It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda SecureEdge


  • Last updated on

Barracuda SecureEdge offers a range of Edge Services to organizations with the aim of enhancing their network security and simplifying their mode of operation. SecureEdge currently allows you to create either an Edge Service that is managed by Barracuda Networks, an Edge Service connected to a vWAN hub, or an on-prem Edge Service known as Private Edge that is hosted in the customer's own data center. 

To reach a maximal homogeneous SecureEdge network, newly deployed sites will automatically update/align their firmware version to the SecureEdge Edge Services they are connecting to. This will happen regardless of the defined update window on the Barracuda SecureEdge Manager. This mechanism is in place to prevent attaching sites to the SecureEdge network with potentially outdated and/or incompatible firmware versions. 

The following types of Edge Services are available:

  • Edge Service (hosted) – This is a Barracuda Networks-hosted SaaS solution that manages maintenance, updates, and bug fixes faster and more efficiently. For more information, see How to Create an Edge Service.
  • Private Edge Service – Barracuda SecureEdge supports a private Edge Service for hybrid deployments. The Private Edge deployment option can be hosted by enterprises. When creating a private Edge Service, you can either create a new Edge Service from scratch, or promote an existing site to an Edge Service. Features like Firewall-as-a-Service and comprehensive SD-WAN functionality are required in different locations, both on-premises and in the cloud, in order to establish a secure connection from your sites and devices. You need an ISP with a static public IPv4 address. High availability is recommended. For more information, see How to Create a Private Edge Service in Barracuda SecureEdge.
  • Edge Service for Virtual WAN – This allows you to easily connect all your locations to the Microsoft Global Network via Azure Virtual WAN. It provides optimal security and SD-WAN capabilities in an easy-to-use solution that is explicitly built to bring you all the benefits of the cloud. As a cloud platform, it connects and secures any type of edge device. You can deploy as many as the number of sites you have both quickly and easily –  just plug them in and they will be auto-configured. For more information, see How to Create a SecureEdge for Virtual WAN Edge Service in Microsoft Azure

SecureEdge Deployment

You can deploy multiple virtual WANs (e.g., production and testing) with multiple Edge Services and multiple sites connected to each service. You can also integrate the Barracuda CloudGen Firewall with Barracuda SecureEdge. Each site is connected to Barracuda SecureEdge using TINA, the Barracuda VPN protocol. TINA is a proprietary extension of the IPsec protocol developed to improve VPN connectivity and availability over the standard IPsec protocol and uses AES256 cipher for the VPN encryption. Barracuda SecureEdge uses BGP for routing.


In the Barracuda SecureEdge user interface, you can easily switch between the virtual WANs and display associated Edge Services and connected sites by clicking on the name assigned to the virtual WAN during deployment.

Before You Begin

For Microsoft Azure:

  • Create a Microsoft Azure account.
  • Subscribe to the Barracuda SecureEdge service in Microsoft Azure if you are using Barracuda SecureEdge for the first time. For more information, see Getting Started.

Since Barracuda SecureEdge uses the following subnet and ASN numbers, do not use them in your network:

  • Subnet 
  • ASN numbers 65000 - 65199 

For instructions on how to set up the basic configuration in Barracuda SecureEdge, see Getting Started.

For information on hardware deployment, see Hardware Deployment and Hardware Models.

For information on virtual deployment and virtual models, see Virtual Systems (VTx) Deployment.

Further Information