Hostname List for Barracuda Online Services

Access to hosts and domains in the Barracuda Cloud is required for the proper operation of a Barracuda SecureEdge. Ensure that the proper ACLs are in place to allow access to these services:

Servers for determining the Timezone and the Location, Port 443

• geoip.cudasvc.com

Telemetry Information - Different Ports

Telemetry information will be sent to:

• backfeed.barracuda.com:443

• airlockstatic.nap.aws.cudaops.com:80,443

• airlock.nap.aws.cudaops.com:80,443

• 3.18.232.73:80,443

Update Servers - Different Ports

• updates.cudasvc.com:80, 8000, 443

• cnt12.upd.cudasvc.com:80, 8000

• cnt13.upd.cudasvc.com:80, 8000

• cnt14.upd.cudasvc.com:80, 8000

• cnt15.upd.cudasvc.com:80, 8000

• cnt20.upd.cudasvc.com:80, 8000

• cnt21.upd.cudasvc.com:80, 8000

Download Servers - Port 443

• dlportal.barracudanetworks.com

• d.barracudanetworks.com

License Activation Server - Port 443

• bcc.barracudanetworks.com

• api.bcc.barracudanetworks.com

• ng-activation.cudasvc.com

• cloudgenwan-licensing.cudasvc.com

Zero Touch Deployment - Port 443

• ztd.barracudanetworks.com

Authentication Servers - Port 80

• auth.useast1.aws.svc.fusion.cudasvc.com

• auth.eucentral1.aws.svc.fusion.cudasvc.com

• auth.uswest1.aws.svc.fusion.cudasvc.com

• auth.euwest1.aws.svc.fusion.cudasvc.com

• auth.svc.fusion.cudasvc.com

• auth.fra.svc.fusion.cudasvc.com

• auth.rdn.svc.fusion.cudasvc.com

• auth.rzc.svc.fusion.cudasvc.com OR
  auth.*.svc.fuction.cudasvc.com

ATP Servers Port 443

• api-euwest1-aws.batd.cudasvc.com

• api-uswest1-aws.batd.cudasvc.com

• api-apsoutheast1-aws.batd.cudasvc.com

• api-useast1-aws.batd.cudasvc.com

• api-eucentral1-aws.batd.cudasvc.com

• api-apsoutheast2-aws.batd.cudasvc.com

• api-useast2-aws.batd.cudasvc.com

• api-apnortheast1-aws.batd.cudasvc.com

• api-cacentral1-aws.batd.cudasvc.com OR
  *.batd.cudasvc.com

URL Categorization Servers - Port 443

• api.useast1.aws.wcs.cudasvc.com

• api.apsoutheast2.aws.wcs.cudasvc.com

• api.euwest1.aws.wcs.cudasvc.com

• api.uswest1.aws.wcs.cudasvc.com

• api.eucentral1.aws.wcs.cudasvc.com

• api.apnortheast1.aws.wcs.cudasvc.com OR
  *.wcs.cudasvc.com

DNS Block List - Port 443

• b.barracudacentral.org

SecureEdge - Port 443

• cloudgenwan-configuration.cudasvc.com

• cloudgenwan-status.cudasvc.com

• wss.se.barracudanetworks.com

Network Time Protocol (UDP Port 123)

• For Edge Service and Edge Service for Virtual WAN, access to time.windows.com must be ensured.

• For a Private Edge Service or a Site: 0.barracuda.pool.ntp.org, 1.barracuda.pool.ntp.org, 2.barracuda.pool.ntp.org, and 3.barracuda.pool.ntp.org must be accessible.

Hostname List for SecureEdge Access

For downloading Barracuda SecureEdge Access Agent from Microsoft Store/Apple Store/Google Play, access to those needs to be allowed.

• se.barracudanetworks.com (Enrollment)

• cloudgenwan-ztna.cudasvc.com (Enrollment, Config Sync)

• autodiscovery-ztna.cloudgenwan.cudasvc.com (Auto-Discovery to detect if client is behind a site)

AWS / Azure and Google Cloud APIs

• https://www.microsoft.com/en-us/download/confirmation.aspx?id=41653

• https://ip-ranges.amazonaws.com/ip-ranges.json

Microsoft Log Analytics - Port 443

• *.ods.opinsights.azure.com

• *.oms.opinsights.azure.com

• *.blob.core.windows.net

• *.azure-automation.net