Jump to content


Photo

Limiting Cloud Rep IP range through Firewall


  • Please log in to reply
2 replies to this topic

#1 Michael Manning

Michael Manning
  • Members
  • 270 posts
  • LocationOhio, USA

Posted 03 March 2020 - 11:58 AM

I'm combing though my firewall to tighten up rules on our F280 and wondered if I should limit the IP range available for cloud replication for our Backup appliance. When I looked at info on the Campus site it stated it is not recommended to do so, why? Wouldn't it make sense from a security standpoint to limit access to the specific IP range.

 

Yes, this is a question about firewall config, but it specifically relates to my backup appliance functioning through that firewall. And yes I realize the campus article does state the b'cuda may change the IPs unannounced at their whim. 



#2 Hendrik Hirsch

Hendrik Hirsch
  • Barracuda Team Members
  • 47 posts
  • LocationInnsbruck

Posted 03 March 2020 - 12:14 PM

Hi Michael, 

 

from a security point of view, you are dealing with outgoing connections only. As a Backup system should be located in a DMZ either way, you will be on a save side.

 

The reason for not using IP blocks is, that our IP ranges are subject to change. If there is a change or fallback to a different range or IP, your BBS would lose connection with the cloud, making it hard to manage and impossible do do changes. Restricting the, again outgoing, connections will give you more headache as it resolves.

 

However, this is a recommendation, if you have the need to introduce IP blocks, you are definitely free to do so. 

 

I hope this helps. If you need a more in depth answer on this, send me a PM and we can setup a call. 

 

Cheers

Hendrik  


Barracuda Networks Staff

Presales Data Protection Systems Engineer

EMEA Region - German Speaking

ISO27001 and GDPR/DSGVO Consultant

 


#3 Michael Manning

Michael Manning
  • Members
  • 270 posts
  • LocationOhio, USA

Posted 06 March 2020 - 10:09 AM

Thank you Hendrik, that all makes sense