We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

Attention

Barracuda CloudGen Firewall version 8.0 is a cloud-only version. It is currently not available for on-premises deployments and can only be deployed in Microsoft Azure, Amazon Web Services, or Google Cloud Platform public clouds.

Global Firewall Objects

  • Last updated on

Global firewall objects are available to all firewall services managed by the Barracuda Firewall Control Center. You can override global firewall objects by enabling firewall objects on the range or cluster level. You can create the following global objects:

  • Network objects
  • Service objects
  • Application objects
  • User Group objects
  • File Content Policy objects
  • User Agent objects
  • Schedule objects
  • Generic IPS Pattern objects

In case global firewall objects are renamed this change has to be confirmed directly by clicking Send Changes and Activate before the change becomes available in the firewall services. The object type can not be changed after it has been set.

Global Firewall Objects vs. Range/Cluster Firewall Objects

For a more granulated definition of firewall objects, global firewall objects can be overridden by range or cluster firewall objects of the same name. An object that overrides a globally defined object is indicated by a server icon with a red arrow.

Global objects that are overridden by range or cluster objects, are not visible within the host firewall or forwarding firewall rule editor on range or cluster level.

Site-specific Network Objects

To define network objects for IP addresses or networks which differ for each CloudGen Firewall, define a site-specific network object. The values for these network objects must be entered for each virtual server on the Server Properties > Networks page and can then be used in the Forwarding Firewall rule set.

For more information, see How to Create a Site-Specific Network Object.

Global GTI Objects

When tunnel endpoints are created in the VPN GTI Editor, corresponding dynamic network objects are created at the same time (How to Create a VPN Tunnel with the VPN GTI Editor). These objects are named servername_clustername_range with a prefixed GTI Server accordingly. Global GTI objects are inherited as references by local and forwarding firewall rulesets of each Firewall service related to the tunnel endpoint and may be used for rule specification. Every time a new tunnel endpoint is inserted into the Global VPN GTI Editor, the GTI Objects must be reloaded in the Global Firewall Objects window in order to become available in the configuration dialogs  Global GTI objects can not be edited or renamed.

Last updated on