Barracuda Web Security Gateway
Version: Barracuda Web Security Gateway version 610,710,810,910,1010.
Barracuda Web Security Gateway firmware version 11.0.0.019.
The Barracuda Web Security Gateway (WSG) lets organizations benefit from online applications and tools without exposure to web-borne malware and viruses, lost user productivity, and misused bandwidth.
Barracuda WSG logs can be integrated with Netsurion Open XDR via syslog. Barracuda WSG can send events like user login failure, configuration changes, allowed traffic, blocked traffic, malware activities detected, and malware blocked, etc. It creates detailed reports for user login failure, configuration changes, malware activities, web traffic allowed, and web traffic blocked. Its graphical representation shows the malicious URLs blocked by reason, malware detected by IP address, configuration changes by usernames, etc.
Netsurion Open XDR triggers alert in an event when a malware is detected, changes in configuration by any user, or an unsuccessful user login
- Security – Content traffic and malware traffic.
- Operation – Policies and rules that defines the traffic flow.
- Compliance – Login and logoff activity events, configuration changes.
Once Barracuda WSG is configured to deliver events to Netsurion Open XDR, then alerts, dashboards, and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | Barracuda – Potential threat has been detected | This alert is generated when the web traffic content is infected by a malware or virus. |
| Compliance | Barracuda – Login Failure | This alert is generated when failed logon attempts is done in the application. |
| Compliance | Barracuda – Configuration changes | This alert is generated when any configuration changes are done in the Barracuda web server gateway by different users or admins such as new user creation, group creation, backup scheduled, firmware updates etc. |
Reports
| Type | Name | Description |
|---|---|---|
| Security | Barracuda – Content filtering | This report provides the details of the website contents that are being accessed by users which are blacklisted by the admins. |
| Security | Barracuda – Malware activities | This report provides all the malware infected traffic details. |
| Operations | Barracuda – Clean policy allowed traffic | This report provides all the allowed traffic content that pass through the Barracuda Web Security gateway. |
| Operations | Barracuda – Clean policy denied traffic | This report provides all the denied traffic content that pass through the Barracuda Web Security gateway. The denial is based on the policies and rules written by the admins. |
| Operations | Barracuda – Inline Traffic details | This report provides all internet traffic requests. It performs content filtering and scan downloads for spyware and viruses, filter web based and non-web-based applications. This is determined by the traffic that traverse via the automatic configured proxy(PAC). |
| Compliance | Barracuda – Login and Logoff activity | This report provides all the login and logoff activity that is done in the Barracuda application. |
| Compliance | Barracuda-Login Failure | This report provides all the failed logon attempts that is done in the Barracuda application. |
| Compliance | Barracuda – Configuration changes | This report provides all the configuration changes that are done in the Barracuda web server gateway by different users and admins such as new user creation, group creation, backup scheduled, firmware updates etc. |
Documentation
The configuration details in this guide are consistent with Netsurion Open XDR 9.2 and later, Barracuda Web Security Gateway.
Download Integration Guide and How-to Guide for configuration instructions and more information.