It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

Best Practice - Small CloudGen Firewall Systems

  • Last updated on

Some systems are shipped with 512 MB of RAM. These flash-based systems may report high CPU and RAM usage after a default installation. You can tune these small systems to decrease the RAM and CPU usage and lower system load during and immediately after startup.

Reduce Default Settings in General Firewall Configuration

You can reduce the amount of resources reserved for the Firewall service. Monitor your firewall log and adjust your settings accordingly if you run the risk of exceeding your limits.

  1. Go to CONFIGURATION > Configuration Tree > Box > Infrastructure Services > General Firewall Configuration.
  2. Click Lock.
  3. In the left menu, expand Configuration Mode and click Switch to Advanced View.
  4. Change the following settings:
    • Max. Session Slots – Enter 2048 . Default value F100 and F101: 8192, F10 and F15: 2048

    • Max. Acceptors – Enter 512. Default value: 1024
    • Max. Plugins – Enter 512 . Default: 1024
    • Dyn. Service Names (RPC) – Enter 512. Default: 1024
    • Max Socks Worker – Enter 5. Default: 20
  5. In the left menu, click Application Detection and change the following setting: 
    • Enable Protocol Detection – Select no. Default: yes
  6. Click Send Changes and Activate.
  7. Restart the boxfw service to enable the new setting. For more information, see Assigned Services.

Disable phionRelCheck after System Startup

Disable the release check to significantly reduce the system load after startup.

  1. Go to CONFIGURATION > Configuration Tree > Box > Advanced Configuration > Firmware Update.
  2. Click Lock.
  3. In the Release Check section, select no from the Boottime Release Check list. 
  4. Click Send Changes and Activate .

Use URL Filter in the Firewall Service and Disable HTTP Proxy

Use Application Control to enforce your URL filter policies instead of the HTTP Proxy service. This will significantly reduce the load on your small CloudGen Firewall appliance.

For more information, see Application Control.

Reduce Maximum Number of VPN Tunnels

Reducing the maximum number of VPN tunnels reduces the amount of RAM the VPN service uses.

  1. Go to CONFIGURATION > Configuration Tree > Box > Assigned Services > VPN-Service > VPN Settings
  2. Click Lock.
  3. Set Maximum Number of Tunnels to 128. Default: auto.
  4. Click OK.
  5. Click Send Changes and Activate.

Disable IPS

Disable the Intrusion Protection System to lower the system load.

  1. Go to CONFIGURATION > Configuration Tree > Box > Assigned Services > Firewall > IPS Policies.
  2. Click Lock
  3. Uncheck Enable IPS.
  4. Click Send Changes and Activate.