We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

Barracuda CloudGen WAF Deployment on Google Cloud Platform via the Google Launcher

  • Last updated on

This section walks you through steps of how to deploy Barracuda CloudGen WAF on Google Cloud Platform via the Google Launcher.

Before You Begin

Ensure that you have a Google account created.

Step 1. Create a Network in the Google Cloud

Create the virtual network you are deploying your firewall to

  1. Go to https://console.cloud.google.com.
  2. Click the hamburger menu in the upper-left corner.
    hamburger.png
  3. From the Networking section, click VPC networks and then select VPC networks from the list.
  4. In the VPC networks window, click Create VPC Network
    Create_vpc.png
  5. In the Name and Description boxes, specify a name for the network and its description.
  6. In the Subnetworks section, click Custom
  7. Create the public subnet:
  • Name - Enter public-subnet
  • Region - Select your region. 
  • IP address range - Enter the network in CIDR format. If possible, do not use a network that overlaps with your on-premises network.
    VPCNetwork.jpg
  • Click  Create . The network is now listed.

    NetworkListed.png
  • Step 2. Create the CloudGen WAF Instance from Cloud Launcher

    Deploy a new Barracuda CloudGen WAF (BYOL) instance from the Cloud Launcher image.

    You can follow the same steps for deploying the Barracuda CloudGen WAF (PayG) instance on Google Cloud, except for the licensing section that is not required.

    1. Go to the Barracuda CloudGen WAF (BYOL) page.
    2. Click Launch on Compute Engine.
      LaunchComputepage1.png
    3. Enter the Deployment name.
    4. From the Zone list, select the region for your new firewall instance.
    5. Select the Machine type with the number of vCPUs corresponding to your CloudGen WAF license and performance needs. For more information, see Public Cloud.
    6. Change Disk type to SSD if you plan to use IO-intensive features like WAN Opt, Malware Protection, or HTTP Proxy. Otherwise, leave the default setting to Standard Persistent Disk.
    7. In Networking, choose network and subnetwork names for the public subnet you created in Step 1.
      nwsubnwselection.png
    8. Leave all the default firewall positions checked. You can add more ports, protocols, and IP addresses after deployment.
    9. (optional) If you want to use a reserved static address as created in Step 2:
      1. Click More to expand the advanced options.
      2. Select your External IP from the list.
    10. Click Create to start the deployment.

    Step 3 - License the Barracuda CloudGen WAF

    If you have deployed the Barracuda CloudGen WAF with the Hourly option, you do not need to license the system; skip ahead to Step 7 - Verify Configuration and Change the Password

    If you have deployed the Barracuda CloudGen WAF with BYOL, complete the licensing and provisioning of your system.  

    1. Go to https://console.cloud.google.com.
    2. Click the hamburger menu in the upper-left corner.
    3. From the Tools section, click Deployment Manager and then select Deployment from the list.
    4. In the left pane, click the deployment that you have just created.
    5. In the right pane, click Log into the admin panel.

      To access the Barracuda CloudGen WAF from the browser directly, use the following:
      For HTTP:              http://<Public DNS>:8000 (Unsecured)
      For HTTPS:           https://<Public DNS> (Secured)
      The Barracuda CloudGen WAF is not accessible via the HTTPS port at the initial boot up. Therefore, it is recommended to use ONLY HTTP port to access WAF when booting. This displays the status of the unit. For example, System Booting . Once the boot process is complete, you are redirected to the login page.

      BWAFBYOLSelected.png

    6. After the boot process is complete, the Licensing page displays the following options (This step is skipped in case of PAYG instances)

      Licensepage.png
      1. I Already Have a License Token – Use this option to provision your Barracuda CloudGen WAF with the license token you have already obtained from Barracuda Networks. Enter your Barracuda Networks Token and Default Domain to complete licensing, and then click Provision.
        The Barracuda CloudGen WAF connects to the Barracuda Update Server to get the required information based on your license, and then reboots automatically. Allow a few minutes for the reboot process. Once the instance is provisioned, you are redirected to the login page.
      2. I Would Like to Purchase a License – Use this option to purchase the license token for the Barracuda CloudGen WAF. Provide the required information in the form, accept the terms and conditions, and click Purchase.
        The Barracuda CloudGen WAF connects to the Barracuda Update Server to get the required information based on your license, and then reboots automatically. Allow a few minutes for the reboot process. Once the instance is provisioned, you are redirected to the login page.
      3. I Would Like to Request a Free Evaluation – Use this option to get 30 days free evaluation of the Barracuda CloudGen WAF. Provide the required information in the form, accept the terms and conditions, and click Evaluate.
        The Barracuda CloudGen WAF connects to the Barracuda Update Server to get the required information based on your license, and then reboots automatically. Allow a few minutes for the reboot process. Once the instance is provisioned, you are redirected to the login page.

    After you provide the license key, the Barracuda CloudGen WAF takes some time to be provisioned- typically, within 10 minutes. After the provisioning is complete, fill-in your details to accept the EULA.

    EULApage.png

    Step 4. Log into Barracuda CloudGen WAF

    1. Log into the Barracuda CloudGen WAF using the following credentials.
      1. Username – admin
      2. Password – Use the temporary password displayed on the launch page.

    It is recommended to change this password post launch.

    1. The Welcome screen appears after you login. If you want to configure your first application, click Create your first Service . Otherwise, click Do it later if you prefer to familiarize yourself with the user interface. For more information on how to create a Service, refer to Step 6.

    Step 5 - Open Network Address Ranges on Firewall

    If your Barracuda CloudGen WAF is located behind a network firewall, open the following Barracuda network address ranges for the ports shown in the table below on your firewall to ensure proper operation:

    • 64.235.144.0/20
    • 198.207.200.0/22
    • 209.222.80.0/21

    Port

    Direction

    TCP

    UDP

    Usage

    22

    Out

    Yes

    No

    Technical Support connections

    25

    In/Out

    Yes

    No

    Email alerts

    53

    Out

    Yes

    Yes

    Domain Name Service (DNS)

    80/8000

    Out

    Yes

    No

    Virus/attack/security definition and firmware updates

    123

    Out

    No

    Yes

    Network Time Protocol (NTP)

    8443

    Out

    Yes

    No

    Initial VM Provisioning *

    * The initial provisioning port can be disabled once the initial provisioning process is complete.

    Step 6 - Verify Configuration and Change the Password

    1. Either log into the Barracuda CloudGen WAF as an administrator using the Admin URL, or click the Log into the admin panel button. See Step 4 - Log into Barracuda CloudGen WAF for more information.
    2. Navigate to the BASIC > Administration page and enter your old password, new password, and re-enter the new password.
    3. Click Save Password.

    Step 7 - Configuring the Service(s) on the Barracuda CloudGen WAF

    You can configure the services on the BASIC > Services page. In Google Cloud Platform, the services can be created using the System (WAN) IP address of the instance.

    For more information on services, see Configuring a Service. For adding a service, click the Help button.

     


    Last updated on