Barracuda Web Security Gateways now available in the 200 through 1000 series provide web content filtering as well as access and advanced threat protection, and are available as physical appliances, virtual appliances, or as a SaaS.
N/A
Cisco Secure Web Appliance
Score 8.0 out of 10
N/A
Cisco Secure Web Appliance (formerly Cisco Web Security Appliance [WSA]), powered by Cisco Talos, protects by automatically blocking risky sites and testing unknown sites before allowing users to link to them, helping with compliance. It is available models S690, S390, and S190.
Barracuda Web Security Gateway is a secure solution. This solution offers advanced filtering for web content, application control, access control, network monitoring, and user authentication to control network access. It is easy to use, helps prevent access to harmful content. Therefore, I highly recommend the Barracuda Web Security Gateway to enhance your network security, secure remote administration, and approve and control application usage.
Based on the platforms I have evaluated, I think the WSA is a great fit for any organization that needs a proxy server that provides control over what web sites are accessed or when they can be accessed. I think it is probably overkill if you simply need a proxy server for bandwidth savings or because you need to proxy general Internet access without extensive filtering needs.
It can integrate with active directory to place restrictions based on a specific user or group if required - or alternatively to allow a user/group to access more on the web if needed.
The application blocking features have been especially useful in our enterprise, and there is a large number of applications & web applications available to block/allow as needed.
It does a great job of filtering emails based on IP reputation. This feature works particularly very well. Cisco has a vast database of IP reputation scores and therefore offers very few false positives and negatives.
It checks each email thoroughly without any compromise of privacy. Any malicious link present in the body of the email makes its way to the quarantine. The IP reputation scores also help in this case.
There are 2 different policies; authenticated and unauthenticated. Sometimes the filter does not pick up the user that is logged in. When this happens, that user could potentially access sites that would normally be blocked.
Sometimes blocking one thing could block something you need. We had an instance where we use remote software. We block BitTorrent but for some reason, the filter was seeing this remote software as BitTorrent traffic. I got support on the line and we were eventually able to figure out a solution.
We put in certain applications. One of them is supposed to be blocked but a lot of the time it doesn't get blocked.
There are a lot of settings you can adjust. The web log is easy to use. If a user is having issues accessing a website, you can go in and see what's being blocked and why. After that, you can make adjustments fairly easy. The GUI is easy to navigate and updating the software is a simple click of a button.
Because it's one of those products you almost don't realize it exists from the end user. From the administrator perspective, you can do everything on its web interface and it's very intuitive to manage, once you know the concepts behind identities, acls, etc. Also, once you build the control structure, I mean, you link 'local' groups with your own Active Directory groups, as we did here, you don't need to be managing those things on the appliance itself.
Barracuda support is always available, 24/7. They are always friendly, supportive, and follow-up with anything they promise. Any ticket that is opened is touched constantly by the support team until it is remedied
Our experience with Cisco's support was terrible. Other than the fact that they don't respond to service-related emails with urgency, they also keep on changing the policies that affected us. Recently, they came up with a new look for the same software, which was insanely slow. Renewal of keys for the old interface took months. Overall, the support was not very friendly from the users' point of view.
Barracuda Web Filter is superior to the built-in content filters of any firewalls (even next gen) that we have encountered. It's a misconception that the built-in filtering on a SonicWALL or WatchGuard is enough. I don't believe that Barracuda has any direct competitors in this space that it's not head and shoulders above.
Considering we're with Cisco IronPort Web Security Appliances for the last 9 years, as I stated, we don't have too much experience with other producs. What I can say is that in the past, we evaluated Websense before it became Forcepoint and we also used MS ISA Server for webfilter. As you may imagine, IronPort is a very very superior product.
We had several of our divisions that we thought needed to increase their internet bandwidth, due to decreased speed and productivity. After installing the Barracuda Web Security Gateway, we realized we had some abusive behavior going on with online activity. We set some controls and the bandwidth usage decreased by at least 30%, allowing us to maintain the current bandwidth and not spending more money.
Having a much safer work system has given us the guarantee and security of always staying out of danger.
The prevention system is important for us and always keeping our devices, web and emails free of any malicious agent has allowed us an excellent workflow, without distractions or inconvenience in the development of projects.
Thanks to the fact that we have kept our work system safe, we have saved ourselves a lot of inconvenience, time spent, avoiding equipment damage, payments to solve problems, among many other problems that thanks to Cisco Secure Web Appliance we have been able to solve.
