We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

Attention

Barracuda CloudGen Firewall version 8.0 is a cloud-only version. It is currently not available for on-premises deployments and can only be deployed in Microsoft Azure, Amazon Web Services, or Google Cloud Platform public clouds.

How to Configure Access Notifications

  • Last updated on

Access notification settings assign notification types to each Barracuda CloudGen Firewall service or otherwise relevant system service (for example, sshd or console login). The service uses the login ID attempting access to verify its legitimacy on the system. Next, it determines the associated notification scheme for the login ID with the service default constituting a fallback option. Finally, it determines the service-specific notification type from the applicable notification scheme and generates an appropriate event. There are two simple scenarios:

  • Login attempts with an unknown login ID trigger Event-ID 4100 User Unknown.
  • The authentication process fails for some other reason, creating Event-ID 4110 Authentication Failure Notice
    Authentication failure on the second login attempt generates Event-ID 4111 Authentication Failure.
  • If the maximum number of authentication attempts (usually 3) is exceeded, a Event-ID 4112 Authentication Failure Alert notification is generated. This is only possible if an internal system error has occurred.

Configure Access Notifications

You can configure the following access notification types:

  • Silent – (Automatically assigned to invisible users ha and master) Suppresses notifications for successful access attempts. Unsuccessful attempts are treated according to the Service Default scheme.
  • Notice – Generates a Notice event.
  • Warning – Generates a Warning event.
  • Alert – Generates an Alert event.
  1. Go to CONFIGURATION > Full Configuration > Box > Advanced Configuration > Access Notification.
  2. Click Lock.
  3. In the Command Line Access section, select the notification types for the following access settings:
    • Console Login – The notification type for a successful login. Note that login here denotes direct system access via the console.
    • SSH Login – The notification type for a successful system access via the SSH protocol.
    • SSH Remote Execution – The notification type for an access via the SSH protocol for remote command execution. Note that remote copy (scp) and secure FTP (sftp) would also fall into this category.
    • System Command: su – The notification type for the su (Substitute User) command-line tool. The notification settings used are not those of the system user invoking su but the system user whose identity is adopted.
      With the exception of the SSH: rexec setting, the services do not have adjustable settings for failed access attempts. Access failures at the operating system level are always recorded.
  4. Click Send Changes and Activate.

Configure the Message Board

Configure the messages to be displayed at login time via SSH, the Barracuda Firewall Admin GUI, and on the console.

  1. Go to CONFIGURATION > Full Configuration > Box > Advanced Configuration > Message Board.
  2. Click Lock.
  3. In the Message Display Policy section, select when to display a message.
  4. In the Displayed Message section, adjust the message as required. Use only:
    • Alphabetic characters
    • Numerics
    • # ! _ , .
      Empty breaks, repeated spaces, and a single period (.) in an empty line will be ignored.
  5. Click Send Changes and Activate.

It is recommended that you check the display of the message at the login after editing.

Last updated on