Configuration options for Barracuda

Review configuration options for Barracuda firewalls in RocketCyber

Configuration Options

User quarantined alert	This alerts the user when a file is quarantined by the firewall
ATP alert (malicious)	Barracuda's Advanced Threat Prevention (ATP) system classifies this traffic as malicious
DNS sinkhole detection	A DNS sinkhole is a server that gives incorrect name resolution. For example, it could resolve www.google.com to a server owned or controlled by the malicious actor.
Antivirus	Checks files going to your computer for known viruses
ATP (file block)	Runs machine learning predictors on files hitting the firewall to predict malicious files

Log Format

The expected format for Barracuda logs is pipe-separated. For example

<14>May 8 15:04:19 F77 F77/box_Firewall_Activity: Info F77 ARP: <cumulative>|ALLIP(0)|p2|192.168.77.177|0|00:00:00:00:00:00|192.168.70.77|0||||3030|0.0.0.0|0.0.0.0|0|5|0|0|0|0||||||

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.