It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Barracuda Vulnerability Remediation Service

Overview Documentation Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-5)

Understanding Passive Mode and Active Mode

Last updated on 2022-06-07 11:05:25

The differences between these two modes, and where they are used, can be confusing. This article aims to clarify the differences between the two modes.

Where you can make the settings:

In the Barracuda Web Application Firewall, you can configure a service (site) in two modes: Passive Mode and Active Mode .
In the Barracuda Vulnerability Remediation Service, you can also mitigate a single vulnerability in either Passive Mode or Active Mode .

What the settings mean:

In Passive Mode, the Barracuda Web Application Firewall monitors for security violations and logs them, but does not block them.

Important

In Passive Mode, the Barracuda Web Application Firewall does not secure your application. This mode is intended for temporary testing only.

In Active Mode, the Barracuda Web Application Firewall monitors for security violations and blocks them, thereby ensuring they do not reach your server.

Barracuda Networks recommends:

Mitigate vulnerabilities temporarily in Passive Mode, monitor the logs to ensure no issues arise, and then switch them to Active Mode.

For more information on the recommended workflow for the Barracuda Vulnerability Remediation Service, see Step 3: Scan and Remediate Vulnerabilities.

Note that both the service (site) and a particular vulnerability mitigation must be in Active Mode to block violations, as shown here:

Setting of Service (on Barracuda WAF)	Setting for Mitigating Vulnerability (on Barracuda Vulnerability Mitigation Service)	Effect
Passive Mode	Passive Mode	Passive Mode
Passive Mode	Active Mode	Passive Mode
Active Mode	Passive Mode	Passive Mode
Active Mode	Active Mode	Active Mode