger@reddit
Last I looked at them the firewall side was well behind everyone else (Palo Alto, Fortinet, Sophos, even Cisco and Sonicwall, and configuration was difficult. Web filtering was good, though, and they had a good SD-WAN solution (again, complex to setup). Licensing was also one of the most expensive.
They seem to have good deals for MSPs so they get pushed a lot, but as an end user I wouldn't go with Barracuda, considering all the other options on the market.
ihatemsps@reddit (OP)
I'm fairly worried about the licensing moving forward. From what I've seen they lock updates behind active subscriptions? Usually I've maintained licensing on FW's, but it seems to be odd to have updates a main part of an active subscription.
Horsemeatburger@reddit
Most security vendors lock firmware updates behind subscriptions, no it's quite normal. Usually it's part of the security subscriptions anyways so it's not really in issue.
RealisticQuality7296@reddit
Dogshit. I hate them
ihatemsps@reddit (OP)
Any additional insights as to why you don't like them?
Admin_Stuff@reddit
They do have good tech support. No script readers. You can actually get a hold of someone who knows the product and can solve things quickly.
ihatemsps@reddit (OP)
Good to hear that they're responsive on the support front.
labalag@reddit
They're ok. Just don't expect the lastest and greatest.
Configuration wise they're a bit tricky but it makes sense if you're configuring dozens of them from their Control Server.