The Barracuda Firewall Control Center is a central administration unit designed to manage a large number of CloudGen Firewalls. The Firewall Control Center provides a comprehensive set of central management services and features such as template-driven objects, reusable global objects, user definable work views, and graphical representation of the global WAN network. The box layer of the Control Center is identical to the CloudGen Firewall.
Depending on the platform and required number of ranges and clusters, different Control Center models are available:
VC Editions – Virtual appliances for use on hypervisor platforms
- VC400 Standard Edition – One range (tenant), one cluster (configuration group), and unlimited managed firewalls.
- VC610 Enterprise Edition – One range (tenant), unlimited clusters (configuration groups) and unlimited managed firewalls.
- VC820 Global Edition – Five ranges (tenants), unlimited cluster (configuration groups), and unlimited managed firewalls.
VCC Editions – Virtual appliances for use in public clouds
- VCC400 Standard Edition – One range (tenant), one cluster (configuration group), and unlimited managed firewalls.
- VCC610 Enterprise Edition – Two ranges (tenants), unlimited clusters (configuration group) and managed firewalls.
The Control Center allows administrators to centrally manage and monitor firewalls and Firewall Secure Connectors. The Control Center can simultaneously manage multiple releases and platforms (hardware, virtual, and public cloud). Configuration, file updates, and licenses are distributed to the managed units. Remote units connect to the Control Center via remote management tunnels. The health and status of all managed CloudGen Firewalls and Firewall Secure Connectors is continuously checked. NextGen Firewall X-Series appliances can not be managed by the Control Center.
For more information, see Central Management.
Multi-Admin Support and Role-Based Administration
The Control Center provides freely configurable permission schemes and user management.
For more information, see Control Center Admins.
Revision Control System (RCS)
The Revision Control System (RCS) stores versioning information on all configuration changes to your system . You can view older configuration versions and, if necessary, roll back previous changes.
For more information, see Revision Control System (RCS).
The Control Center can collect and store statistics of its managed CloudGen Firewalls. The CC Statistics Collector and CC Statistic Viewer process the raw data and present the collected data in the STATISTICS tab on the Control Center.
For more information, see Statistics.
Central Syslog and Eventing
The CC Syslog service collects log messages from CloudGen Firewalls managed by the Control Center and streams those log messages to an external log host. For system processes and CC services, events are generated and sent to the Control Center from the managed CloudGen Firewalls. On the Control Center, event forwarding is based on communication between the Box Event module running on the operative CloudGen Firewall (box) and the CC Event Service module running on the Control Center.
The CC FW Audit Log service receives structured firewall data from the managed units and stores the firewall audit information on the Control Center. The CC Firewall Audit Info viewer provides a consolidated view similar to the firewall access cache across multiple boxes. For large or high-performance environments, dedicated CloudGen Firewalls can be configured to collect and retrieve firewall audit log information. The collection and processing is handled by the CC FW Audit Log service and the Audit Info collector on the Control Center.
For more information, see FW Audit.
NG Access Monitor (NAC)
The Access Monitor is the key component of the Barracuda Network Access Client. Its responsibilities include collecting information from the client that is necessary for health evaluation and taking measures depending on the heath check outcome.
For more information, see Barracuda Network Access and VPN Client.
Barracuda Earth displays the status of your VPN site-to-site tunnels around the world. When connected to the Control Center, Barracuda Earth retrieves the data from your VPN connections and displays the tunnels according to the information on a customizable interface. Barracuda Earth is not available for the Control Center Standard Edition.
For more information, see Barracuda Earth.
Public Key Infrastructure (PKI)
The PKI service on the Control Center lets you create, manage, and revoke certificates. The PKI is not available for the Control Center Standard Edition.
For more information, see Control Center PKI Service.
Graphical VPN Configuration Interface (GTI Editor)
The GTI Editor is a graphical user interface for creating and managing Site-to-Site TINA and IPsec VPN tunnels.
For more information, see GTI Editor.
There are three types of shared services than can run on multiple virtual servers:
- Distributed Firewall
- CC Troubleshooting – For more information, see Control Center Troubleshooting.
- Migrate the Control Center to a new network segment – For more information, see Best Practice - Migrate the Control Center to a New Network Segment.