Barracuda SecureEdge provides a Private Edge service for hybrid deployments. A Private Edge is an on-premises Edge Service ideal for organizations that need to follow certain geopolitical requirements or need full control over their data plane. Private Edge devices provide the same scope of security and networking functionality as the cloud service and are administrated and maintained via a central management platform.
Before You Begin
- You need an ISP with a static public IP version 4 address.
- High availability is recommended. For more information, see High Availability.
Step 1. Create the Private Edge Configuration
Go to https://se.barracudanetworks.com and log in with your existing Barracuda Cloud Control account.
- In the left menu, click the Tenants/Workspaces icon and select the workspace your Private Edge should be assigned to.
- In the left menu, click the Infrastructure icon, and select Edge Services.
- The Edge Services page opens. In the top-right corner of the window, click New Edge Service.
- From the drop-down menu, select Private Edge. The New Private Edge blade opens.
- You are provided with two options. You can choose either New Edge Service from scratch or Promote existing site to Edge Service.
- Select New Edge Service from scratch.
- Click Next. The Basic Information blade opens.
- Enter values for the following:
- Name – Enter the name of your Private Edge.
- Upstream Edge Service – Select the Edge Service you want your Private Edge to connect to. Select (None) if you do not want this service to connect to another one.
- Root Password – Enter the root password.
- Confirm Root Password – Retype the root password to confirm.
- Click Next. The Edge Service Appliances blade opens.
Select your appliance from the list of appliances linked to your account. Barracuda Networks recommends to use high availability. For a high availability cluster, select two appliances. For more information on high availability, see High Availability. Note: After ordering, it can take up to 3 hours before your device is listed.
- Expand Add missing Private Edge appliance by serial and linking code/license token. Then, specify values for the following:
- Serial – Enter the serial number of your appliance.
- Code/Token – Enter the linking code (located on the back of the Quick Start Guide shipped with your hardware appliance), or the token of your VTx appliance.
- Click Add to add the device to your account.
- Click Next. The WANs blade opens.
- Select the number of desired WAN connections from the drop-down list.
- Click Next. The Configure WAN link blade opens.
- Specify values for the following:
- Name – Enter a name for your uplink.
- Port – Select the port where your uplink is connected to. Note: Port 1 is reserved for high availability.
- Virtual LAN ID (Optional) – If required, enter the Virtual LAN ID this interface is connected to.
- Provider Pinning – Select a provider classification from the drop-down list.
- IP Address – Enter the IP address.
- Netmask – Enter a number between
0
and32
for the subnet mask. - Gateway – Enter the IP address of the gateway.
- Click Next. The LANs blade opens.
- Select the number of desired LAN connections from the drop-down list.
- Click Next. The Configure LAN link blade opens.
- Specify values for the following:
- Name – Enter a name for your LAN.
- Port – Select a port from the drop-down list where the LAN is attached to. Note: Port 1 is reserved for high availability.
- Virtual LAN ID (Optional) – If required, enter the Virtual LAN ID this interface is connected to.
- IP Address – Enter the IP address.
- Netmask – Enter a number between
0
and32
for the subnet mask. - DHCP – Select DHCP from the drop-down menu. You can choose between Disabled, DHCP Service, and DHCP Relay. If DHCP Service is enabled, you must enter the First IP Address and the Last IP Address. IP addresses within this range will be automatically assigned via DHCP. Note: For DHCP Relay, you must first configure DHCP Server via Infrastructure >Settings. For more information, see How to Configure the DHCP Relay Agent in SecureEdge.
- Click Next. The Advanced Settings blade opens.
- Specify values for the following:
- Update Window Timezone – Select Dynamic from the drop-down list, or select the time zone where the appliance is located.
- Primary DNS – Enter the IP address of the primary DNS server.
- Secondary DNS – Enter the IP address of the secondary DNS server.
- Click Next. The Summary blade opens.
- Review your specifications. If everything is correct, click Save.
- Verify that your new Private Edge configuration has been created successfully and click Finish.
The appliance will automatically apply the configuration upon its first boot.
Step 2. Deploy the Private Edge Appliance
For private edge appliances, you can use all hardware and virtual appliances except the Secure Connector.
For more information, see Hardware Deployment, Hardware Models, and Virtual Systems (VTx) Deployment.