Jump to content


Most Liked Content


#719 A Win32 management app would be nice

Posted by jfrinier on 03 August 2004 - 01:10 PM

While managing this system via HTTP is convenient in many respects, it becomes a real pain in the rear when the administrator is doing a significant amount of work on the system. For example - when managing the Message Log. A web interface is just too clumsy.There are already several threads making suggestions for improving the fuctionality of the message log, and I agree with most of them. However, I'd be fine with leaving the Message Log as it is if there were a more robust management application that I could install on the administrator's PC.


#64359 add and remove VLAN's in productive environments without network restart

Posted by Klaus Schweinberger on 06 March 2014 - 07:43 AM

I have to post this issue and I am kindly asking the community to Support my concern:

 

adding or removing VLAN's in the NG without disrupting the productive Infrastructure is only partly possible: you can add and activate a new vlan by using the CLI (you have to be very careful, not making any mistakes as there is no way back, but this would be still OK) but removing or altering requires a Network restart due to the fact that a soft activation is not possible or sufficient, no way to Bypass this situation.

 

 

Due to this you need a maintenance window and sometimes (poor) arguments which are difficult to provide in 2014's Network Technology.

 

In todays environments and ongoing virtualization, we are facing this restriction from time to time, the worst for us as a Barracuda Partner ist that most of the competitors do not have that lack of live activation.

 

Dear development Team, please respond telling me that you do have plans and maybe in the close future, it would help me a lot, thank you in advance!!

 

Klaus Schweinberger

 

 

 

 

 

 

 

 




#55956 Yosemite Server Backup Feature Priorities

Posted by Ben on 20 April 2012 - 05:22 AM

Up to date Documentation.


#53393 Make NGAdmin available on Linux

Posted by Claus Rosenberger on 13 July 2011 - 04:32 AM

Please support NGAdmin as Linux application.


#84156 Add ability to schedule emailing reports

Posted by Neil Laabs on 20 September 2017 - 10:56 AM

Would like the ability to schedule and email daily and/or weekly reports from ESS.  Had the capability in our old model 300 appliance for lots of different categories but seem to have lost that functionality when moving to ESS.




#68874 Inbound & Outbound email issues

Posted by Will Hartley on 23 December 2014 - 08:46 AM

I can see Barracuda staff are watching this thread - based on your disgusting lack of updates or even an ETA on this we are about to pull our disaster recovery for all clients on this system.

 

Everyone watching this thread probably collectively represents tens, if not hundreds of thousands of end users who are reliant on this system day to day. You are making us look bad to our clients by not even providing an update or an ETA on this issue.

 

At this point I don't even care how bad it is I just want to know a rough ETA so I can decide how to act in the best interest of my clients. An hour? Day? Week? Month? What exactly!!!?




#53336 DNSBL Usage as Firewall Networkobjects and Import of plain-text IP Address lists

Posted by Teemu Schaabl on 06 July 2011 - 07:19 AM

Good Day,

currently a lot of attacks are originating from the TOR network (which lets people tunnel traffic via an Onion Routing Network and chooses a random Exit for traffic, therefor providing anonymous communication). There are DNS Blacklists and large IP address lists (~2500 entries) available online, which could be used to block Traffic from and to these Hosts.

As example https://www.dan.me.uk/tornodes provides an hourly updated list of these Hosts.

My FRQ:

.) provide a commandline or GUI utility, to generate a network object which is importable into "NG Admin GUI" (or better, allow that it's usable directly (via Cronjob) in the NG Firewall.
.) implement the Possibility of using DNS Blacklists as Source and Destination Network Objects in NG Firewall.

Using a external, self-owned, DNS Server (and a domain) and generating own Zonefiles helps a bit, but it's a hack (and requires TCP, since the answer of a A RR containing 2500 entries is slightly bigger den 512 bytes).

br,


#77773 Ability to use multiple Authentication Schemes for Client VPN and the SSL Portal

Posted by Patrick Schneeweiss on 07 March 2016 - 03:56 AM

Hi Barracuda Team,

 

it would be nice to use multiple authentication schemes for Client VPN and the SSL portal.
At the moment it is only possible to use one schemes, e.g. MSAD or local users.

BR
Patrick Schneeweiß




#54847 SNMP Services Query

Posted by Marcel Malt on 03 January 2012 - 10:16 AM

Please check whether it is possible after introducing an SNMP Services on a Barracuda NG Firewall
Cluster (F400, 5.2.2) via SNMP query the status of the established VPN tunnel (Virtual
Server) to query

Thank you.


#53647 VPN support for iPhone/iPad

Posted by Manuel Huber on 11 August 2011 - 09:18 AM

As mentioned in the forum already, we have customers who wish to connect the built-in VPN-Client of their iPhones and iPads with their Barracuda NG firewall.
The current workaround PPTP has drawbacks which prevent a company-wide usage: either you have fixed username/passwords on the VPN gateway or you have to permit ANY user of the MSAD.

So probably there´s a possibility to use the IPSEC client (preferred solution since no third-party software is necessary to install/maintain) or Barracuda provides an app of the Barracuda VPN-Client.


#77255 Port Identifier renaming: bad idea!

Posted by Philipp Kreidl on 07 February 2016 - 06:17 PM

Anybody else has some issue with the renaming of the port IDs on new appliances?

 

For example on the new F18 the ports are named p1, p2, etc. instead of port1 port2... Support told us this will be the case for all new appliances (F180, F280...)

 

This complicates everything, it even break things like if you have a FW Rule with a Nat Connection type "From Interface" which are needed in some scenarios (We do have them). Now we have to run 2 different rulesets because of the renaming or what?

 

In addition to that, monitoring systems will detect the new port labels as completely new interfaces, so customers lose all historical data if they don't consolidate them. (Also our setup -> awesome).

 

Who of you thought this would be a good idea? At least provide some backwards compatibility or whatever... but this move was unnecessary.

 

Please fix this




#71906 VPN S2S IPsec DH-Groups

Posted by Gerhard Ehrenmüller on 01 June 2015 - 11:25 AM

We would like to see support for higher DH-Groups, for Groups lower than 14 are not considered save anymore.

 

Since we work with bussinespartners, turning to TINA-Tunnel is no option.

 

Diffie-Hellman group 1  -  768 bit modulus  - AVOID
Diffie-Hellman group 2  - 1024 bit modulus  - AVOID
Diffie-Hellman group 5  - 1536 bit modulus  - AVOID
Diffie-Hellman group 14 - 2048 bit modulus – MINIMUM ACCEPTABLE
Diffie-Hellman group 19 - 256 bit elliptic curve – ACCEPTABLE
Diffie-Hellman group 20 - 384 bit elliptic curve – Next Generation Encryption
Diffie-Hellman group 21 - 521 bit elliptic curve – Next Generation Encryption
Diffie-Hellman group 24 - modular exponentiation group with a 2048-bit modulus and 256-bit prime order subgroup – Next Generation Encryption

Algorithms marked as AVOID do not provide an adequate security level against modern threats and should not be used to protect sensitive information. It is recommended that these algorithms be replaced with stronger algorithms.
 




#68538 Eventing Box/CC

Posted by Teemu Schaabl on 04 December 2014 - 04:30 AM

Hi,

 

is there any chance Eventing is reworked? There has been a FRQ in the FRQ Forum last Year watchdog for eventd - from a MSSPs PoV, vaild requests have been made.

 

No response from Barracuda, besides a friendly mail exchange where I (painfully) assembled a list of stuff, send it and never got anything out of it.

 

Until today, we have to work around the Lack of Features using 3rd Party tools (wow, we got SNMP 2-3 yrs ago, let's integrate!) and tons of Bugs provided in this part of the System.

 

Events are not forwarded by mail/snmp, the CC is not taking care about the state of its own Database (not to mention the state of the event database on the boxes), License-related Events are not been taking care of (it got worse with the rise of centrally managed Licenses a.k.a. Barracuda Activation, back in the days we Engineers at least had a chance managing or warn about the license states of box - today we may be the last to notice), etc pp.

 

I can't help but giggle if somebody mentions he "manages" boxes. Management involves Notification and Visibility, all we got is bunch of Blinken Lights (which may or may not be important).

 

all the best,




#79293 Modifiy info page shown during ATD file scan

Posted by Gerhard Gessler on 28 June 2016 - 08:24 AM

Hi development team,

 

please consider the following feature requests (1 is minimum requirement, 2 would be the ideal solution mandated by our customers):

 

1) When showing the webpage that ATD scans a file, the webpage coming from the ATD-Cloud (at least this told me the support team today) needs to take into account the local language configured in the users browser. So german users should not see an english message, but one localized in german.

 

2) More ideal, this webpage should not come from the ATD-Cloud but from the local NG firewall and is configurable. Currently we have several german customer which want to give their users specific information about what is done and why and whom should be contacted if something goes wrong.

 

Best Regards,

 

    Gerhard