It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

Barracuda Web Application Firewall Deployment on Google Cloud Platform via the Google Launcher

  • Last updated on

This section walks you through steps of how to deploy the Barracuda Web Application Firewall (WAF) on Google Cloud Platform via the Google Launcher.

Ensure that you do not configure the WAF behind a Google TCP load balancer. Always use an HTTP load balancer.

Before You Begin

Ensure that you have a Google account created.

Step 1. Create a Network in the Google Cloud

Create the virtual network you are deploying your firewall to

  1. Go to https://console.cloud.google.com.
  2. Click the hamburger menu in the upper-left corner.
    hamburger.png
  3. From the Networking section, click VPC networks and then select VPC networks from the list.
  4. In the VPC networks window, click Create VPC Network
    Create_vpc.png
  5. In the Name and Description boxes, specify a name for the network and its description.
  6. In the Subnetworks section, click Custom
  7. Create the public subnet:
    • Name - Enter public-subnet
    • Region - Select your region. 
    • IP address range - Enter the network in CIDR format. If possible, do not use a network that overlaps with your on-premises network.
      VPCNetwork.jpg
  8. Click  Create . The network is now listed.
    NetworkListed.png

Step 2. Create the WAF Instance from Cloud Launcher

Deploy a new Barracuda Web Application Firewall (BYOL) instance from the Cloud Launcher image.

You can follow the same steps for deploying the Barracuda Web Application Firewall (PayG) instance on Google Cloud, except for the licensing section that is not required.

  1. Go to the Barracuda CloudGen WAF (BYOL) page.
  2. Click Launch on Compute Engine.
    LaunchComputepage1.png
  3. Enter the Deployment name.
  4. From the Zone list, select the region for your new firewall instance.
  5. Select the Machine type with the number of vCPUs corresponding to your Barracuda WAF license and performance needs. For more information, see Public Cloud.
  6. Change Disk type to SSD if you plan to use IO-intensive features like WAN Opt, Malware Protection, or HTTP Proxy. Otherwise, leave the default setting to Standard Persistent Disk.
  7. In Networking, choose network and subnetwork names for the public subnet you created in Step 1.
    nwsubnwselection.png
  8. Leave all the default firewall positions checked. You can add more ports, protocols, and IP addresses after deployment.
  9. (optional) If you want to use a reserved static address as created in Step 2:
    1. Click More to expand the advanced options.
    2. Select your External IP from the list.
  10. Click Create to start the deployment.

Step 3 - License the Barracuda Web Application Firewall

If you have deployed the Barracuda Web Application Firewall with the Hourly option, you do not need to license the system; skip ahead to Step 7 - Verify Configuration and Change the Password

If you have deployed the Barracuda Web Application Firewall with BYOL, complete the licensing and provisioning of your system.

  1. Go to https://console.cloud.google.com.
  2. Click the hamburger menu in the upper-left corner.
  3. From the Tools section, click Deployment Manager and then select Deployment from the list.
  4. In the left pane, click the deployment that you have just created.
  5. In the right pane, click Log into the admin panel.

    To access the Barracuda Web Application Firewall from the browser directly, use the following:
    For HTTP:              http://<Public DNS>:8000 (Unsecured)
    For HTTPS:           https://<Public DNS> (Secured)
    The Barracuda Web Application Firewall is not accessible via the HTTPS port at the initial boot-up. Therefore, it is recommended to use ONLY HTTP port to access WAF when booting. This displays the status of the unit. For example, System Booting . Once the boot process is complete, you are redirected to the login page.

    BWAFBYOLSelected.png

  6. After the boot process is complete, the Licensing page displays the following options (This step is skipped in case of PAYG instances)

    Licensepage.png
    1. I Already Have a License Token – Use this option to provision your Barracuda Web Application Firewall with the license token you have already obtained from Barracuda Networks. Enter your Barracuda Networks Token and Default Domain to complete licensing, and then click Provision.
      The Barracuda Web Application Firewall connects to the Barracuda Update Server to get the required information based on your license and then reboots automatically. Allow a few minutes for the reboot process. Once the instance is provisioned, you are redirected to the login page.
    2. I Would Like to Purchase a License – Use this option to purchase the license token for the Barracuda Web Application Firewall. Provide the required information in the form, accept the terms and conditions, and click Purchase.
      The Barracuda Web Application Firewall connects to the Barracuda Update Server to get the required information based on your license and then reboots automatically. Allow a few minutes for the reboot process. Once the instance is provisioned, you are redirected to the login page.
    3. I Would Like to Request a Free Evaluation – Use this option to get 30 day free evaluation of the Barracuda Web Application Firewall. Provide the required information in the form, accept the terms and conditions, and click Evaluate.
      The Barracuda Web Application Firewall connects to the Barracuda Update Server to get the required information based on your license and then reboots automatically. Allow a few minutes for the reboot process. Once the instance is provisioned, you are redirected to the login page.

After you provide the license key, the Barracuda Web Application Firewall takes some time to be provisioned- typically, within 10 minutes. After the provisioning is complete, fill-in your details to accept the EULA.

EULApage.png

Step 4. Log into Barracuda Web Application Firewall

  1. Log into the Barracuda Web Application Firewall using the following credentials.
    1. Username – admin
    2. Password – Use the temporary password displayed on the launch page.

It is recommended to change this password post launch.

  1. The Welcome screen appears after you log in. If you want to configure your first application, click Create your first Service. Otherwise, click Do it later if you prefer to familiarize yourself with the user interface. For more information on how to create a Service, refer to Step 6.

Step 5 - Open Network Address Ranges on Firewall

For more information on the list of Open Network Address ranges required for the firewall, refer to the Prepare for the Installation article.

Step 6 - Verify Configuration and Change the Password

  1. Either log into the Barracuda Web Application Firewall as an administrator using the Admin URL or click the Log into the admin panel button. See Step 4 - Log into Barracuda Web Application Firewall for more information.
  2. Navigate to the BASIC > Administration page and enter your old password, new password, and re-enter the new password.
  3. Click Save Password.

Step 7 - Configuring the Service(s) on the Barracuda Web Application Firewall

You can configure the services on the BASIC > Services page. In Google Cloud Platform, the services can be created using the System (WAN) IP address of the instance.

For more information on services, see Configuring a Service. For adding a service, click the Help button.