Barracuda Spam Firewall 400
January 01, 2006
$3,999 plus $899 for annual Energize Update subscription
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Very simple to set up and use with a surprising range of features.
- Weaknesses: Limited reporting options.
- Verdict: A good choice for the smaller enterprise.
This appliance is aimed at the smaller enterprise, using a single AMD Sempron 2600+ processor with 1GB RAM and 160GB mirrored disk storage in a 1U Mini rack-mountable chassis. It lacks the redundant power supply and hot-swappable disk features that a larger enterprise would expect, but it can be used in a clustered environment, which offsets these omissions to some extent.
We were concerned at the apparent lack of documentation provided. The two-page quick start guide seemed inadequate, but in fact provided all the information we needed to get the device up and running in minutes. More detailed documentation can be downloaded from the company’s website.
A web browser gave access to the administration interface, revealing a detailed overview of the system’s activity. It was easy to find our way around the various parts of the tabbed interface. Most fields were self-explanatory, but the system provided specific help for each item if needed.
The system’s filtering options were grouped together under one tab, and there were a surprising number available. Barracuda offers its own blacklist service, there are four pre-configured external blacklist services on offer, as well as a facility to add any specialised blacklisting service sites. Mail can also be examined using Bayesian analysis.
Barracuda’s Energize Update service provides an online update for spam rules and fingerprints to keep the system up to date.
The advanced options tab gave access to the more esoteric realms of Sender Policy Framework and protocol checking, as well as clustering options and system maintenance and troubleshooting.
The system includes a useful rate control feature that monitors connection requests in any 30-minute period. If it detects too many requests from the same source, it will block all further requests until the next period. The rate can be adjusted as required. This feature would be particularly useful against a deliberate attack.
Reporting options are limited to pre-configured reports, but these can be refined further by date and time. Reports can be emailed to designated recipients or displayed on screen. However, the daily reports can only be emailed and not displayed on screen. Reports cannot be sent to multiple addressees, although each report can be sent to a different address.
SC Webcasts UK
Sign up to our newsletters
SC Magazine UK Articles
- Robin Who? Dridex botnet replaced with antivirus software
- Google begins protecting against ads of dubious origin
- Clean house to keep WordPress infection from coming back again and again
- Thunderstrike 2 creators join their one-time target Apple
- Report notes shift from individual cyber-crims to skilled adversaries