Barracuda Web Security Gateway

Version: Barracuda Web Security Gateway version 610,710,810,910,1010.
Barracuda Web Security Gateway firmware version 11.0.0.019.

The Barracuda Web Security Gateway (WSG) lets organizations benefit from online applications and tools without exposure to web-borne malware and viruses, lost user productivity, and misused bandwidth.

Barracuda WSG logs can be integrated with Netsurion Open XDR via syslog. Barracuda WSG can send events like user login failure, configuration changes, allowed traffic, blocked traffic, malware activities detected, and malware blocked, etc. It creates detailed reports for user login failure, configuration changes, malware activities, web traffic allowed, and web traffic blocked. Its graphical representation shows the malicious URLs blocked by reason, malware detected by IP address, configuration changes by usernames, etc.

Netsurion Open XDR triggers alert in an event when a malware is detected, changes in configuration by any user, or an unsuccessful user login

  • Security – Content traffic and malware traffic.
  • Operation – Policies and rules that defines the traffic flow.
  • Compliance – Login and logoff activity events, configuration changes.

Once Barracuda WSG is configured to deliver events to Netsurion Open XDR, then alerts, dashboards, and reports can be configured into Netsurion Open XDR.

The following are the key Data Source Integration available in Netsurion Open XDR.

Alerts

Type Name Description
Security Barracuda – Potential threat has been detected This alert is generated when the web traffic content is infected by a malware or virus.
Compliance Barracuda – Login Failure This alert is generated when failed logon attempts is done in the application.
Compliance Barracuda – Configuration changes This alert is generated when any configuration changes are done in the Barracuda web server gateway by different users or admins such as new user creation, group creation, backup scheduled, firmware updates etc.

Reports

Type Name Description
Security Barracuda – Content filtering This report provides the details of the website contents that are being accessed by users which are blacklisted by the admins.
Security Barracuda – Malware activities This report provides all the malware infected traffic details.
Operations Barracuda – Clean policy allowed traffic This report provides all the allowed traffic content that pass through the Barracuda Web Security gateway.
Operations Barracuda – Clean policy denied traffic This report provides all the denied traffic content that pass through the Barracuda Web Security gateway. The denial is based on the policies and rules written by the admins.
Operations Barracuda – Inline Traffic details This report provides all internet traffic requests. It performs content filtering and scan downloads for spyware and viruses, filter web based and non-web-based applications. This is determined by the traffic that traverse via the automatic configured proxy(PAC).
Compliance Barracuda – Login and Logoff activity This report provides all the login and logoff activity that is done in the Barracuda application.
Compliance Barracuda-Login Failure This report provides all the failed logon attempts that is done in the Barracuda application.
Compliance Barracuda – Configuration changes This report provides all the configuration changes that are done in the Barracuda web server gateway by different users and admins such as new user creation, group creation, backup scheduled, firmware updates etc.

Documentation

The configuration details in this guide are consistent with Netsurion Open XDR 9.2 and later, Barracuda Web Security Gateway.

Download Integration Guide and How-to Guide for configuration instructions and more information.