Jump to content


Firmware 9.2 is now available as an EA release to all customers

This topic has been archived. This means that you cannot reply to this topic.
No replies to this topic

#1 Tushar Richabadas

Tushar Richabadas
  • Moderators
  • 42 posts

Posted 14 June 2018 - 01:24 AM

The Barracuda Web Application Firewall version has the following important enhancements:
  • Integration with Gemalto’s Safenet Luna Network HSM to support FIPS 140-2 environments
  • Integration with Barracuda Reporting server
    • Export logs for long term retention
    • Generate reports on BRS
  • ​Support for GDPR compliance
    • Encryption of Logs and Problem Report using configured key
    • Backup files can now be encrypted using configured Key
  • Enhancements to Access control
    • Support for handling IDP initiated SAML Single Logout for multiple authorization policies
    • CRL updates are now downloaded 5 times every 24 hours.​
  • Enhancements to Role Based Access Control
    • Support 2FA for Admin Access. Introduced Dual Factor Authentication to provide additional layer of security
  • Enhancements to API v3
    • Comprehensive role-based administration capabilities with granular controls and complete API coverage for all operations has been added
    • The performance of REST API's (v3) GET requests has been improved​
  • The lockout feature has been enhanced to support per service lockout of the violating client IPs
  • Networking enhancements
    • The WAN interface (Eth0) can now be part of a bond on all multi-port models
    • Users can now deploy virtual appliances with multiple ports (apart from WAN & LAN)
    • Virtual instances now support 10 Gig bit Ethernet Interfaces. [BNWF-27243]
Some issues of note that were fixed:
Fix: OpenSSL has been upgraded to version 1.0.2o to address multiple vulnerabilities. [BNWF-28911]
Fix: OpenSSH has been upgraded. [BNWF-18487]
Fix: Global CSRF settings are now inherited by newly created URL Profiles. [BNWF-8962]
Fix: The "Barracuda AppSec Control Center" is now renamed as "Barracuda WAF Control Center". [BNWF-27751]
Fix: The “SNI” option has now been removed for FTPSSL service. [BNWF-28620]
Fix: HTTP Responses from the WAF Admin pages will not include the Server header. [BNWF-28636]
Enhancement: WAF will now trigger auto repair/recovery of the configuration database if it is corrupted, reducing possibility of loss of logs in such cases. [BNWF-20087]
Enhancement: HTTP Compression when content-type contains "+" works now. [BNWF-26258]
The complete list of enhancements and bug fixes can be found at:release_notes

Tushar Richabadas

Product Manager - WAF and ADC