The Barracuda NextGen Control Center is a central administration appliance designed to manage a large number of F-Series Firewalls. The NextGen Control Center provides a comprehensive set of central management services and features such as template-driven objects, reusable global objects, user definable work views, and graphical representation of the global WAN network. The box layer of the Control Center is identical to the Firewall F-Series.
Depending on the required number of ranges and clusters, two Control Center models are available:
- VCC610 – Two ranges, unlimited clusters and managed firewalls.
- VCC400 – One range, one cluster, and unlimited managed firewalls.
The Control Center allows administrators to centrally manage and monitor F-Series Firewalls and S-Series Secure Connectors. The Control Center can simultaneously manage multiple releases and platforms (hardware, virtual, and public cloud). Configuration, file updates, and licenses are distributed to the managed units. Remote units connect to the Control Center via remote management tunnels. The health and status of all managed F-Series Firewalls and S-Series SCs is continuously checked. NextGen Firewall X-Series appliances can not be managed by the Control Center.
For more information, see Central Management.
Multi-Admin Support and Role-Based Administration
The Control Center provides freely configurable permission schemes and user management.
For more information, see Control Center Admins
Revision Control System (RCS)
The Revision Control System (RCS) stores versioning information on all configuration changes to your system . You can view older configuration versions and, if necessary, roll back previous changes.
For more information, see Revision Control System (RCS)
The Control Center can collect and store statistics of its managed F-Series Firewalls. The CC Statistics Collector and CC Statistic Viewer process the raw data and present the collected data in the STATISTICS tab on the Control Center.
For more information, see Statistics.
Central Syslog and Eventing
The CC Syslog service collects log messages from F-Series Firewalls managed by the Control Center and streams those log messages to an external log host. For system processes and CC services, events are generated and sent to the Control Center from the managed F-Series Firewalls. On the Control Center, event forwarding is based on communication between the Box Event module running on the operative F-Series Firewall (box) and the CC Event Service module running on the Control Center.
The CC FW Audit Log service receives structured firewall data from the managed units and stores the firewall audit information on the Control Center. The CC Firewall Audit Info viewer provides a consolidated view similar to the firewall access cache across multiple boxes. For large or high-performance environments, dedicated F-Series Firewalls can be configured to collect and retrieve firewall audit log information. The collection and processing is handled by the CC FW Audit Log service and the Audit Info collector on the Control Center.
For more information, see FW Audit
NG Access Monitor (NAC)
The Access Monitor is the key component of the Barracuda Network Access Client. Its responsibilities include collecting information from the client that is necessary for health evaluation and taking measures depending on the heath check outcome.
For more information, see VPN Client & Network Access Client.
Barracuda Earth displays the status of your VPN site-to-site tunnels around the world. When connected to the Control Center, Barracuda Earth retrieves the data from your VPN connections and displays the tunnels according to the information on a customizable interface. Barracuda Earth is not available for the Control Center Standard Edition.
For more information, see Barracuda Earth.
Public Key Infrastructure (PKI)
The PKI service on the Control Center lets you create, manage, and revoke certificates. The PKI is not available for the Control Center Standard Edition.
For more information, see Control Center PKI Service
Graphical VPN Configuration Interface (GTI Editor)
The GTI Editor is a graphical user interface for creating and managing Site-to-Site TINA and IPsec VPN tunnels.
For more information, see GTI Editor.
There are three types of shared services than can run on multiple virtual servers:
- Distributed Firewall
- CC Troubleshooting – For more information, see Control Center Troubleshooting.
- Migrate the Control Center to a new network segment – For more information, see Best Practice - Migrate the Control Center to a New Network Segment.