We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

Telemetry Data

  • Last updated on

To be able to continuously update and improve frequently used features based on real-world data, the Barracuda CloudGen Firewall sends performance and usage data to the Barracuda telemetry servers. Sending statistics is opt-out for new or freshly installed CloudGen Firewalls and opt-in for updated firewalls. After collecting data, the CloudGen Firewall starts one attempt to update the telemetry data via an HTTPS connection. If the connection to the update servers fails, no further attempts are made until the next day. A copy of all parameters sent to the telemetry servers is logged every time an update is initiated. The Barracuda Firewall Control Center sends data collected only on box level. No data from the Control Center layer is collected. For firewalls in the public cloud (AWS, Google, or Azure), telemetry cannot be completely disabled; the minimal set of parameters is always transmitted.

Minimal telemetry parameters:

NameKeyValue TypeDescription

General Information

Serial NumbersnnumberSerial number of the box
ModelappliancetypeThe appliance type e.g. VM - vmware or F100 for a CloudGen F100
Virtual Subtypevirt_subtypetypeInformation about the hypervisor
Firmware versionfirmwareVersion StringVersion of the CloudGen Firewall firmware software
EU Expiration DateeuexpirationDateExpiration Date of the Energize Update

Services

Virus ScannervirscanEnabed / DisabledAV Scanner service installed
ATPfwatpEnabled / DisabledATP used in access rule(s)
IPSipsEnabled / DisabledIPS detection enabled

Full telemetry parameter list:

NameKeyValue TypeDescription

General Information

Serial NumbersnnumberSerial number of the box
MAC AddressmacMAC address (hex format)MAC address which was used for the license
ModelappliancetypeThe appliance type e.g. VM - vmware or F100 for a CloudGen F100
Virtual Typevirt_typetypeInformation about the hypervisor (VMware, Azure...)
Virtual Subtypevirt_subtypetypeInformation about the hypervisor
DevMapdevmapText

Device mapping

Number of CPU'snumcpuNumberNumber of CPU's
Memory usagememoryPercentPercent of used memory
Swap usageswapPercentPercent of used swap memory
Average CPU loadcpuFloat15 Minutes CPU average load at the moment of collecting the data
Used Firmware partitiondiskfirmwarePercentAllocation of partition "/" in Percent
Used Data partitiondiskdataPercentAllocation of partition "/phion0" in Percent
Firmware versionfirmwareVersion StringVersion of the CloudGen Firewall firmware software
UptimeuptimeSecondsBox up time in seconds
Box locationcountryLocationLocation of the box if configured
Stand Alone / Centrally ManagedmcmanagedYes / NoIs box managed by a control center
EU Expiration DateeuexpirationDateExpiration Date of the Energize Update
EU StatuseustateStatusStatus of the Energize Update
License StauslicstatusStatusStatus of the license
Firewall Insights configuredfwinsights_configuredYes / NoIs Firewall Insights configured
Firewall Insights licensedfwinsights_licensedYes / NoIs Firewall Insights licensed

Services

App ControlappcontrolStatusShows the status of Application Control (license and activation)
SSL InspectionssliceEnabled / DisabledSSL Inspection for firewall service enabled
Port Protocol ProtectionprotocolprotectionEnabled / DisabledIs protocol protection in the firewall service enabled
Google Safe SearchsafesearchEnabled / DisabledGoogle Safe Search enabled
YouTube for SchoolsytforschoolsEnabled / DisabledYoutube for schools enabled
URL FiltercofsEnabled / DisabledWebfilter serivce enabled
Virus ScannervirscanEnabed / DisabledAV Scanner service installed
Virus Scan in FirewallfwavscanEnabled / DisabledAV Scan used in access rule(s)
ATPfwatpEnabled / DisabledATP used in access rule(s)
HTTP ProxyproxyEnabled / DisabledHTTP proxy service installed
HTTP Proxy modeproxymodeReverse / Forward / TransparentHTTP Proxy mode
Proxy SSL InspectionsquidbumpEnabled / DisabledSSL Intercept mode from proxy service enabled
DHCP EnterprisedhcpeEnabled / DisabledDHCP Enterprise service installed
DHCP RelaydhcprelayEnabled / DisabledDHCP relay service installed
SSH ProxysshprxEnabled / DisabledSSH proxy service installed
FTP GatewayftpgwEnabled / DisabledFTP Gateway service installed
OSPF RoutingospfEnabled / DisabledOSPF service installed
Mail GatewaymailgwEnabled / DisabledMail Gateway service installed
SPAM FilterspamfilterEnabled / DisabledSpamfilter service installed 
DNS ServicednsEnabled / DisabledDNS service installed
IPSipsEnabled / DisabledIPS detection enabled
IPS report only modeipsreportonlyEnabled / DisabledIPS reporting only mode enabled 
IPS Scan modeipsscanmodeFull / Fast / AutoIPS scan mode
Stream ReassemblystreamreassmblyYes / No / AutoMode of the stream reassembly for the firewall service
RPC TrackingrpcEnabled / DisabledRPC tracking enabled
Guest AccessguestaccessEnabled / Disabledguest access enabled 
Audit LogauditEnabled / DisabledFirewall Audit logging enabled
RCSrcsEnabled / DisabledVersion Control System for the Configuartion enabled
IPFIX StreamingipfixstreamEnabled / DisabledIPFIX streaming enabled
Syslog StreamingsyslogstreamEnabled / DisabledSyslog streaming enabled 

SNMP Service

snmpEnabled / DisabledSNMP service installed 
QoSqosEnabled / DisabledQualtity of Service (Shaping) enabled
App based provider selectionappbasedproviderEnabled / DisabledEnables/Disables the provider (ISP) selection based on the application detection (e.g. facebook uses ISP1 and google uses ISP2)
SIP ProxysipproxyEnabled / DisabledSIP proxy service installed 
TCP ProxytcpproxyEnabled / DisabledTCP proxy for firewall service enabled
VPN ServicevpnserverEnabled / DisabledVPN Service installed

Firewall

Number of Access rulesfwrulesenableNumberNumber of forwarding access rules
Number of Application rulesapprulesenableNumberNumber of application rules
Number of Network ObjectsnetobjsNumberNumber of Network objects inthe forwarding firewall
Number of App ObjectsappobjsNumberNumber of application objects in the forwarding firewall
Number of URL Filter ObjectsurlcatpolicysNumberNumber of URLCAT policies configurated in the forwarding firewall
Number of Connection ObjectsconnectionobjsNumberNumber of connection objects in the forwarding firewall
Number of Schedule ObjectsschedulesNumberNumber of time schedule objects in the forwarding firewall
Number of Proxy ARP ObjectsproxyarpobjsNumberNumber of Proxy ARP objects in the forwarding firewall
Number of Generic IPS patternsgenipspatternNumberNumber of generic IPS pattern in the forwarding firewall
Number of bridge groupsbridginggroupsNumberNumber of bridge groups in the forwarding firewall

VPN

Mobile Portalvpn_mobile_portalEnabled / DisabledVPN Mobile Portal enabled
Mobile App Accessvpn_mobile_app_accessEnabled / DisabledVPN Mobile App Access enabled
Number of Web Forwardsvpn_web_forwardsNumberNumber of the VPN Web forwards
Number of Appsvpn_applicationsNumberNumber of VPN applications
Number of VPN Profilesvpn_profilesNumberNumber of VPN profiles

VPN Clients

Number of Client to Site Tunnelsvpn_client2site_tunnelsNumberNumber of all Client to Site tunnels
Number of Client To Site Tunnels with Windows clientsvpn_client2site_windowsNumber

Number of Client to Site tunnels with Windows clients

Number of Client To Site Tunnels with Mac clientsvpn_client2site_macNumberNumber of Client to Site tunnels with Mac clients
Number of Client To Site Tunnels with Linux clientsvpn_client2site_linuxNumberNumber of Client to Site tunnels with Linux clients
Number of Client To Site Tunnels with BSD clientsvpn_client2site_bsdNumberNumber of Client to Site tunnels with BSD clients
Number of Client To Site Tunnels with Android clientsvpn_client2site_androidNumberNumber of Client to Site tunnels with Android clients
Number of Client To Site Tunnels with IP Sec clientsvpn_client2site_ipsecNumberNumber of Client to Site tunnels with IP Sec clients
Number of Client To Site Tunnels with L2TP clientsvpn_client2site_l2tpNumberNumber of Client to Site tunnels with L2TP clients
Number of Client To Site Tunnels with PPTP clientsvpn_client2site_pptpNumberNumber of Client to Site tunnels with PPTP clients

VPN Tunnels

Dynamic Path Selection (TI)vpn_dynamic_path_selectionEnabled / DisabledIndicates if at least one VPN tunnel uses Traffic Intelligence
Dynamic VPN Routingvpn_dynamic_vpn_routingEnabled / DisabledShows if dynamic routing via VPN tunnels is enabled
WAN Optvpn_wanoptEnabled / DisabledShows if WAN optimization is enabled for the VPN service
SSL VPNvpn_sslvpnEnabled / DisabledShows if SSL VPN is enabled for the VPN service
Single Routing Tablevpn_single_routing_tableEnabled / DisabledShow if the VPN routes are added to the main routing table, or if separate routing tables are used
Dyn Meshvpn_dynamic_meshEnabled / DisabledShows if Dyn Mesh is enabled for the VPN service
Number of IP Sec site to site tunnelsvpn_site2site_tunnels_ipsecNumberNumber of site to site tunnels with IP Sec
Number of TINA site to site tunnelsvpn_site2site_tunnels_tinaNumberNumber of site to site tunnels with TINA
Number of TINA site to site transportsvpn_site2site_tunnels_tina_transportsNumberNumber of Site-to-Site TINA VPN transports
Number of down site to site tunnelsvpn_site2site_tunnels_downNumberNumber of Site-to-Site TINA VPN transports or IPSec tunnels that are currently down (for whatever reason)

Authentication

DC Clientauth_dcclientEnabled / DisabledAuthentication via DC Agent / DC Client enabled/disabled
TS Agentauth_tsclientEnabled / DisabledAuthentication via TS Agent / TS Client enabled disabled
WIFI APauth_wifiapEnabled / DisabledAuthentication via WIFI access point enabled/disable

Networking

3G (UMTS)net_umtsEnabled / DisabledIs UMTS setup enabled or disabled
xDSLnet_dslEnabled / DisabledIs DSL connection enabled or disabled
Barracuda DSL Modemnet_barracuda_dsl_mode

bridgemode / advancedmode

How is the Barracuda DSL Modem configured
net_barracuda_dsl_wan1Enabled / DisabledIs DSL/WAN1 enabled or disabled
net_barracuda_dsl_wan2Enabled / DisabledIs WAN2 enabled or disabled
DHCPnet_dhcpEnabled / DisabledIs DHCP connection enabled or disabled
WIFIwifiEnabled / DisabledIs WIFI connection enabled or disabled
HAnet_haEnabled / DisabledIs HA setup enabled or disabled
IPv6net_ipv6Enabled / DisabledIs IPv6 setup enabled or disabled
Percentage of network ports usednet_portusedpercPercentPercent of used network ports
Number of VLAN'snet_vlansNumberNumber of VLANs used on the box
Number of Ethernet Bondsnet_bondsNumberNumber of bonded network ports
Number of Uplinksnet_portusedNumberNumber of network ports in use

SSD

Media wearout level of 1st diskssd1_wearoutNumberNormalized value indicating the sanity of the first SSD (Intel SSDs):
100=brand new; 1=worn out
Media wearout level of 2nd diskssd2_wearoutNumberNormalized value indicating the sanity of the second SSD (Intel SSDs):
100=brand new; 1=worn out
Endurance level of 1st diskssd1_enduranceNumberNormalized value indicating the prospective lifetime of the first SSD (Innodisk SSDs):
0=brand new; 100=at the end of the lifetime as defined by the manufacturer
Endurance level of 2nd diskssd2_enduranceNumber

Normalized value indicating the prospective lifetime of the second SSD (Innodisk SSDs):
0=brand new; 100=at the end of the lifetime as defined by the manufacturer

Barracuda Telemetry Server

  • updates.cudasvc.com

Enable / Disable Telemetry Data

You can enable or disable the sending of usage statistics.

  1. Go to CONFIGURATION > Configuration Tree > Box > Administrative Settings
  2. In the left menu, click Telemetry Data.
  3. Click Lock.
  4. In the Telemetry Data Options section, select one of the following options:
    • Full Data
    • Minimal Data
    • Disabled (This option is not available for firewalls in the public cloud.)
      t_data.png
  5. Click Send Changes and Activate.

Change the Schedule for Sending Telemetry Data

  1. Go to CONFIGURATION > Configuration Tree > Box > Advanced Configuration > System Scheduler.
  2. In the left menu, click Daily Schedule.
  3. Click Lock.
  4. In the Intraday Schedule, double-click telemetry. The Intraday Schedule window opens.
    telemetry_data_schedule.png
  5. Change the scheduling of the telemetry task as needed.
  6. Click OK
    telemetry_data_schedule02.png
  7. Click Send Changes and Activate.

Viewing Data Sent to Barracuda Telemetry Servers

To see what data your CloudGen Firewall sends to the Barracuda telemetry servers, see the \Box\Control\Telemetry log file.

telemetry_data_log.png

Last updated on