It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda WAF-as-a-Service

Legacy Licenses

  • Last updated on

The information on this page is for legacy licenses. These licenses are not available for new accounts and are applicable only for renewals of subscriptions that were activated before April 2023.

Barracuda WAF-as-a-Service is licensed using the following parameters:

  • Number of applications you are protecting,

  • Total bandwidth used by all applications you are protecting,

  • Whether you have add-ons for the applications you are protecting. Add-ons include Advanced Threat Protection, Advanced Bot Protection, and Premium Support.

The License Management page displays all licenses you currently have, as well as how much of the license’s capacity you are currently using.

Legacy License Capabilities

The legacy licencing has different capabilities for some features, and many new features will not be available when compared to the WAF-as-a-Service licence plans launched in April 2023.

For clarity, the difference in capability is listed in this table:

Feature

Legacy License

Application Protection Advanced

Application Protection Premium

Description

DDoS Protection

DNS Security

(1 Zone 50 Records + 1 Records per App)

(1 Zone 50 Records + 2 Records per App)

(1 Zone 100 Records + 4 Records per App

Hosting and security for DNS zones and records, including protection against DDoS attacks. By default, one (1) DNS zone is included per account and the number of records is based on the licence plan and the number of apps licenced.

Secure Application Delivery

Application Domains

(30 Domains)

(10 Domains)

(30 Domains)

Barracuda Application Protection provides a default number of domains that are allowed with each App. That number is dependent of the selected licence plan.

Traffic Routing

(0 Rules)

(5 Rules)

(10 Rules)

Traffic Routing on Barracuda Application Protection can use a number of parameters on the incoming request to identify and redirect traffic to various parts of an application. This could be anything from redirecting a user to the mobile application based on the HTTP UserAgent or routing traffic for A/B testing or enabling blue-green deployments.

Depending on the Licence plan, there is a default number of Traffic Rules that can be applied using the same security policy within a single application.

It is also possible to have an unlimited number of traffic rules using separate security policies for each, but this requires an additional App license for each one.

Origin Server Load Balancing with Health Monitoring

(10 Servers)

(3 Servers)

(7 Servers)

Applications onboarded on Barracuda Application Protection can be configured with multiple backend servers to spread the load and improve uptime. Barracuda Application Protection also includes Health Monitoring capabilities that continuously monitor application servers to switch traffic over in case of failure, improving uptime.

When moving from Premium to Advanced, ensure that you only retain only three (3) servers and delete all other servers. If not, the Barracuda WAF-as-a-Service will only keep the top three entries and deletes all others associated with the application.

Reporting, Analytics and Services

Log Export to SIEM

(2 Servers)

(1 Server)

(2 Servers)

Barracuda Application Protection allows all application logs (traffic and firewall) to be exported to external SIEM solutions or Barracuda XDR for further retention and analysis.

Application Groups

checkmarkIcon.png

checkmarkIcon.png

checkmarkIcon.png

Applications within Barracuda Application Protection can be grouped into logical groups with for ease of management and testing new versions and security e.g., a Production group and a UAT group.

By default, there is one (1) group and an account is allowed one (1) additional group for every ten (10) apps licensed.

Log Storage Duration

45 Days

30 Days

60 Days

Duration of firewall and traffic log storage on the Application Protection platform.

Licensing Violations

You are in violation of your license if you:

  • Have added more applications than specified in your license.

  • Are using Advanced Threat Protection on more applications than specified in your license for this feature.

  • Are using more bandwidth than specified in your license across all applications.

  • Have not added a new license, but your existing license has expired.

If Barracuda Networks detects a violation of your license, we will:

  • Not immediately restrict traffic to your existing applications.

  • Send an email to the administrator email on file notifying you of the violation and the reason for it. This reminder will be repeated as long as you do not address the violation.

  • Give you a 14-day grace period, during which we will continue your service uninterrupted.

  • After 14 days, progressively lock Barracuda WAF-as-a-Service configuration and reporting features, but your applications will remain protected.

  • After 28 days, no longer protect your applications, but they will continue to work.

  • After 42 days, delete your Barracuda WAF-as-a-Service account. All configured applications will cease to pass traffic and all your configuration and logs will be lost.

If you receive a notice of a license violation, contact your Barracuda Networks Sales Representative as soon as possible and we can help you address the problem, ensuring you uninterrupted access to Barracuda WAF-as-a-Service.