We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

S-Series Deployment

  • Last updated on

Deploying a Barracuda NextGen S-Series network requires at least one SC Access Cluster, a Next Gen Control Center, and the deployment of the individual SC devices.

SC Access Cluster and NextGen Control Center Deployment

Each SC connecting to your network must be assigned to an SC Access Cluster, comprised of one SAC and a border firewall as well as a NextGen Control Center managing all SACs, F-Series Firewalls, and the SCs. The SC Access Clusters forward management traffic directly to the Control Center and send the rest via the border firewall to its destination. The border firewall routes incoming SC VPN tunnels to the SAC. It also scans and filters user traffic according to your company policies for outgoing traffic from the SC networks.

For more information, see Secure Access Concentrator and Control Center Deployment.

SC Deployment via Configuration File

The configuration for the SC is created centrally on the Control Center using SC templates to reduce the configuration overhead. The SC configuration file is then exported and copied to the SC via USB OTG or web interface. The SC then automatically connects to the SAC in the SC Access Cluster assigned to it via the sca.conf. This allows the SC to connect in VPN operational mode and authenticate by the certificates included in the configuration file.

For more information, see SC Deployment via SC Configuration File.

SC Deployment via VPN Deployment Mode

If you do not have physical access to the device, configure the SC in the Control Center. Directly on the SC, configure the WAN connection and VPN so the SC can connect to the SAC in VPN deployment mode. No certificates are required because the SAC uses a passphrase to authenticate. Once connected, the Control Center immediately pushes the operational configuration to the SC and switches the VPN to operational mode.

For more information, see SC Deployment via VPN Deployment Mode.

Last updated on