It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

Assigned Services

  • Last updated on

In case you have upgraded your firewall from release 7.2.x to 8.0.1, see Virtual Servers and Services in the corresponding article for firmware release 7.2.

In case you are doing a fresh install with firmware release 8.0.1, continue reading below.  

Understanding Assigned Services

On the CloudGen Firewall, special services can be configured and activated to extend its network functionality. These services are assigned and bound to the firewall they are created on.

In order to understand the concept of Assigned Services, see Understanding Assigned Services.

Services

Services are software modules running on the service layer of the firewall. Each service provides a piece of network functionality. Depending on which service you start, it might require additional services or be limited to one service per device. The services below are available on stand-alone and managed firewalls.

Before a service can be configured, it must be created. For more information, see How to Assign Services.

For how to configure a special service, see the following services:

Access Control Service

The Access Control service defines security policies for network users (e.g., VPN clients) and provides a range of features, such as registry checks and repairs on a client. Create access control objects with p olicy rulesets specifying the required system and service settings to let the CloudGen Firewall perform identity and health checks on connecting clients and groups.

For more information, see  Access Control Service.

DHCP

The DHCP service automatically assigns IP addresses to clients in the same network. For clients requiring special DHCP options, combine the DHCP server with the DHCP Relay service to share a DHCP server across multiple network segments.

For more information, see DHCP and How to Configure the DHCP Relay Agent.

DNS

The CloudGen Firewall can act as an authoritative DNS server. The DNS service returns definitive answers to DNS queries for domain names and IP addresses. Use split DNS to return different answers depending on the source IP of the DNS query. This allows you to redirect internal clients to an internal IP address of a server. 

For more information, see DNS.

Dynamic Routing Protocols (OSPF/RIP/BGP)

Dynamic Routing enables the CloudGen Firewall to learn and select the optimal route to a destination IP address, detects changes to the network topology, and advertises these changes to other neighboring routers. Three dynamic routing protocols are supported - OSPF, RIP (V1 and V2), and BGP.

For more information, see Dynamic Routing Protocols (OSPF/RIP/BGP).

Forwarding Firewall

The Forwarding Firewall handles all traffic for which the destination does not match a listening socket on the firewall - in other words, all traffic passing through the CloudGen Firewall. The firewall service includes all Application Control features such as virus scanning, mail security, and file content filtering.

For more information, see Firewall.

HTTP Proxy

The HTTP Proxy service provides content filtering and caching, antivirus and malware protection, and access control. You can configure the HTTP Proxy in forward, reverse, and transparent mode.

For more information, see HTTP Proxy.

SIP Proxy

The SIP Proxy server allows the CloudGen Firewall to act as a (transparent) proxy for SIP and RTP connections.

For more information, see  SIP Proxy.

URL Filter

The Barracuda Web Filter (URL Filter) can be used by the HTTP Proxy service and in combination with application control. URLs are categorized according to content.

For more information, see URL Filter.

Virus Scanner

The Virus Scanner service provides virus protection, archive scanning, malware detection, and HTTP multimedia streaming. The Virus Scanner service can be configured using the integrated Avira AV virus scanning engine. Using the Virus Scanner service requires a subscription that can be renewed annually.

For more information, see Virus Scanner.

VPN

The VPN service supports site-to-site, client-to-site, and SSL-VPN VPN connections. CloudGen Firewalls support multiple encryption methods and SD-WAN when using the TINA protocol.

For more information, see VPN.

Wi-Fi

For administration of Wi-Fi networks, the Wi-Fi service provides configuration settings for the local access point. The service also supports user authentication in large networks via RADIUS and EAP.

For more information, see Wi-Fi.

HA Monitoring

On a high-availability pair of firewalls, services are mirrored to the the secondary firewall. If the primary firewall goes down, all services are immediately activated on the secondary firewall. Pools of IP addresses and/or interfaces can be monitored to ensure and maintain the connectivity of services. In order to understand the concept of HA monitoring, see HA Monitoring.