We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda WAF Control Center

Deploying and Provisioning the Barracuda WAF Control Center in the New Microsoft Azure Management Portal

  • Last updated on

Deploying and Provisioning the Barracuda WAF Control Center Using the Azure Resource Manager Model

 

Microsoft Azure opens TCP/22 port by default in “Inbound security rules” under Network security group when the Barracuda WAF Control Center (WCC) is deployed. For security reasons, ensure it is deleted from the security group after the instance is deployed.


Perform the following steps to deploy and provision the Barracuda WAF Control Center using Resource Manager in the new Microsoft Azure portal:

  1. Log into the Microsoft Azure Management Portal.
  2. Click Marketplace at the bottom of the screen.
  3. In the Everything page, enter Barracuda WAF Control Center or Barracuda App Security Control Center in the Search text field.
  4. In the search results, select Barracuda App Security Control Center - BYOL.

    ASCC_BYOL.png

  5. In the Bring Your Own License enabled/Free Trial enabled page:
    1. Read the product overview.
    2. Select Resource Manager as a deployment model from the Select a deployment model drop-down list.
    3. Click Create.

      Create_ASCC_VM.png

  6. In the Create virtual machine > 1 Basics page:
    1. Name: Enter a name for the virtual machine.
    2. User name: Enter a username. Note: This entry is not used by the Barracuda WAF Control Center.
    3. Authentication Type: Choose Password and enter a password for the authentication. Note that this will be your password to access the Barracuda WAF Control Center web interface.
    4. Resource Group: Create a new resource group or select a resource group from the existing Resource group list.
    5. Location: Select a location for the resource group.
    6. Click OK.

      Create virtual machine_Step1_Basics_Basics page_values entered_17Aug2017.jpg

  7. In the Create virtual machine > 2 Size page:
    1. Select a size for the instance and click Select.

      It is recommended to use 4 cores as the instance size for the Barracuda WAF Control Center.


      Step 2 Size_Choose a size page_4 cores selected_17Aug2017.jpg

  8. In the Create virtual machine > 3 Settings page:
    1. Storage
      1. Data type: Select Standard/Premium (SSD) as per your requirement.
      2. Storage account: Create a new storage account or select a storage account from the existing Storage account list.
    2. Network
      1. Virtual network: Configure or select the network in which you want to deploy the Barracuda WAF Control Center.
      2. Subnet: Configure or select the subnet in which you want to deploy the Barracuda WAF Control Center.
      3. Public IP address: Configure or select the public IP address to the Barracuda WAF Control Center. 

      4. Network security group: By default, port 22 (SSH) will be opened in your Security Group to access the web interface of the Barracuda WAF Control Center.  Configure additional rules which you want to use for creating services on the Barracuda WAF Control Center using the steps:
          1. Click the +Add an inbound rule in the Create network security group page.
            Create network security group page opens.

            Step 3 Settings_Add an inbound rule_Add inbound security rule page_default_name blurred_18Aug2017.jpg

          2. Enter a name for the inbound security rule in the Name text field.
            Example: HTTPPort80_access

          3. Set the priority for the inbound security rule in the Priority text field.
            Ex: 100, 101, 102 – ( enter any of these values).

          4. Select the Any, CIDR Block or Tag option in the Source field, as per your requirement.
            The Source field specifies the incoming traffic from a specific IP address range that will be allowed or denied by this rule.

          5. Select the type of Service of the inbound security rule from the Service drop-down. The service specifies the destination protocol and port range for this rule.
            You can choose a predefined service, like RDP or SSH, or provide a custom port range.

          6. Enter the port range for the inbound security rule in the Port range text field.
            You can provide a single port, such as 80, or a port range, such as 1024-65535. This specifies on which ports the incoming traffic will be allowed or denied by this rule. Provide an asterisk to allow traffic from clients connecting on any port.

            Port 22 (SSH) is the default port.

             

            Following are the ports with the TCP and UDP Protocols that have to be opened for the Barracuda WAF Control Center:

              • Port 25 - TCP Protocol
              • Port 53 - TCP Protocol
              • Port 80 - TCP Protocol
              • Port 8000 - TCP Protocol
              • Port 123 - UDP Protocol
              • Port 443 - TCP Protocol
              • Port 48320 - TCP Protocol
              • Port 48321 - TCP Protocol
              • Port 2200 - TCP Protocol

          7. The Allow option is selected under Action by default.
            This signifies whether the traffic should be allowed to pass through the new inbound rules that are added or if they should be denied.

          8. After all fields are entered, if you want to add more inbound rules, repeat the steps from a. to g and then move to step i.

            Step 3_Add inbound security group link_Add inbound rule page values entered_nameblurred_18Aug2017.jpg

          9. Click the OK button.

          10. After adding all the necessary inbound rules, the Create network security group page is as shown:

            ICreate virtual machine_Step 3 Settings_Choose nsg_Create nsg page_inbound ports_Add inbound security rule page_all added ports displayed_extra portionimage_cropped.jpg


 9. Follow the steps listed to complete setting up the virtual machine:

    1. Extensions: Do not add any extension, as the Barracuda WAF Control Center does not support extensions. 
    2. Availability
      1. Availability set: Set the availability set to None from the existing Availability set list.

        Step 3 Settings_Default 'Settings' Page_extra area cropped.jpg

    3. In the 4 Summary page, review the configuration settings and click OK.

      Create virtual machine_Step 4_Default Summary page_cropped18Aug2017.jpg


After clicking the OK button, Microsoft Azure begins provisioning the Barracuda WAF Control Center. You can check the status of the provisioned Barracuda WAF Control Center from the Microsoft Azure Portal. Allow a few minutes before taking any further actions in the Portal. During this time, the Microsoft Azure Linux Agent and Barracuda WAF Control Center image boots up.

Also, make sure you do not restart the Barracuda WAF Control Center while it is provisioning.

Monitoring is not supported by the Barracuda virtual machines/instances. Enabling Monitoring Diagnostics can cause the deployment to fail or timeout. It is recommended to contact Barracuda Networks Technical Support before enabling Monitoring Diagnostics.

                       

         




  1.               


                
                         

 

 


 

 

 

 

 

 

Last updated on