Collaboration

Review: Barracuda Networks Web Filter 310

Derek Schauland spotlights the Barracuda Networks Web Filter appliance. Find out what it will do and get a look at some of the features.

Keeping your network and your users safe (sometimes from themselves) is paramount in the IT world we live in. Filtering for malware and other threats at the client level is still a requirement, but the need to filter content that is allowed into your environment varies by organization. Many places already filter Internet traffic, and it may be something you have to implement at some point.

The Barracuda Networks Web Filter line of products are user friendly and simple to implement. In this product spotlight, I will walk through an overview of the device and point out what I have found in setting it up. Previously, I have spotlighted the Barracuda SSL-VPN product.

Specifications

The Barracuda Web Filter family of products allows filtering of Internet traffic based on rules configured by the administrator. There are no requirements within the environment as these devices are plug-and-play. The different models within the family allow for different numbers of users, caching, and other features on the device. The 310 model has the following hardware specifications:

  • 10Mb/sec throughput
  • 10GB Cache size
  • 50-200 concurrent users
  • 400-800 active TCP connections

And supports the following features:

  • Content Filtering*
  • Application Control*
  • Advanced filtering via policy*
  • Network threat protection*
  • Spyware Removal*
  • Summary Reporting*
  • Syslog
  • Ethernet Bypass Hardware
Note: Items marked with * are supported on all Web filter models Supported operating systems:

Because the Barracuda Web Filter can be configured to sit between your clients and Internet gateway there are no OS support restrictions.

Who's it for?

The Barracuda Web Filter is a great appliance for companies large and small that allows another level of security from viruses and spyware. The consideration to keep in mind when evaluating the device is the number of users within your environment and the things you wish to filter.

What problem does it solve?

In addition to helping keep malware out of an organization, the Barracuda Web Filter helps enforce your company's Internet Acceptable Use policy and eliminate the use of non-standard applications like IM clients, gaming sites, or other material.

This Web filter keeps track of Web traffic within an organization to allow customized filtering as needed. Suppose an employee was found to be abusing the Internet Usage Policy of the organization, the IT staff could configure an exception to lock down Internet access with a message to the user explaining the situation, eliminating the need to reconfigure the firewall to prevent access.

Standout features

The reporting capabilities of the Barracuda Web Filter are a great feature in my opinion. In the past, we had no really reliable method for monitoring Internet usage. Along with reporting, the ability to see how much bandwidth is being consumed out to the Internet is also helpful.

The ease of configuration and integration with Active Directory is a benefit as well. To get this working within an AD environment, simply configure the LDAP settings on the device to connect to your Domain Controllers. There is an agent that needs to be loaded on the DCs within the environment to send audit information back to the Barracuda Web Filter, however it runs as a service and is very straight forward to configure. Once these settings are modified, the Barracuda will pull in user and group information from Active Directory. This will allow you to manage groups and filtering within AD rather than configuring additional groups/users on the Barracuda Web Filter to manage the Internet.

Barracuda also offers instant replacement on its network devices with current maintenance. If your device fails, call support and they will assist you in getting a replacement out immediately. If you have backed up your configuration, setup will be a breeze on the replacement unit.

Trial of the Barracuda appliance is free of charge as demo units can be requested by contacting the company, for a 30-day evaluation. This leaves us with pricing, which depends on the number of users that the device will support.

Note: The appliance is not licensed per named user but for concurrent users, and will handle the traffic for a predetermined number of users, depending on which model you purchase. The Barracuda Web Filter 310 lists for US$1999  with pricing for other models being higher or lower depending on the number of concurrent users it supports. Barracuda also sells its appliances through a large reseller channel where you might be able to get even better pricing.

(Click to enlarge images.)

Figure A

Barracuda Web Filter Administrator Dashboard

Figure B

Content filtering categories

What's wrong?

Application filtering generally works pretty well, but there are exceptions. When an application is changed or reworked by the developer, it may need to be updated within the firmware of the device. Once this is completed, assuming support is current, you should be able to download and use the latest features for the filter.

There is a minimal learning curve for the device, but as you get into the administration console and discover the power of the appliance it will quickly become apparent how well the device works.

Competitive products

Bottom line for business

In a time when the Internet is used in almost every business, protecting systems and users from some of the content and applications found on the Web and enforcing Internet use policies can be quite the time consuming task.  =Using the Barracuda Web Filter can save a great deal of time and money in the long run by aiding in the task of keeping your environment clean.

About

Derek Schauland has been tinkering with Windows systems since 1997. He has supported Windows NT 4, worked phone support for an ISP, and is currently the IT Manager for a manufacturing company in Wisconsin.

20 comments
gdavila
gdavila

I've own a spam firewall for several years. The hardware failed more than once. Yes, a new one was sent but to get technical support took more than five days. Long hours waiting on the phone for a representative finally picking up the call only to promise to call back within thirty minutes but it never happened. I contacted sale representatives, upper management, and everyone else I could think so, to get support to take my calls or get their help without positive results. Everyone was very courteous and full of promises but actual support never arrived???

Botje2004
Botje2004

This product doesn't rock. We had a few Webfilters 810, they didn't perform like the specs and the hardware fails. We had 5 broken raid controllers. There are also software issues in proxy mode. When you connect the proxy in transparant mode and trying to receive a webpage on tcp 8080 all the proxy sessions are interrupted. It is cheap but it has a reason.

tristan
tristan

Awesome box. Great support. One of the standout features that the competition didnt have at this price range was caching. You would have thought that every device of this nature would implement caching but the Barracuda was the only enterprise level contender that did.

ikramim
ikramim

I have never used Barracuda but after reading this came to know that this device is also the same features as websense and Symentec and the most important thing is the cost. it is cheaper then the other vendores products.

tmcclure
tmcclure

It is a great appliance. It is easy to administer and very reliable. I enjoy bring up the status page to our new employees during their orientation. They are shocked at how much traffic is blocked. The only drawback is the Active Directory component. Way too cumbersome to implement and use. Thus preventing me from monitoring user activity on a terminal server.

tstevens
tstevens

I've been using this product, and the next model up (410) for 2 years. The throughput, TCP connections, and number of users supported is VERY inflated. The 310 would not support heavy use from 60 users. Guess what? Neither does the 410. We regularly max out TCP connections. When this happens it either passes the traffic without filtering, or fails entirely (passes no traffic) depending on how its configured. The reporting is good, and it was relatively easy to configure. I had one fail, and it was replaced by the "Instant" replacement service. In practice, it took 2 days. Bottom line: I would recommend this for small or lightly used networks (small business filtering) due to its ease of use. I will be replacing mine as soon as I can afford to do so (probably go back to ISA). BTW - the 310 that I had was powered by a low end semperon processor running a linux kernel. In essence a cheap PC in a rackmount case complete with 512MB RAM and IDE drive. This appliance replaced an ISA server running Surfcontrol. The ISA server out performed this appliance in every way. That said, ISA is not for the faint of heart...

dgibbs
dgibbs

10 Mbps throughput? A 10/100 uplink? (Is it Y2K compliant?). Seriously...seems like a catch22. If your business is IT/web intensive enough to require web filtering, I would think it is at least connected at business-class cable speeds. (In which case this thing could cut bandwidth/productivity by 5x). Barracuda offers a 610 that does 50 Mbps...but if you are high-powered enough to have a 1 Gbps uplink, the best model they have (910) cuts that down to 300 Mbps. Of course, the web cache size goes up with the model number, which will save bandwidth on repetitive hits, but there is a definite throughput penalty for all the filtering.

dcoplin
dcoplin

I've had a Barracuda Web Filter 310 for almost 2 years now and not one problem. As for users of the network Barracuda is a bad word.

smithdv
smithdv

There is a reason this product is so cheap. I had 2 brand new units fail completely within 2 months of eachother. The units would completely crash with kernel panic errors and have to be reimaged every week. The software could not handle passing client IP addresses to the firewall, even though the feature is available on the unit. The solution I was given, was to turn off this feature. When the unit fails, of course it doesn't fail open, so there were at least 10 hours of downtime. This caused lost revenue from our online sales. I've switched to a different brand product now and haven't had an issue since. In theory, the functionality and effectiveness of this product would have been great, but the platform was very poor.

butkus
butkus

Working in a school district, I know lots of schools with filters. My school uses a different filtering progam. Schools may have less "regulations" with their uses then with business employees. My best feature of these units is the inability to download .exe .com files. Hence no malware can be installed. After many years with our filter and this inability, I have older, slower PCs without AV protection and no problems. But you need a process for "allowing" all the sites it blocks. "I can't view the photos my brother sent me at so and so web site". Everyplace I try to go during lunch is blocked. I can't get YouTube anymore ! Whine, whine, whine.

link470
link470

Ah ya. Without going into too much detail, I see what you mean ;) A Terminal Server would be a nightmare.

Giottod
Giottod

Are users agreed "Barracuda" is a bad word, but for us it has worked great. We have had the unit for almost a year. I work in a hospital where HIPPA is a major concern, and social media scares IT and administration. The biggest concern I have is we have nasties that slip through due to the passive screening.

iiagdtr
iiagdtr

My Barracuda was installed in 2004 and continues to work to this day. I also am a great believer in redundancy, and do have a different brand online and ready to go which is easily justified with even an hour of downtime in many if not most orgs. Tech support has also been very good for me. A case of YMMV I suppose.

daffoml
daffoml

May I ask when you had these units? I was wondering if it was far enough back that those problems have been solved by now.

jamey123
jamey123

If you are on a budget like most schools are, checkout untangle.com. Used in conjunction with opendns.com you can really block about anything with the greates of ease. (BOTH ARE FREE!)

tmcclure
tmcclure

I work in mental health, so HIPAA is a big issue with me too. Social media is a really big deal here. As a rule I block it and issue passwords to staff with their manager's authorization. Most of the stuff that gets through for us is minor. I like to take a layered approach. The Barracuda functions on what I call the network level and the second level is host based. I also check my logs too. Based on what I find I manually block it. Mostly streaming audio.

link470
link470

I've ran the exact model mentioned in this article, Barracuda Web Filter 310, at the high school I work for and it's been fantastic. A few of my favorite features is the logging, so I can quickly go and search by Active Directory User, IP address [which I match to our DNS entries to see what computer it belongs to] and website URL. Love the fact that the device works with Active Directory. This is a huge advantage over the filters the other schools use in the district which aren't that smart. This one can tell the difference between a staff member and a student and allow the user through accordingly. AntiVirus and AntiSpyware at the perimeter is huge. We use AVG Business Edition [formally Network Edition] internally but it's nice to have that extra layer of protection at the border. HTTPS filtering. Awesome. Works great and kids can't figure out why https://www.facebook.com just loads a white page endlessly. Also, can't beat the ability to customize your block screen per type of incident. Blocked website students get the "I see what you did there" cat. http://i198.photobucket.com/albums/aa188/link4scott/filter1.jpg

smithdv
smithdv

From November 2009 until January 2010

tmcclure
tmcclure

I read the documentation concerning AD and got the impression the Barracuda bypasses the filters making you recreate them using AD groups. Did I read it wrong? How difficult was it fro you? I'd love to monitor my terminal server users.

JonGauntt
JonGauntt

Used one at my last company and had nothing but compliments for the Barracuda. AD sync is what got us in the door and we never looked back. The reporting can be a bit difficult, but other than that it worked like a charm.

Editor's Picks