In Barracuda XDR, Security Orchestration, Automation, and Response (SOAR) is automated threat remediation for alerts reported by Barracuda CloudGen Firewall. Automated threat remediation saves time and money and frees human efforts to focus on other tasks.
The following is the SOAR process:
An event occurs that triggers an alarm in Barracuda XDR.
The alert is sent to the Barracuda XDR SOAR platform.
The SOAR platform determines whether the alert is malicious.
If the alert is identified as malicious, the IP Address is automatically added to the Barracuda CloudGen Firewall Block list.
The alert is closed.
If the alert is not identified as malicious, the IP Address is not blocked and the alert is closed.
To set up SOAR, do one of the following: