Barracuda SSL-VPN 680 Vx Virtual Appliance
Remote, Authenticated Access to Applications and DataSorry, this product is no longer available, replaced by the CloudGen Firewall Virtual Appliances.
Overview:
Barracuda SSL VPN Vx is a virtual appliance providing secure, clientless remote access to internal network resources from any Web browser. It is ideally suited for organizations that are standardizing hardware platforms or deploying virtual environments and provides the same powerful technology, comprehensive features and ease of use found in the Barracuda SSL VPN hardware appliance.
Technology
Designed for remote employees and road warriors, the Barracuda SSL VPN Vx provides comprehensive control over file systems and Web-based applications requiring external access. The Barracuda SSL VPN integrates with third-party authentication mechanisms to control user access levels and to provide Single Sign-On.
- Enables access to corporate intranets, file systems or other Web-based applications
- Tracks resource access through auditing and reporting facilities
- Scans uploaded files for viruses and malware
- Leverages multi-factor, layered authentication mechanisms, including RSA SecurID and VASCO tokens
- Integrates with existing Active Directory and LDAP directories
- Utilizes policies for granular access control framework
- Supports any Web browser on PC or Mac
Easy-to-use, secure network access for business travelers, remote workers, and mobile users
Your army of road warriors and remote workers require a quick, flexible, reliable Application Delivery and completely secure way to connect to your internal enterprise applications, information and network resources. They want to do this from anywhere in the world, at any time and from any suitable device. The Barracuda SSL VPN Vx provides the security and connectivity to deliver this access, via a web browser or virtually any mobile device.
The Barracuda Advantage
- No per-user fees
- Easy to use
- Easy to deploy
- Added security with built-in virus scanning
- Anytime, anywhere access
Product Spotlight
- Simple remote-worker access to corporate applications and data
- Fast and secure access from virtually any mobile device
- Remote access to MS Exchange, MS SharePoint, and Windows File Shares
- Simple mobile device configuration, ideal for BYODs
- Powerful two-factor authentication options
Easy as Opening a Web BrowserThe Barracuda SSL VPN Vx makes it easy for remote users to access internal applications and files. Unlike traditional VPN technologies, the Barracuda SSL VPN does not require any additional client software or complicated settings. Logging in from home or the road requires only a web browser and Internet connection. Upon login, users are presented with a portal of internal web applications or file shares. More advanced applications like Remote Desktop Services or Citrix XenApp are available to users running Java. |
|
Comprehensive AuthenticationAdministrators have complete control over user access with the option of further securing resources with secondary authentication. Possibilities include sending one-time passcodes to mobile phones (including Google Authenticator), prompting with security questions, or integrating with advanced authentication systems like hardware tokens, RADIUS, and other additional security methods. Risk Based Authentication allows the use of extra authentication for high risk applications. |
|
Comfort in a secure networkThe Barracuda SSL VPN Vx provides extra security layers, including the ability to reverse-proxy Exchange ActiveSync traffic to keep Windows servers safely inside the network perimeter. Integrated antivirus protection secures file uploads to keep malware out of the network. Built on a hardened platform, the Barracuda SSL VPN Vx is the ideal replacement for traditional software-based remote access gateways. |
Benefits:
Easy as Opening a Web BrowserThe Barracuda SSL VPN Vx makes it easy for remote users to access internal applications and files. Unlike traditional VPN technologies, the Barracuda SSL VPN Vx does not require any additional client software or complicated settings. Logging in from home or the road requires only a web browser and Internet connection. Upon login, users are presented with a portal of internal web applications or file shares. More advanced applications like Remote Desktop Services or Citrix XenApp are available to users running Java. Key Features: Clientless Remote Access, Web Portal |
|
|
Easy and Secure Mobile Access
Today, corporate data and applications need to be available anytime, from anywhere. As BYODs become commonplace, providing easy access for mobile devices not subject to network policy enforcement --while ensuring corporate data is secure-- is critical. The Barracuda SSL VPN Vx delivers fast and secure access while ensuring that a seamless and simple end-user experience reduces support overhead.
Key Features: Mobile Device Support
Features:
Clientless Remote Access
Unlike traditional IPsec-based VPNs that require client software installed on remote machines, the Barracuda SSL VPN Vx provides secure remote access to network resources from any web browser. This removes the overhead of installing and maintaining clients and permits secure access from any operating system that can support a standard web browser. SSL technology also eliminates some of the deployment issues around IPsec VPN technology like IP address conflicts, NAT traversal, and DNS issues.
Granular Resource Management
The Barracuda SSL VPN Vx integrates a powerful engine that enables administrators to selectively authorize traffic to approved resources. The device integrates with Active Directory, LDAP, and other user databases, permitting administrators to define granular policies that allow specific users and groups to access network resources. Administrators can configure access to resources such as intranet sites, mapped network drives, applications like RDP, SSH/SFTP, CITRIX XenApp, and others.
Multi-Factor Authentication
Remote users are required to properly identify themselves before obtaining entry to the network to prevent unauthorised access. The Barracuda SSL VPN Vx can be configured to enforce a combination of authentication schemes including Active Directory passwords, hardware tokens, client certificates, and PIN numbers. Moreover, the Barracuda SSL VPN supports RSA SecurID, VASCO, Safeword, and CryptoCard authentication servers through RADIUS integration for access using a one-time password token. This security ensures that accessing the Barracuda SSL VPN Vx from any web browser is backed by the protection of a strong authentication policy that allows only authorised users to enter the network.
Network Access Control
Remote users can access network resources from a variety of end-points or client machines including shared computers. The Barracuda SSL VPN Vx provides extensive network access control methods that will ensure a computer requesting remote access adheres to established security policies based on the operating system, web browser version, and other connection parameters before permitting network access.
Barracuda Network Connector
Designed for applications using UDP, the Barracuda Network Connector is a secure IP tunneling client installed on users' workstations or laptops. The Barracuda Network Connector creates an IP connection to the Barracuda SSL VPN Vx and has a fully routed VPN connection to the remote network. This streams content from the remote network and allows the use of any TCP or UDP application such as legacy client/server applications. The Barracuda Network connector also supports password, PIN, and RADIUS authentication for added security.
Hardware Token Authentication
The Barracuda SSL VPN Vx supports RSA SecurID, VASCO, Safeword, and CryptoCard authentication servers through RADIUS integration. Hardware token authentication supports access using one time password (OTP) tokens.
Single Sign-On
The Barracuda SSL VPN Vx integrates with user databases via LDAP, RADIUS, Active Directory, and NIS. Using central user accounts supports Single Sign-On while avoiding having to duplicate user data. The Barracuda SSL VPN Vx can pass users' Active Directory credentials to the remote desktop session for true Single Sign-On. For transparent authentication when using reverse-proxy web forwarding, intranet websites can be launched that pass users' credentials to web applications.
Reporting and Auditing
System administrators can easily view logs and generate reports for clear visibility into remote access. The Barracuda SSL VPN Vx generates reports on VPN use, users, resource activity, and more with no database administration or other equipment required. All resource access through the Barracuda SSL VPN Vx is audited. Real-time reports display privilege use, failed logons, file, and intranet use, as well as other information. The status page also provides statistics about resource use.
Mobile Device Support
The Barracuda SSL VPN Vx allows remote workers to securely access an organization's applications and files from virtually any mobile device, via an easy-to-use mobile portal. Security is ensured through powerful multi-factor authentication options, while ease-of-use ensures low support costs. In addition, the device configuration feature allows easy configuration of iPhones, iPads and Mac devices for exchange, mail, LDAP, Webclips, Client Certificates, IPsec, and PPTP. Windows devices can also be configured.
Web Portal
A web portal provides remote users with easy access to their assigned resources. Navigation is so easy that users in the office often prefer use the portal to access their network resources as well.
Multiple User Realms
Administrators use realms when an organization has multiple user databases. Realms let the Barracuda SSL VPN Vx authenticate against multiple domain servers and directories such as LDAP and NIS.
SSL Tunnelling
The Barracuda SSL VPN Vx securely connects remote users through SSL-encrypted tunnels from any web browser. No client software is necessary. However, for richer tunnelling, the Barracuda SSL VPN Vx offers the Barracuda SSL VPN agent, a lightweight Java tunnelling client. This agent supports remote applications such as Remote Desktop Services, Citrix XenApp, VNC, NX, SSH, and Telnet.
Antivirus
The Barracuda SSL VPN Vx automatically scans files uploaded to the network file system and from intranet web applications for viruses, spyware, and other malware. Barracuda Energize Updates keep virus definitions current in real time to prevent even the latest malware from uploading to the network.
Virtual Keyboard
The virtual on-screen keyboard is a security feature that defends against key-logging attacks. The virtual keyboard echoes characters the user clicks on.
Automatic Cache Cleaning
A cache-cleaning utility automatically clears session data from the user's web cache and history when the user logs out or disconnects. Cache cleaning prevents unauthorised exposure of information when users access the Barracuda SSL VPN from public or shared computers.
Site-to-Site Connectivity
The Barracuda SSL VPN Server Agent streamlines connections to services at remote sites without the risks and burden of using a fully routed IPsec connection. The Barracuda SSL VPN Server Agent directly connects to services hosted on remote sites from the Barracuda SSL VPN Vx.
Model Comparison:
The Barracuda SSL VPN Vx is available in 4 editions capable of handling from 15 to 500 concurrent users. Multiple virtual appliances can be clustered for greater capacity and high availability. Also, the capacity and performance of the 600Vx can be easily expanded by licensing it to run on additional CPU cores on the virtual host cluster.
Model Comparison | V180 | V380 | V480 | V680 |
---|---|---|---|---|
Capacity | ||||
Estimated Concurrent Users | 15 | 50 | 100 | 500 |
Number of CPU cores required | 1 | 2 | 4 | 6 |
Features | ||||
Barracuda Network Connector | ||||
Web Forwarding | ||||
Network File Access | ||||
Windows Explorer Mapped Drives | ||||
Citrix XenApp/VNC/NX/Telnet/SSH/RDP Applications | ||||
Single Sign-On | ||||
Antrivirus | ||||
Client Access Controls | ||||
Active Directory/LDAP Integration | ||||
Layered Authentication Schemes | ||||
Mobile Portal | ||||
L2TP/IPsec, PPTP Mobile Device Support | ||||
Device Provisioning (Windows, Mac OS X, iOS) | ||||
Risk Based Authentication | ||||
Google Authenticator Support | ||||
Remote Assistance | ||||
Multiple User Realms | ||||
Barracuda SSL VPN Server Agent1 | ||||
Hardware Token Support | ||||
RADIUS Authentication | ||||
Syslog Logging | ||||
SNMP | ||||
Clustering/High Availability |
1 Not available via mobile access.
Technical Specs
Security Features
- Supports Active Directury, LDAP, NIS, and built-in user databases
- Policy-based rights management
- Multi-layered authentication schemes
- One-time password authentication via email or SMS
- Supports SecurID, VASCO, Safeword, and CryptoCard authentication tokens
- Supports Aladdin eToken, SafeNet iKey, and other PKI USB devices
- Client assess controls based on operating system and web browser version
- Automatic cache cleaning and logout
- Web application URL masking
- Virtual keyboard
Virus Scanning
- Virus, spyware, and malware scanning
- Decompression of archives
- File type blocking
VPN Features
- Intranet web site forwarding
- Network file system browsing
- Web application single sign-on
- Remote desktop single sign-on
- Barracuda SSL VPN agent 1: Java agent for clientless deployment
- L2TP/IPsec and PPTP mobile device support
- Barracuda Network Connector: installable VPN client for IP connectivity
- Local Windows Explorer drive mapping
- Configurable SSL tunnels
- Multiple user logon realms
Mobile Support
- Customizable Mobile Portal
- Supports all common mobile devices (i.e., iOS, Android, Blackberry, Windows Phone, and Microsoft Surface)
- Provides access to corporate applications and file shares
- L2TP/IPsec and PPTP Mobile Device Configuration for Shortcuts, VPN Connections, and Active Synch / MS Exchange (iOS)
Auditing and Reporting Capabilities
- Track file, web, and network access
- Reports in PDF, CSV, and text formats
- Granular controls for access and policy
- Health monitoring
- Network utilization and appliance load statistics
Support Options
Barracuda Energize Updates
- Standard technical support
- Firmware and capability updates as required
- Automatic application definitions updates
Hardware Features
Connectors
- Standard VGA
- PS/2 keyboard/mouse
- Ethernet (see chart)
- Serial port (DB-9)
Screenshots:
The screen-shots below illustrate deploying the Barracuda Virtual Appliance on a VMware ESX/ESXi hypervisor. Other deployment options are available. Please refer to the Setup Guide or contact Barracuda Networks.
Barracuda Virtual Appliance FAQ:
What is a "virtual appliance"?
A virtual appliance is a software image designed to run inside a virtual machine. When deployed inside a virtualization platform, such as VMware, multiple virtual appliances can share the physical resources of a single host computer while remaining logically isolated from each other. Barracuda Networks currently offers virtual appliance versions of many of its popular hardware appliance solutions to leverage the benefits of virtualization.
What are the benefits of Barracuda Virtual Appliances?
Barracuda Virtual Appliances provide the same technology found in the Barracuda Networks hardware solutions and are ideal for enterprises that are standardizing hardware platforms or with existing virtual environments. Barracuda Virtual Appliances can be deployed on standard virtualization platforms and can co-exist with other virtual machines, thereby enabling optimal usage of hardware resources. As the organization grows, virtual appliances can be scaled for capacity without changing any hardware or software configurations. Also, virtual appliances can be easier to backup and restore using standard mechanisms for disaster recovery.
What are the System requirements to run the Barracuda Virtual Appliance?
Currently, Barracuda Virtual Appliances are supported on the following platforms
- VMware ESX and ESXi ("vSphere Hypervisor") versions 4.0, 4.1, 5.0, 5.1
- VMware ESX and ESXi version 3.5
- VMware Server 2.0+
- VMware Workstation 6.0+, Player 3.0+
- VMware Fusion 3.0+
- Sun/Oracle VirtualBox and VirtualBox OSE version 3.2
- Citrix XenServer 5.5+
A minimum of 2 GB RAM per core and 60 GB available hard disk space is recommended. More information can be found in the README file available in the download package.
Are Barracuda Virtual Appliances as easy to deploy as the Barracuda Networks hardware appliances?
Yes. Barracuda Virtual Appliances are specifically designed for ease of deployment in new or existing virtualization environments. The virtual appliances are fully encapsulated with the virtual hardware configuration and the setup process is simple. Once the virtual appliance is installed, configuration and administration is through the same intuitive Web based user interface as that on the appliance. Instructions can be found in the online setup guides available as part of the download or under the Documentation section at www.barracuda.com/virtualization.
Do the Barracuda Virtual Appliances receive Energize Updates?
Yes. The Barracuda Networks Energize Updates subscription provides the latest security updates and is an essential part of purchasing either a Barracuda Networks hardware solution or a virtual appliance.
How does an administrator interact with a Barracuda Virtual Appliance?
Once deployed, Barracuda Virtual Appliances are administered through the same simple Web based user interface found on the hardware equivalents. This makes it very easy for administrators of Barracuda Networks hardware appliances to support Barracuda Virtual Appliances without learning a new usage model.
Can I make copies of my Barracuda Networks virtual appliance and deploy them for redundancy?
Every active instance of a Barracuda Virtual Appliance must be supplied a unique license token that is obtained during the process of requesting an evaluation. If you choose the ZIP deployment method, the same ZIP file can be used for multiple deployments, but each deployment must be provisioned with a unique token. Cold backups, snapshots, host migration and other backup or disaster recovery operations are fully supported.
Can I cluster a Barracuda Virtual Appliance with its hardware counterpart?
Yes. The "Linked Management" feature can be used to cluster a combination of Barracuda Virtual Appliances and hardware equivalents as appropriate.
What is an OVF template?
Open Virtualization Format (OVF) is a standard to package and distribute virtual machines. It is a portable, platform independent file format that is supported by several hypervisors. An OVF file encapsulates the complete specification of a virtual machine including all the virtual disks, virtual hardware configuration (CPU, memory, networking) and storage. Barracuda Virtual Appliances are distributed as OVF templates that facilitate quick provisioning with little or no manual intervention.
How do I update the firmware on a Barracuda Virtual Appliance?
New firmware releases will be available periodically and are included in the Energize Updates subscription. Once the virtual appliance is deployed, administrators can check for available firmware releases and upgrade as appropriate.
How are the Barracuda Virtual Appliances priced?
Barracuda Virtual Appliances do not involve any per user or setup fees. A Barracuda virtual appliance is licensed for a certain number of cores. As the organization grows, administrators can easily expand the capacity of these virtual appliances by licensing them for additional cores as needed without the overhead of provisioning any additional hardware or software.
How can I evaluate a Barracuda Virtual Appliance?
A 30-day evaluation copy of any Barracuda Virtual Appliance can be obtained by filling the evaluation request form online at www.barracuda.com/virtualization. This will generate an email with download and activation instructions.
Where can I get more information?
Please contact us!
Documentation:
Download the Barracuda Networks SSL VPN Vx Datasheet (.PDF)