Barracuda Spam Firewall 400
January 01, 2006
$3,999 plus $899 for annual Energize Update subscription
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Very simple to set up and use with a surprising range of features.
- Weaknesses: Limited reporting options.
- Verdict: A good choice for the smaller enterprise.
This appliance is aimed at the smaller enterprise, using a single AMD Sempron 2600+ processor with 1GB RAM and 160GB mirrored disk storage in a 1U Mini rack-mountable chassis. It lacks the redundant power supply and hot-swappable disk features that a larger enterprise would expect, but it can be used in a clustered environment, which offsets these omissions to some extent.
We were concerned at the apparent lack of documentation provided. The two-page quick start guide seemed inadequate, but in fact provided all the information we needed to get the device up and running in minutes. More detailed documentation can be downloaded from the company’s website.
A web browser gave access to the administration interface, revealing a detailed overview of the system’s activity. It was easy to find our way around the various parts of the tabbed interface. Most fields were self-explanatory, but the system provided specific help for each item if needed.
The system’s filtering options were grouped together under one tab, and there were a surprising number available. Barracuda offers its own blacklist service, there are four pre-configured external blacklist services on offer, as well as a facility to add any specialised blacklisting service sites. Mail can also be examined using Bayesian analysis.
Barracuda’s Energize Update service provides an online update for spam rules and fingerprints to keep the system up to date.
The advanced options tab gave access to the more esoteric realms of Sender Policy Framework and protocol checking, as well as clustering options and system maintenance and troubleshooting.
The system includes a useful rate control feature that monitors connection requests in any 30-minute period. If it detects too many requests from the same source, it will block all further requests until the next period. The rate can be adjusted as required. This feature would be particularly useful against a deliberate attack.
Reporting options are limited to pre-configured reports, but these can be refined further by date and time. Reports can be emailed to designated recipients or displayed on screen. However, the daily reports can only be emailed and not displayed on screen. Reports cannot be sent to multiple addressees, although each report can be sent to a different address.
SC Webcasts UK
Senior Accreditor, Security Risk and Assurance Manager
Disclosure & Barring Service - Liverpool, Merseyside
DV Cleared Systems Architect - 6 Months - London
Computerfutures - London (North), London (Greater)
CISO – Chief Information Security Officer (Up to £100K)
Evolution Recruitment - London (North), London (Greater)
Head of Security Strategy – London
Evolution Recruitment - London (West), London (Greater)
Information Security Manager
Infosec People - Hammersmith, West London
Sign up to our newsletters
SC Magazine UK Articles
- Krebs dropped by Akamai for record DDoS attack, OVH suffers 1100 Gbps DDoS
- NSA hacking tools used against Cisco customers
- WordPress plugin update leads to thousands of sites exposing users to adware
- The Internet of Things, cyber-security and the role of the CIO
- Pippa Middleton's iCloud account hacked
- It's a trap! WhatsApp Gold 'premium' version lures users to malware
- SC Awards Europe 2016 winners announcements!
- Microsoft ends common password use and password lockout
- ISIS radicalises 'lone wolves' through strong social media presence
- 1.5 billion Windows computers potentially affected by unpatched 0-day exploit