It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

Release Notes Version 10.1 Cloud

  • Last updated on
Please Read Before Updating

Before updating to a new firmware version, be sure to back up your configuration and read the release notes for each firmware version which you will apply.

Do not manually reboot your system at any time during an update, unless otherwise instructed by Barracuda Networks Technical Support. The update process typically takes only a few minutes to apply. If the process takes longer, please contact Barracuda Networks Technical Support for assistance.

Change in Behaviour

If a server is added with the hostname, the Barracuda Web Application Firewall will automatically create server entries for all IP addresses that resolves to the configured hostname. Deleting the first server that was added with the hostname, will now delete all the automatically created server entries. [BNWF-25536]

  • With the OpenSSL1.1.0, certificates signed with MD5 are no longer supported. Please replace such certificates with SHA1/SHA256 signed certificates before upgrading to 10.0.x. If an upgrade is done without replacing these certificates, services using them will go down and rollbacks will occur. [BNWF-31980]
  • Attackdef 1.172 is shipped with this firmware. It has changes relevant to the firmware's interoperability with the Barracuda Block Listed IP database. [BNWF-32541]
Fixes and Enhancements in 10.1 Cloud
    • Feature: Customers can now choose to add on subscriptions to Azure PAYG subscriptions. This includes Active DDoS Prevention, Advanced Threat Protection, and Advanced Bot Protection. This can be done by subscribing to a specific Azure listing for these add-ons.  [BNWF-45102]
    • Feature: CloudGen WAF on AWS can now export logs to AWS Cloudwatch [BNWF-33754]
    • Feature: JSON Security can now be configured more easily using the API Discovery Wizard. This includes configuring Brute Force Protection, Application DDoS, and OpenID Connect directly from the wizard. Added support for Open API up to 3.0.3 and Google API Discovery. [BNWF-44845]
    • Enhancement: Configuration checkpoints are now synced in the cluster. [BNWF-31395]
    • Enhancement: CloudGen WAF on AWS will now use IMDSv2 to make API calls to AWS. [BNWF-33262]
    • Enhancement: (AWS) Restoring a configuration backup will automatically change the service IP address to a self-system IP address. [BNWF-33450]
    • Enhancement: Backup restore will now restore the secure administration settings. [BNWF-33563]
    • Enhancement: Support for scheduling the JSON configuration export has been added. [BNWF-33994]
    • Enhancement: - Port 42833 in the default networking configuration for secure Webconsconf access has been added. [BNWF-45459]
    • Enhancement: Let's Encrypt integration has been update to use ACMEv2. [BNWF-45642]
    • Enhancement: The Microsoft Azure Linux Agent (waagent) has been upgraded to 2.2.46. [BNAP-5021]
    • Fix: Binding a custom parameter class to a JSON key profile works now. [BNWF-29886]
    • Fix: (AWS) The Scheduled Backup destination settings, which were not getting synced in an AWS autoscaling cluster, have been fixed. [BNWF-30043]
    • Fix: Fixed the naming convention for the exported JSON configuration file. [BNWF-31079]
    • Fix: The configuration checkpoints are now properly handled during firmware upgrade/revert. [BNWF-31337]
    • Fix: (Azure) An issue where WAF was stuck during the upgrade process has been fixed. [BNWF-32323]
    • Fix: An issue where the logging process was getting stuck during system startup has been fixed. [BNWF-33654]
    • Fix: Notification for the administrator if the system alert email address is not configured has been added. [BNWF-33771]
    • Fix: An issue that was caused while creating IPv6 service on port 8000 has been fixed. [BNWF-33946]
    • Fix: An issue with OpenAPI spec import with large specification files has been fixed. [BNWF-45406]
    • Fix: An issue where certificates/services were not visible for HTTPS only enabled WAF in WCC has been fixed. [BNWF-45411]
    • Fix: (AWS) An issue where the auto scaled instances did not join cluster has been fixed. [BNWF-34149]
    • Fix: Offline upgrade issues on cloud instances are now fixed. [BNWF-34506]
    • Fix: The UI message for patch management module has been fixed. [BNWF-32520]
    • Fix: (Azure) Log rotation for Azure feature specific log files has been added. [BNWF-45455]
    • Fix: The JSON configuration restore for the security policies created by administrator has been fixed. [BNWF-30370]
    • Fix: An issue with OpenAPI import when the specifications had missing server fields has been fixed. [BNWF-45037]
    • Fix: An issue where the JSON configuration exported from 10.0.1 firmware was failing to restore on the 10.1 firmware has been fixed. [BNWF-45639]
    • Fix: The UI display messages for the OpenAPI feature has been fixed. [BNWF-33148]
    • Fix: The issue where log rotation was not working on platform 5 VMs has been fixed now. [BNWF-33195]
    • Fix: (AWS) An issue in bootstrapping when the configuration backup had IPv6 configuration has been fixed. [BNWF-33426]
    • Fix: (Azure) An issue where instances were inaccessible after join cluster in the scenario where Multi NIC was enabled but Multi IP was not configured has been fixed. [BNWF-44962]