We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

How to Manage Ranges and Clusters

  • Last updated on

NextGen Firewalls are organized into a two-level hierarchy on the NextGen Control Center. A common use would be to create ranges for regions such as North America and EMEA and then create clusters for each country in the region. Configuration and default settings shared by multiple NextGen Firewalls can be configured on the cluster or range level. To create reusable configurations for multiple firewalls, use a repository. The configuration of an individual system can then be linked or copied from a range or global repository, making it easy to deploy a change to all managed systems.

Create a Range

You must create at least one range on a Control Center.

  1. Click the CONFIGURATION tab.
  2. Right-click Multi-Range and select Create Range.
  3. Enter a Range Number.
  4. (optional) Enter a Description.
  5. (optional) Enter the contact details in the Contact Info field.
  6. Configure the range properties as described in the Specific Settings section.
  7. Click Next.
  8. (optional) Enter the owner and purchase details in the information sections.
  9. Click Finish.
  10. Click Activate.

Remove a Range

Deleting a range is final and will also remove all clusters and managed firewalls in the range. Create a backup before deleting a range.

  1. Click the CONFIGURATION tab.
  2. Right-click the range you wish to remove and click Lock.
  3. Right-click the range and select Remove Range.
  4. Click OK to confirm the deletion.
  5. Click Activate.

Create a Cluster

Unless you are using a Standard Edition Control Center, there is no limit on how many clusters you can create.

  1. Click the CONFIGURATION tab.
  2. Expand Multi-Range, right-click your desired range and select Create Cluster.
  3. Select the software release of the NextGen Firewalls that should be managed, and click OK.
  4. Enter a descriptive Cluster Name. Cluster names must be unique in the range.
  5. (optional) Enter the contact details.

  6. (optional) Configure the cluster properties as described in the Specific Settings section.
  7. Click Next.
  8. (optional) Enter the owner and purchase details in the information sections.
  9. Click Finish.
  10. Click Activate.

Remove a Cluster

Deleting a cluster is final and will also remove all clusters and managed firewalls. Create a backup before deleting a cluster.

  1. Click the CONFIGURATION tab.
  2. Navigate to the cluster you wish to remove.
  3. Right-click the cluster and, in the context menu, select Lock.
  4. Right-click the cluster and, in the context menu, select Remove Cluster.
  5. Click OK.
  6. Click Activate.

Range- and Cluster-Specific Settings

Each range and cluster can override global settings by using its own configuration interface. When enabling these settings, the scope is limited to the range or cluster it is set for.

SettingDescription
Disable UpdateEnables/disables configuration updates for boxes from this range or cluster.
Collect StatisticsTriggers the Control Center to collect statistics from managed boxes within this range or cluster.
Own Cook SettingsIntroduces the node Statistics Cook Settings where you can define the custom cook settings for the range (How to Configure Statistics Processing and Maintenance). If the range or cluster requires special cook settings for statistical data, enable this parameter.
Own Event SettingsIntroduces the node Eventing where you can define custom event settings for the range or cluster (see How to Configure Event Notifications). If the range or cluster requires special event settings, enable this parameter.
Own Firewall ObjectsEnables range/cluster-specific firewall objects and introduces the node Range/Cluster Firewall Objects where you can define range/cluster-specific network objects (see Firewall Objects and Network Objects ).
Own VPN GTI EditorEnables a range/cluster-specific VPN GTI Editor and introduces the node VPN GTI Editor(range/clustername). For more information, see How to Create a VPN Tunnel with the VPN GTI Editor.
Own Access Control ObjectsEnables range/cluster-specific policy server objects and introduces the node Access Control Objects containing the files Welcome Message, Personal Firewall RulesPictures and Registry Checks (like Access Control Service).
Own Shaping TreesEnables range/cluster-specific traffic shaping settings and introduces the node Range/Cluster Shaping Trees (see Traffic Shaping).
Send Statistics to Reporter (legacy)
Sends central statistics data to the legacy Barracuda NG Reporter appliance.

Migrating the Configuration

Migration can only be performed at the next major firmware version (5.4 > 6.0 > 6.1 > 6.2 > 7.0 > 7.1).

Migrating a Repository-Linked Firewall

If you are using a repository, you must prepare the repository-linked firewalls before migration:

For information, see How to Prepare Repository Linked Box Configurations for Migration.

  1. Click the CONFIGURATION tab.
  2. Expand Multi-Range and navigate to the desired object in the Repository tree.
  3. Right-click the object and click Lock.
  4. Right-click the object and select Migrate Node.
  5. Select the destination major firmware version.
  6. Click OK.
  7. Click Activate.
Migrate a Cluster or Range

Clusters can only be migrated to a higher firmware version. You cannot downgrade a cluster configuration.

  1. Click the CONFIGURATION tab.
  2. Navigate to the cluster or range you wish to migrate.
  3. Right-click the cluster or range and click Lock.
  4. Right-click the cluster and select Migrate Cluster / Migrate Range.
  5. Choose the version number as migration destination, and click OK to confirm the migration.
  6. Review the future configuration.
    mig_range1.pngmig_range2.png 

    The MailGW Settings and the Service Configuration nodes will be changed during this migration process. Open the nodes to look at the new configuration dialogs.

  7. Click Activate.
Migrate Multiple Clusters and Ranges
  1. Click the CONFIGURATION tab.
  2. Right-click Multi-Range and select Migrate Clusters / Migrate Ranges from the context menu.
  3. Select the nodes to be migrated while holding down the SHIFT key.
    mig_config.png
  4. Click OK to confirm the migration.
  5. Click Activate.

Migrate Global Firewall Objects

When upgrading a firewall to a newer version, you must also migrate the ruleset and the global firewall objects to the new feature level.

  1. Go to CONFIGURATION > Configuration Tree > Multi-Range > Global Settings > Firewall Objects.
  2. Click Lock.
  3. Expand the Settings menu on the left and select Setup. The Ruleset Setup window opens.
  4. Select the new Feature Level from the drop-down list.
    change_feature_level.png
  5. Click OK to confirm the migration.
  6. Click Send Changes and Activate.
Last updated on