It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

Telemetry Data

  • Last updated on

To be able to continuously update and improve frequently used features based on real-world data, the Barracuda CloudGen Firewall sends performance and usage data to the Barracuda telemetry servers. Sending statistics is opt-out for new or freshly installed CloudGen Firewalls, and opt-in for updated firewalls. After collecting data, the CloudGen Firewall starts one attempt to update the telemetry data via an HTTPS connection. If the connection to the update servers fails, no further attempts are made until the next day. A copy of all parameters sent to the telemetry servers is logged every time an update is initiated. The Barracuda Firewall Control Center sends data collected only on box level. No data from the Control Center layer is collected. For firewalls in the public cloud (AWS, Google, or Azure), telemetry cannot be completely disabled; the minimal set of parameters is always transmitted.

Barracuda Telemetry Server

  • airlock.nap.aws.cudaops.com

Telemetry Parameter List

NameKeyValue TypeDescription

General Information

Serial NumberserialNumberSerial number of the box
MAC AddressmacMAC address (hex format)MAC address used for the license
ModelapplianceTypeThe appliance type, e.g., T100 for a CloudGen WAN T100 or VT1500 for a virtual appliance VT1500
ModelmodelTypeThe appliance type, e.g., T100 for a CloudGen WAN T100 or VT1500 for a virtual appliance VT1500
Virtual Subtypevirt_subtypeTypeInformation about the hypervisor
DevMapdevmapText

Device mapping

Number of CPUsnumcpuNumberNumber of CPUs
Memory UsagememoryPercentPercent of used memory
Swap UsageswapPercentPercent of used swap memory
Average CPU LoadcpuFloat15-Minute CPU average load at the moment of collecting the data
Used Firmware PartitiondiskfirmwarePercentAllocation of partition "/" in percent
Used Data PartitiondiskdataPercentAllocation of partition "/phion0" in percent
Firmware VersionfirmwareVersion StringVersion of the CloudGen WAN firmware software
HotfixeshotfixesStringName of installed hotfixes.
UptimeuptimeSecondsBox uptime in seconds
Box locationcountryLocationLocation of the box if configured
Stand-Alone / Centrally ManagedmcmanagedYes / NoIs box managed by a control center
EU Expiration DateeuexpirationDateExpiration Date of Energize Updates
EU StatuseustateStatusStatus of Energize Updates
License StatuslicstatusStatusStatus of the license
Firewall Insights Configuredfwinsights_configuredYes / NoIs Firewall Insights configured
Firewall Insights Licensedfwinsights_licensedYes / NoIs Firewall Insights licensed
Virtual WAN for Azure Cloudazurevwan_configuredYes / NoIs vWAN for Azure Cloud enabled
ClassclassnumberAlways 22
Web User InterfaceismanagedbywebuiYes / NoIs Web UI enabled
Kernel ArchitecturekernelarchitectureStringKernel Architecture
Metered Cloud Devicemetered_ngYes / NoIs the appliance a metered cloud appliance
Timeserver_timestampTimeCurrent time as Unix timestamp
Telemetry configurationtelemetry_amountStringMinimal or full telemetry
Virtual Routing and ForwardingvrfNumberNumber of VRF instances in use

Services

App ControlappcontrolStatusShows the status of Application Control (license and activation)
SSL InspectionssliceEnabled / DisabledSSL Inspection for firewall service enabled
Port Protocol ProtectionprotocolprotectionEnabled / DisabledIs protocol protection in the firewall service enabled
Google Safe SearchsafesearchEnabled / DisabledGoogle Safe Search enabled
YouTube for SchoolsytforschoolsEnabled / DisabledYouTube for schools enabled
URL FiltercofsEnabled / DisabledWeb filter service enabled
Virus ScannervirscanEnabled / DisabledAV Scanner service installed
Avira Virus ScanneraviraEnabled / DisabledAvira AV Scanner enabled
Virus Scan in FirewallfwavscanEnabled / DisabledAV Scan used in access rule(s)
HTTP ProxyproxyEnabled / DisabledHTTP proxy service installed
HTTP Proxy modeproxymodeReverse / Forward / TransparentHTTP Proxy mode
Proxy SSL InspectionsquidbumpEnabled / DisabledSSL Intercept mode from proxy service enabled
DHCP EnterprisedhcpeEnabled / DisabledDHCP Enterprise service installed
DHCP RelaydhcprelayEnabled / DisabledDHCP relay service installed
SSH ProxysshprxEnabled / DisabledSSH proxy service installed
FTP GatewayftpgwEnabled / DisabledFTP Gateway service installed
OSPF RoutingospfEnabled / DisabledOSPF service installed
Mail GatewaymailgwEnabled / DisabledMail Gateway service installed
SPAM FilterspamfilterEnabled / DisabledSpam filter service installed
DNS ServicednsEnabled / DisabledDNS service installed
DNS Health Probesdns_healthprobesNumberNumber of configured health probes
DNS Primary Zonesdns_master_zonesNumberNumber of configured primary zones
DNS Recordsdns_recordsNumberNumber of configured records
Split DNSdns_split_dnsEnabled / DisabledSplit DNS enabled
IPSipsEnabled / DisabledIPS detection enabled
IPS Report-Only ModeipsreportonlyEnabled / DisabledIPS report-only mode enabled
IPS Scan ModeipsscanmodeFull / Fast / AutoIPS scan mode
Stream ReassemblystreamreassmblyYes / No / AutoMode of the stream reassembly for the firewall service
RPC TrackingrpcEnabled / DisabledRPC tracking enabled
Guest AccessguestaccessEnabled / DisabledGuest access enabled
Audit LogauditEnabled / DisabledFirewall Audit logging enabled
Audit TypeaudittypeStringAudit log handling
Fwaudit ServiceccfwauditEnabled / DisabledFwaudit service enabled
Fwaudit ServicefwauditEnabled / DisabledFwaudit service enabled
RCSrcsEnabled / DisabledVersion Control System for the Configuration enabled
IPFIX StreamingipfixstreamEnabled / DisabledIPFIX streaming enabled
Syslog StreamingsyslogstreamEnabled / DisabledSyslog streaming enabled

SNMP Service

snmpEnabled / DisabledSNMP service installed
QoSqosEnabled / DisabledQuality of Service (Shaping) enabled
App-Based Provider SelectionappbasedproviderEnabled / DisabledEnables/Disables the provider (ISP) selection based on the application detection (e.g., Facebook uses ISP1 and Google uses ISP2)
SIP ProxysipproxyEnabled / DisabledSIP proxy service installed
TCP ProxytcpproxyEnabled / DisabledTCP proxy for firewall service enabled
VPN ServicevpnserverEnabled / DisabledVPN service installed
Wi-Fi ServicewlanEnabled / DisabledWi-Fi service enabled

Firewall

Number of Access RulesfwrulesenableNumberNumber of forwarding access rules
Number of Application RulesapprulesenableNumberNumber of application rules
Number of Network ObjectsnetobjsNumberNumber of network objects in the forwarding firewall
Number of App ObjectsappobjsNumberNumber of application objects in the forwarding firewall
Number of URL Filter ObjectsurlcatpolicysNumberNumber of URLCAT policies configured in the forwarding firewall
Number of Connection ObjectsconnectionobjsNumberNumber of connection objects in the forwarding firewall
Dynamic Bandwidth Traffic Duplicationconnobj_dynbw_duplicateEnabled / DisabledDynamic bandwidth traffic duplication enabled
Dynamic Bandwidth Policyconnobj_dynbw_policyNumberDynamic bandwidth policy: Bandwidth, Latency, Quality, Upstream, Downstream, None
VPN Transport Selectionconnobj_vpnroutesNumberVPN transport selection information: Quality, Bulk, Fallback, BestBandwidth, BestLatency, BestQuality
Traffic Statisticsdtv_bytesfwdNumberBytes forwarded in 24 hours
Traffic Statisticsdtv_bytesinNumberIncoming bytes in 24 hours
Traffic Statisticsdtv_bytesoutNumberOutgoing bytes in 24 hours
Forwarding FirewallfirewallEnabled / DisabledForwarding firewall enabled
AV Service BATPfwatdEnabled / DisabledAV Service BATP enabled
Number of Schedule ObjectsschedulesNumberNumber of time schedule objects in the forwarding firewall
Number of Proxy ARP ObjectsproxyarpobjsNumberNumber of proxy ARP objects in the forwarding firewall
Number of Generic IPS PatternsgenipspatternNumberNumber of generic IPS patterns in the forwarding firewall
Number of Bridge GroupsbridginggroupsNumberNumber of bridge groups in the forwarding firewall
NAC ServicepolicyserverEnabled / DisabledNAC service enabled
Active Protected IPsprotIP_activeNumberNumber of active protected IPs
Licensed Protected IPSprotIP_licensedNumberNumber of licensed protected IPS
URL CategorizationurlcatEnabled / DisabledURL categorization enabled

VPN

Mobile Portalvpn_mobile_portalEnabled / DisabledVPN Mobile Portal enabled
Mobile App Accessvpn_mobile_app_accessEnabled / DisabledVPN Mobile App Access enabled
Number of Web Forwardsvpn_web_forwardsNumberNumber of the VPN web forwards
Number of Appsvpn_applicationsNumberNumber of VPN applications
Number of VPN Profilesvpn_profilesNumberNumber of VPN profiles
VPN FIPSvpn_fipsEnabled / DisabledUse only Federal Information Processing Standards (FIPS)-compliant algorithms and libraries for cryptography.
First usage in firmware version 8.3.2.

VPN Clients

Number of Client-to-Site Tunnelsvpn_client2site_tunnelsNumberNumber of all Client-to-Site tunnels
Number of Client-to-Site Tunnels with Windows Clientsvpn_client2site_windowsNumber

Number of Client-to-Site tunnels with Windows clients

Number of Client-to-Site Tunnels with Mac Clientsvpn_client2site_macNumberNumber of Client-to-Site tunnels with Mac clients
Number of Client-to-Site Tunnels with Linux Clientsvpn_client2site_linuxNumberNumber of Client-to-Site tunnels with Linux clients
Number of Client-to-Site Tunnels with BSD Clientsvpn_client2site_bsdNumberNumber of Client-to-Site tunnels with BSD clients
Number of Client-to-Site Tunnels with Android Clientsvpn_client2site_androidNumberNumber of Client-to-Site tunnels with Android clients
Number of Client-to-Site Tunnels with IPsec Clientsvpn_client2site_ipsecNumberNumber of Client-to-Site tunnels with IPsec clients
Number of Client-to-Site Tunnels with L2TP Clientsvpn_client2site_l2tpNumberNumber of Client-to-Site tunnels with L2TP clients
Number of Client-to-Site Tunnels with PPTP Clientsvpn_client2site_pptpNumberNumber of Client-to-Site tunnels with PPTP clients

VPN Tunnels

Dynamic Path Selection (SD-WAN)vpn_dynamic_path_selectionEnabled / DisabledIndicates if at least one VPN tunnel uses SD-WAN
Dynamic VPN Routingvpn_dynamic_vpn_routingEnabled / DisabledShows if dynamic routing via VPN tunnels is enabled
WAN Optvpn_wanoptEnabled / DisabledShows if WAN optimization is enabled for the VPN service
SSL VPNvpn_sslvpnEnabled / DisabledShows if SSL VPN is enabled for the VPN service
Single Routing Tablevpn_single_routing_tableEnabled / DisabledShows if the VPN routes are added to the main routing table, or if separate routing tables are used
Dyn Meshvpn_dynamic_meshEnabled / DisabledShows if Dyn Mesh is enabled for the VPN service
Number of IPsec Site-to-Site Tunnelsvpn_site2site_tunnels_ipsecNumberNumber of site-to-site tunnels with IPsec
Number of TINA Site-to-Site Tunnelsvpn_site2site_tunnels_tinaNumberNumber of site-to-site tunnels with TINA
Number of TINA Site-to-Site Transportsvpn_site2site_tunnels_tina_transportsNumberNumber of site-to-site TINA VPN transports
Number of Down Site-to-Site Tunnelsvpn_site2site_tunnels_downNumberNumber of site-to-site TINA VPN transports or IPsec tunnels that are currently down (for whatever reason)
Number of VPN Tunnels with Enabled Dynmeshvpn_site2site_tunnels_dynmesh_enabledNumberNumber of VPN tunnels with enabled dynmesh
Number of SD-WAN-VPN Tunnels with Enabled Dynmeshvpn_site2site_tunnels_sdwan_dynmesh_enabledNumberNumber of SD-WAN-VPN tunnels with enabled dynmesh
Number of SD-WAN-VPN Tunnelsvpn_site2site_tunnels_sdwan_enabledNumberNumber of SD-WAN-VPN tunnels
Number of Connected SSL-VPN Clientsvpn_sslvpn_clientsNumberNumber of connected SSLVPN clients

Authentication

DC Clientauth_dcclientEnabled / DisabledAuthentication via DC Agent / DC Client enabled/disabled
TS Agentauth_tsclientEnabled / DisabledAuthentication via TS Agent / TS Client enabled/disabled
Wi-Fi APauth_wifiapEnabled / DisabledAuthentication via Wi-Fi access point enabled/disabled

Networking

3G (UMTS)net_umtsEnabled / DisabledIs UMTS setup enabled or disabled
xDSLnet_dslEnabled / DisabledIs DSL connection enabled or disabled
Barracuda DSL Modemnet_barracuda_dsl_mode

bridgemode / advancedmode

How is the Barracuda DSL Modem configured
net_barracuda_dsl_wan1Enabled / DisabledIs DSL/WAN1 enabled or disabled
net_barracuda_dsl_wan2Enabled / DisabledIs WAN2 enabled or disabled
DHCPnet_dhcpEnabled / DisabledIs DHCP connection enabled or disabled
Wi-FiwifiEnabled / DisabledIs Wi-Fi connection enabled or disabled
HAnet_haEnabled / DisabledIs HA setup enabled or disabled
IPv6net_ipv6Enabled / DisabledIs IPv6 setup enabled or disabled
Percentage of Network Ports Usednet_portusedpercPercentPercentage of network ports used
Number of VLANsnet_vlansNumberNumber of VLANs used on the box
Number of Ethernet Bondsnet_bondsNumberNumber of bonded network ports
Number of Uplinksnet_portusedNumberNumber of network ports in use

SSD

Media Wearout Level of disk Number <n>ssd<n>_wearoutNumberNormalized value indicating the sanity of the SSD (Intel SSDs) disk number <n>:
100=brand new; 1=worn out
Endurance Level of disk Number <n>ssd<n>_enduranceNumberNormalized value indicating the prospective lifetime of the SSD (Innodisk SSDs) disk number <n>:
0=brand new; 100=at the end of the lifetime as defined by the manufacturer

Control Center

Managed Firewallsmanaged_boxes_totalNumberNumber of CloudGen Firewalls managed by the Control Center
Managed Enabled Firewallsmanaged_boxes_enabledNumberNumber of enabled CloudGen Firewalls managed by the Control Center
Workspace Countworkspace_countNumberNumber of workspace configured on the Control Center
Workspace Modified Timestampworkspace_modified_timestampTimeThe last modification time of all workspaces on the Control Center

Events

Firmware Updatefirmware_updateJSON ObjectReport success or errors concerning the automatic download and installation of firmware updates
LicenselicenseError StringOnly on CloudGen WAN appliances: report if a license stamp request fails
Virus scannervirus_scannerJSON ObjectReport  failed virus scans

Enable / Disable Telemetry Data

Sending usage statistics aids in future product planning. You can enable or disable the sending of usage statistics.

  1. Go to CONFIGURATION > Configuration Tree > Box > Administrative Settings
  2. In the left menu, click Telemetry Data.
  3. Click Lock.
  4. In the Telemetry Data Options section, select one of the following options:
    • Full Data
    • Minimal Data
    • Disabled (This option is not available for firewalls in the public cloud).
      t_data.png
  5. (optional) If you want the firewall to log submitted telemetry values, then activate the check box for Log Telemetry Data.
  6. Click Send Changes and Activate.

Enable / Disable Telemetry Data from a Control Center

You can enable/disable the sending of telemetry data by selecting multiple managed boxes (bulk configuration) in a list in the Control Center.

  1. Go to CONFIGURATION > Configuration Tree > Multi Range.
  2. Enlarge the list view area on the right side of the main view.
  3. Select all boxes for which you want to enable/disable the sending of telemetry data.
  4. Right-click on a selected box.
  5. Select Share Telemetry Data in the list.
  6. Another list is displayed.
  7. Select one of the following options:
    1. full data – All telemetry data is sent.
    2. minimal data – Only a basic set of telemetry data is sent.
    3. disabled – Do not send any telemetry data.

telemetry_data_multiple_selection_on_control_center.png

If the column Telemetry is selected to be displayed, the cell contents will display the telemetry status for each appliance:
tab_view_for_CC_configuration_tree_with_telemetry_column.png