It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

Importing the Barracuda CloudGen WAF for AWS PAYG CFT and Deploying the Instance

  • Last updated on

Perform the steps below to import the Barracuda CloudGen WAF for AWS Pay-As-You-Go CloudFormation Template and deploy the instance:

  1. Go to the AWS Marketplace, type Barracuda CloudGen WAF for AWS in the Search AWS Marketplace text box and click GO.
  2. Select Barracuda CloudGen WAF for AWS


  3. The Barracuda CloudGen WAF page appears on the AWS Marketplace.
  4. In the Pricing Details panel:
    1. Select the region for the instance to be deployed from the “For region” drop-down list.
    2. Select Barracuda CloudGen WAF for AWS as Delivery Methods.
    3. Click Continue.

         Barracuda Web Application Firewall on AWS Marketplace.png

  5. In the Launch on EC2 page:
    1. Select the Barracuda CloudGen WAFversion that you want to deploy on AWS.
    2. Select the region for the instance.
    3. Ensure the Deployment Options is set to Barracuda CloudGen WAF for AWS.
    4. Check the software pricing for subscription term (Hourly or Annual).
    5. Click Launch with CloudFormation Console.

            Launch on EC2.png

  6. In the Create A New Stack page, click Next:
    1. On the Specify Details page, do the following configuration:
      1. In the Specify Details section:
        1. Enter a name for the CloudFormation stack in the Stack Name field.
      2. In the Parameters section, specify values for the following:

        Network Configuration
        Parameter NameDescription
        Which VPC should this be deployed to?Select the VPC that you wish to deploy the Barracuda CloudGen WAF instance(s) from the drop-down list.
        Availability Zone(s)Select the availability zones from the multi-select drop-down list. The VPC you choose to deploy in must be available across these availability zones. Note: It is recommended to deploy the instances in multiple availability zones.
        Subnet ID(s)Select the subnet ID(s) associated with the availability zone(s) where the Barracuda CloudGen WAF instance(s) needs to be deployed. Note that these subnets must be part of the VPC that you choose.
        Elastic Load Balancer(s)

        Enter the name of the elastic load balancer(s) (ELB) that needs to be used to load balance/distribute the traffic between the Barracuda CloudGen WAF(s). The ELB(s) should be connected to all the subnets that are used for this deployment and be part of the VPC that is chosen for this deployment.

        Ensure that you create the load balancer(s) before configuring it in the Stack.

        Auto Scaling Configuration
        Parameter NameDescription
        Instance TypeSelect an instance type depending on your requirement.
        Minimum Instances

        Enter the minimum number of Barracuda CloudGen WAF instance(s) that needs to be up and running continuously in the Auto Scaling group. Default: 1

        Maximum Instances

        Enter the maximum number of Barracuda CloudGen WAF instance(s) to be deployed in the Auto Scaling group. Default: 4

        Notification EmailEnter the email address(es) to which you want Amazon SNS to send email notifications.
        Barracuda CloudGen WAF Bootstrapping Configuration
        Parameter NameDescription
        Service NameEnter a name for the service that needs to be created on the Barracuda CloudGen WAF(s).
        Service Port

        Enter the port number on which the service is listening to.

        Port 8000 and 8443 should not be used for Service Port when deploying the Barracuda CloudGen WAF instances using the CloudFormation Template (CFT), as these ports are already used for management (MGMT) access of the Barracuda CloudGen WAF.

        Server IP/FQDNEnter the IP address of the server, or Fully Qualified Domain Name (FQDN) of the ELB front-ending the servers that needs to be protected by the Barracuda CloudGen WAF(s) .
        If you are deploying a downstream ELB, specify the FQDN of the ELB to which the Barracuda CloudGen WAF needs to be connected.
        Server PortEnter the port number associated with the server mentioned in Server IP/FQDN.


    2. Click Next to continue.
    3. On the Options page, enter a key-value pair to identify the instance(s) of this stack. Click Next.


    4. On the Review page, verify the values you entered, select the IAM capability check box, and click Create.



      As per the configuration in the CFT above:

      1. A stack with the name “BarracudaWAFStackOne” will be created.
      2. Deploys one (1) Barracuda CloudGen WAF VM in one of the specified availability zones (us-west-2a/us-west-2b/us-west-2c), and subnets (subnet-b00551d5/subnet-d8d3b8af/subnet-96921wcf ) with instance type as m3.medium, and gets added to the "WAFAutoScaleELB" Elastic Load Balancer.
      3. Sends notification to
      4. Scales up the instance (up to total of 4) whenever the alarm triggers.
      5. Creates a service on theBarracuda CloudGen WAF with port 80 that protects the server(s) ( on port 80). The created service can be accessed over the ELB, i.e., WAFAutoScalELB, using port 80.
      6. Creates an IAM role that has explicit access to the created S3 bucket. The IAM role is responsible for storing and retrieving the information of the deployed Barracuda CloudGen WAFs in this stack.
      7. Tags the deployed Barracuda CloudGen WAF VMs with Name as Demo.
      8. If AWS is unable to create the stack based on the inputs you provided, the stack will roll back.

  7. The CFT now starts its operation. You can see the CREATE_IN_PROGRESS status displayed on the CloudFormation Management Console for the stack. Select the tabs and see the status of events and resources that are being created. An example of the successfully created resources is available in the screenshot below:



Next Step

Continue with the Verify the Instance in the Auto Scaling Group article.