Barracuda BNCVFAC400a Secure Access Controller VFAC400


DiscTech Item #: BAR-BNCVFAC400a-BN-1Y

  • Low Stock:Call for ETA
    Stock Levels

    This item is currently (nearly) out of stock. It may be possible to arrange fast shipment. If you need it urgently call us. Otherwise, it usually ships within 1 week.


Interface Types: Ethernet RJ45

Electrical Interface: Ethernet Gigabit - 1Gbps

Barracuda NextGen F-Series for IoT BNCVFAC400a Secure Access Controller VFAC400 - Must buy 1 yr EU - Brand New

Barracuda NextGen F-Series for IoT BNCVFAC400a Secure Access Controller VFAC400 - Must buy 1 Year Energize Updates Subscription - Brand New

Next-generation firewalls for the cloud
In the cloud era, network firewalls need to protect more than just your network. You also need to ensure that the network is always available and has stable access to cloud-hosted applications.

The Barracuda NextGen Firewall F-Series is a family of hardware, virtual and cloud-based solutions that protect and enhance your distributed network infrastructure. They provide advanced security by tightly integrating next-generation firewall technologies, including layer 7 application profiling, intrusion prevention, web filtering, malware and advanced threat protection, spam protection and network access control.

In addition, the F-Series combines a high-performance VPN technology with intelligent traffic management and WAN compression. This can reduce line costs, increase network availability, improve site-to-site connectivity, and ensure uninterrupted access to cloud-hosted applications. Scalable centralized management helps you reduce the overhead of managing and enforcing granular policies across your distributed network.

The cloud-ready F-Series firewalls are ideal for multi-site businesses, managed service providers, and any enterprise with complex, distributed network infrastructures.



Advanced Threat Protection
While traditional solutions typically detect network threats only after they 've invaded the network, Barracuda Advanced Threat Protection (ATP) implements full system emulation that provides comprehensive insight into malware behavior. The files are matched with a cryptographic hash database that is constantly updated. If a file is unknown, it is executed in the sandbox and analyzed, which detects malicious behavior in good time.

Barracuda ATP provides administrators with granular, file-type-based control including automatic quarantine and blacklisting capabilities to provide the highest level of protection for a company's network.

Barracuda Advanced Threat Protection is an optional subscription.

Protection against botnets and spyware
Botnet and Spyware Protection protects against botnet infections by blocking access to malicious websites and servers and detecting potentially infected clients based on DNS sinking technology. DNS sinking blocks clients from accessing malicious domains by monitoring outbound DNS requests that pass through the firewall. DNS requests to malicious domains are redirected, preventing data extraction and victim identification. Once an infected client is detected, it can be automatically isolated. Such alerts can also be generated or reported by the Barracuda Report Creator.

Intrusion Detection and Prevention
The F Series Intrusion Detection and Prevention System (IDS / IPS) significantly enhances network security by providing complete and comprehensive real-time network protection against a wide range of network threats, vulnerabilities, exploits, and threats in operating systems, applications, and databases and ward off network attacks, such as B:

  • SQL injections and arbitrary code execution
  • Access Control Attempts and Privilege Extensions
  • Cross-site scripting and buffer overflows
  • Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
  • Directory traversal, probing and scanning attempts
  • Backdoor attacks, Trojans, rootkits, viruses, worms and spyware

The Barracuda NextGen Firewall F-Series offers advanced attack and threat protection features such as: B:

  • Stream segmentation and protection against packet anomalies
  • TCP split handshake protection
  • IP and RPC defragmentation
  • FTP Evasion protection
  • URL and HTML decoding

The Barracuda NextGen Firewall F-Series is capable of detecting and blocking ingenious bypass attempts and obfuscation techniques used by attackers to circumvent and trick traditional intrusion prevention systems.

The Barracuda Energize Updates Subscription delivers automatic signature updates on a regular or emergency basis to ensure the Barracuda NextGen Firewall F-Series is always up to date. If the firewall is managed centrally, the updates are conveniently distributed via the Barracuda NextGen Control Center.

Denial of Service (DoS) and Distributed Denial of Service (DDoS) protection
In times of ubiquitous botnets, one of the key tasks of perimeter protection is to ensure that the network is always available for legitimate requests and to detect and ward off malicious denial-of-service attacks. With the TCP SYN Flood Protection System, the Barracuda NextGen Firewall effectively acts as a generic TCP proxy that only forwards legitimate TCP traffic to the network.

In addition, the F-Series allows the definition of a rate limit, which is applied to the maximum number of sessions per source address handled by the firewall. Packages that arrive faster than allowed simply fall away. In a massive DDoS attack, attackers can simply aim to saturate the link by transmitting a large number of UDP packets. Barracuda NextGen Firewall F series integrated environment monitoring diagnoses such conditions by monitoring link and target address. Once the response of a remote target address to regular ICMP sampling attempts fails, the system can be configured to enable various routes and uplinks (eg, backup line, ISDN, xDSL).

Malware protection
The malware protection built into the Barracuda NextGen Firewall protects the internal network from malicious content by scanning Web content (HTTP and HTTPs), e-mail (SMTP, POP3) and file transfers (FTP) through two fully integrated anti-virus engines , Malware protection relies on periodic signature updates and advanced heuristics to detect malware or other potentially unwanted programs even before signatures become available. NextGen Firewall malware protection includes viruses, worms, Trojans, malicious Java applets, and programs that exploit known exploits on PDF, image, and office documents, macro viruses, and more, even when using stealth or morphing techniques the obfuscation can be used.

SSL interception
All Barracuda NextGen firewall models can also apply IPS, antivirus, application control, URL filtering, and advanced threat protection to SSL encrypted web traffic by using the Trusted Man-in-the-Middle standard. Use approach. SSL interception can be set to exclude local area networks, users / groups, URL filter categories, or custom domains from SSL inspection.

Stateful Deep Packet Inspection Firewall
At the heart of every Barracuda NextGen firewall is a high performance Deep Packet Inspection Engine that examines both the header and the data portion of each passing packet. Bad packets are ignored and protect the infrastructure behind Barracuda deployment from network-level attacks. Protocol-compliant packets are then checked for compliance with the defined firewall rules.

Single-pass architecture
As soon as a data packet is opened for checking by the firewall, all other security monitoring mechanisms, such as IPS / IDS, anti-virus programs are also applied to the packet or data stream of successive packets. The security check is done in single-pass mode without the need for a separate proxy.

Connectivity & SD-WAN

Adaptive Bandwidth Protection
When Dynamic Bandwidth & Latency Detection indicates that the measured bandwidth of an uplink is insufficient to maintain the minimum business-critical traffic required (eg, VoIP), the F-Series automatically shifts sessions for non-business critical traffic to secondary connections to provide bandwidth for release critical traffic.

Adaptive Session Balancing
The Barracuda NextGen Firewall F-Series uses dynamic bandwidth and latency detection to automatically balance existing sessions within logical VPN tunnels across all available uplinks. This real-time balancing optimizes network efficiency and bandwidth utilization at any time.

Application-Based Routing
A unique combination of Next-Generation Security and adaptive WAN routing technology, the Barracuda NextGen Firewall F-Series dynamically allocates available bandwidth, uplink, and routing information based not only on protocol, user, location, and content information but also to applications, application categories and also web content categories. This frees up expensive, high-availability lines for business and mission-critical applications, significantly reducing latency and freeing up additional bandwidth.

For a complete list of applications and subapplications covered by Application-Based Routing, see the Online Application Explorer .

Secure SD-WAN
Barracuda NextGen firewalls combine comprehensive, advanced security features with product features to support software-defined wide-area networks. SD-WAN features allow NextGen firewalls to create secure connections over multiple WAN links as well as multiple network operators without the high management overheads that are typical of them. Optimized load balancing allows you to simultaneously use multiple WAN connections and distribute encrypted VPN tunnels across multiple WAN connections. Integrated compression, caching, and WAN optimization technologies significantly increase available bandwidth. These features reduce the need for expensive leased lines (MPLS),

Dynamic bandwidth and latency detection
For the best user experience on the Wide Area Network, all Barracuda NextGen Firewall F-Series models proactively measure available bandwidth and latency between VPN endpoints. The results are directly available to the firewall policy engine to select the most appropriate uplink per application or to disqualify an uplink if the bandwidth or latency is outside the acceptable limits.

Traffic Duplication
The Barracuda NextGen Firewall copies and sends packets simultaneously through the selected Primary and Secondary VPN connections. Both packet streams are reassembled at the other end of the logical VPN tunnel. This significantly reduces packet loss for applications such as VoIP or video streaming. It also provides instant failover - without dropped packets - in the event that a VPN transport of a logical VPN tunnel fails.

Performance-Based Transport Selection
For the best user experience across the WAN, all models in the Barracuda NextGen Firewall F-Series are able to detect real-time bandwidth availability and latency between VPN endpoints. The firewall policy engine is able to dynamically select the most appropriate uplink for each application or disable an uplink if bandwidth or latency are outside defined limits. If the measured bandwidth of an uplink is insufficient to sustain business-critical traffic (eg, VoIP), the NextGen Firewall automatically shifts non-critical traffic sessions to secondary connections to release high-quality bandwidth for critical traffic.

Due to the limitations associated with standard IPsec connections, Barracuda Networks has created several powerful enhancements to standard IPsec tunnel management. This core of the Barracuda NextGen Firewall VPN engine is called TINA (Transport Independent Network Architecture). The TINA protocol allows the use of TCP, UDP and ESP for high-speed connections, which significantly improves VPN connectivity:

  • Endpoint-to-endpoint (not network-to-network) connectivity
  • NAT-friendly
  • Multiple physical transport paths for a logical tunnel
  • Several tunnels between two locations
  • HTTPS and SOCKS4 / 5 proxy compatibility
  • Support dynamic addresses
  • Tunnel heartbeat monitoring

Site-to-site connectivity
Create highly reliable and secure site-to-site connections between Barracuda NextGen firewalls (platform-independent). Site-to-site connectivity also includes public cloud offerings such as Amazon Web Services and Microsoft Azure. But it's not just about maintaining static site-to-site VPN tunnels. With a hub-and-spoke VPN setup, you can tune tunnels automatically and on demand between firewalls in the hub-and-spoke setup to prevent the hub from becoming a bottleneck. To set z. B. Secure low latency for VoIP applications. As soon as the connection is no longer needed, the VPN tunnel is automatically closed again. Of course, administrators have full real-time visibility into dynamic mesh VPN setup.

Failover and Link Balancing
For unbeatable, cost-effective connectivity, the Barracuda NextGen Firewall F-Series offers a wide range of built-in uplink options, including unlimited leased lines, up to twelve DHCP uplinks and up to four xDSL uplinks. By eliminating the need for additional devices for link balancing, security-conscious customers have access to a WAN link that never fails, even if one or two of the existing WAN uplinks are disrupted. In addition, Traffic Intelligence mechanisms ensure that the next defined uplink is activated on-the-fly and all traffic is redirected to take full advantage of the remaining lines. In the event that backup lines provide less bandwidth,

Traffic Shaping and Quality of Service
Limited network resources make bandwidth prioritization a necessity. The Barracuda NextGen Firewall F-Series provides powerful Quality of Service (QoS) features that allow administrators to apply quality and service guarantees to selected traffic flows within the WAN. QoS is often used to prioritize network traffic from applications that are critical and should not be impacted by network traffic from other applications. The F-Series offers a variety of QoS techniques, such as: These include traffic shaping, traffic prioritization, and bandwidth partitioning, which assign bandwidth limits to specific traffic types. To select the traffic for different priority classes, it can be determined from the available real-time traffic analysis,

WAN compression and caching
The Barracuda NextGen Firewall F-Series can dramatically improve WAN performance of distributed network environments by improving the availability, performance, and response time of mission-critical applications, reducing throughput and transmission times, and impacting time-critical decisions and company profitability. The next generation network concept of the F-Series offers a number of powerful features to efficiently reduce and offset the negative effects of high latencies and response times.

By implementing enterprise-class WAN acceleration features such as data deduplication, traffic compression, and enterprise-class protocol optimization, F-Series firewalls can significantly improve WAN traffic between sites and increase productivity by accelerating the delivery of business applications-without additional costs. WAN traffic can effectively be compressed up to 95 percent, significantly reducing bandwidth at remote sites while increasing network responsiveness.

IoT & Machine-to-Machine connectivity
In the Internet of Things era, more and more businesses need to securely and economically connect a large number of remote devices such as ATMs, pay machines, kiosks, wind turbines, networked industrial machines, or even very small offices. Managing and securing network traffic between these remote machines is often a logistical nightmare that involves many different firewalls, VPN software, and routing steps.

Barracuda NextGen firewalls are available as ultra-small appliances, the Secure Connector Appliance (FSC1), which reliably connects each remote device with multiple uplinks and even automated failover in the event of an uplink failure.

The FSC1 features zone-based firewalls, Wi-Fi, and powerful VPN connectivity for the connected device. Network traffic is then relocated to a NextGen Firewall Machine Access Security Broker (MASB), which runs in a central office or in the cloud to perform inspections and other resource-intensive security tasks such as URL filtering, intrusion prevention (IPS), antivirus, and application discovery.

Intelligent Network Perimeters

Application Control
The Barracuda NextGen Firewall F-Series combines Deep Packet Inspection (DPI) and Behavioral Analysis to reliably detect and classify thousands of applications and variants, regardless of advanced concealment, port-hopping or encryption techniques. This allows you to create dynamic policies and make it easy to set up and enforce user and group access and usage policies by application, application category, location, and time of day. Administrators can now:

  • Block unwanted applications for specific users or groups
  • Control and throttle acceptable traffic
  • Ensure bandwidth and availability of business-critical applications, helping to ensure business continuity
  • Allow or block certain subfunctions of applications (eg Facebook Chat, YouTube Postings or MSN file transfers)
  • Intercept SSL-encrypted traffic

The Barracuda NextGen Firewall F-Series offers advanced application-based routing and Quality of Service (QoS) capabilities. In addition to security, they provide additional value for the company by significantly improving the quality and availability of the network and reducing the direct connection costs thanks to the bandwidth saved.

The F-Series has extensive reporting and drill-down capabilities that display real-time and historical traffic in the enterprise network, providing a foundation for deciding which connections should be prioritized with bandwidth QoS optimization of business critical applications is crucial. It also allows customization and refinement of enterprise application usage policies.

The current list of applications and subapplications available in Application Control can be found in the Online Application Explorer .

Deep Application Context
The deep application context analysis enables a deeper assessment of the data stream of an application through continuous evaluation of the actual intention of the application and the respective users. Administrators gain detailed insight into the purposes for which a particular application was used or whether a user attempted to circumvent the company's usage policy for applications.

File Content Enforcement
The Barracuda NextGen Firewall F-Series includes file-type detection and enforcement features based not only on extension and MIME types, but also on sophisticated true file-type detection algorithms. The passing through of executable files by renaming or compressing is detected and blocked. The NextGen Firewall F-Series not only allows administrators to block or allow connections, but also to change download priorities. If z. For example, if a normal-priority ISO image was downloaded for web traffic, the admin can increase or decrease the allocated bandwidth even though the user started the download through a normal web browsing session.

Customizable application definitions
In addition to the thousands of applications inherent in Application Control, the Barracuda NextGen Firewall F Series makes it easy to create custom, custom application definitions.

A complete list of all applications and variants contained in the Application Control can be found in the Online Application Explorer .

Transparent user identity
Different network users may need different rules for bandwidth usage. In most cases, access to specific network resources is restricted to specific users or user groups. Preferentially allocating more bandwidth to particular users or user groups and limiting available bandwidth for others is a common requirement. However, the system must know to which user an IP actually belongs.

The Barracuda NextGen Firewall F-Series recognizes the user by connecting a user to one or more IP addresses. All identity role assignments our health agents have submitted to the firewall can be used within the firewall to provide role-based access control (RBAC). The F-Series firewalls help authenticate users and enforce user-sensitive firewall rules, Web Security Gateway settings, and Application Control 2.0 using Active Directory, NTLM, MS CHAP, RADIUS, RSA SecurID, LDAP / LDAPS, TACACS + and authentication using x.509 certificates.

Web Filtering
The NextGen Firewall F Web Security Gateway Option provides a real-time, detailed view of each user's and application's online activity, allowing administrators to create and enforce effective Internet content and access policies. It protects users' productivity, blocks malware downloads and other web-based threats, and enables compliance by blocking access to unwanted websites and servers.

Remote access

BYOD (Bring Your Own Device)
The advent of private computing devices, from smartphones to laptops and tablets in the workplace can increase productivity, flexibility and convenience. BYOD, however, adds new security challenges and risks, such as: These include enabling and controlling access and preventing data loss.

The Barracuda NextGen Firewall F-Series offers powerful features that give the user the full benefit of their devices while reducing potential risks to the business. Unwanted applications can be blocked, LAN segmentation can protect sensitive data, and Network Access Control can check the health of any device connected to the corporate network.

Secure remote access
The Barracuda NextGen Firewall F-Series includes advanced site-to-site and client-to-site VPN capabilities that use both SSL and IPsec protocols to ensure that remote users have easy and secure access to network resources can, without complex client configuration and management. Each Barracuda NextGen Firewall F supports an unlimited number of VPN clients at no extra cost.

The Barracuda VPN Client also provides the ability to enforce Windows Security Center settings on client computers running Windows. This allows administrators to centrally enforce the use of Windows security settings on PCs. Enforced policies may include activation of the Microsoft Network Firewall, Windows Updates, Windows Virus Protection, Windows Spyware Protection, and Internet Security Settings.

Barracuda VPN clients are available for Microsoft Windows, macOS and various Linux systems.

Network Access Control
The NextGen Barracuda NextGen Firewall F-Series Optional Remote Access Subscription Subscription offers a customizable and easy-to-use SSL VPN-based portal and sophisticated Network Access Control (NAC) functionality.

The Barracuda Network Access Client, in conjunction with the NextGen Firewall F-Series, provides a centrally managed Network Access Control (NAC) and personal firewall. This allows minimum security requirements to be enforced for Windows clients before allowing access to the network or to a quarantine network. The prerequisites may be set based on available Windows patch level, availability of antivirus and / or anti-spyware programs, and user ID. Access restrictions are enforced locally on the client through the centrally managed Personal Windows Firewall as well as the gateway. Barracuda Networks' existing Barracuda NextGen F-Series Firewall Appliances provide a turnkey network access control framework without expensive investments in basic network infrastructure. All Barracuda Network Access Clients and all Barracuda NextGen Firewall F-Series models that act as policy servers can be managed, monitored, and audited from a single control center.

Mobile portal
Get easy access to your organization's applications over SSL VPN connections. The Barracuda Mobile Portal allows you to set up shortcuts on the home screen of devices like smartphones or tablets. When accessing the portal via the web browser from a mobile device, users can browse apps, network folders, and files as if they were connected to the office network.

The Mobile Portal supports most common devices, eg. Apple iOS, Android and Blackberry devices.

The Barracuda Mobile Portal is an optional feature included in the optional Advanced Remote Access Subscription.


CudaLaunch is an application for Windows, macOS, iOS and Android devices that gives mobile workers secure remote access to private cloud applications and other sensitive information about their business through the Barracuda NextGen Firewall F-Series. CudaLaunch offers several advantages over traditional browser-based SSL VPN remote access. As an app, it provides a familiar App Store setup and installation environment for end users.

Unlike browser-based remote access, CudaLaunch offers a more responsive look and feel that is unified across mobile platforms and avoids the peculiarities of mobile browsers. Once an end user launches the app, a launchpad provides quick and easy access to internal applications, favorites, and TINA VPN connections. This more powerful VPN connection supports mobile applications that reconnect to the corporate network (for example, remote desktop applications).

Fully self-configuring, CudaLaunch provides easy centralized management for large deployments and integrates with the powerful F-Series security features. For IT administrators, the F-Series provides a single point of management for security policies for all types of remote access (CudaLaunch, SSL VPN, Barracuda Network Access Client, and standard IPsec). The consistency of the interface is consistent across all platforms and remote access types, increasing usability and significantly reducing support costs. Self-configuring and managing VPN connections eliminates the need to manually configure IPsec connections on Windows, macOS, iOS, and Android.

Central Management

100% scalable
Barracuda NextGen Control Centers provide 100% centralized management of all NextGen firewall features, whether it's configuration for security, content, traffic management, networking, access policies, or software updates.

The Barracuda NextGen Control Center helps reduce the cost of security and lifecycle management while providing advanced troubleshooting and connectivity capabilities, both centrally and locally at the managed gateway.

The Barracuda NextGen Control Center helps reduce the cost associated with security & lifecycle management while providing enhanced troubleshooting and connectivity functionality, both centrally and locally, at the managed gateway.

IP-less networking
Barracuda NextGen firewalls can automatically translate IP addresses and network addresses into a human-readable format. For example, "EMEA: UK: OXFORD: MARKETING: PRINTER" clearly shows the location and device at a glance.

Object-based management
Barracuda NextGen Control Center allows you to create reusable objects for every conceivable configuration entry: IP address, networks, scopes, DNS names, content security policies, network security policies, and more. These objects can be created once and reused in configurations. If z. For example, if an Internal_Network_Branchame object exists as a network object, it can be referenced in the network settings, firewall rules, and VPN settings. If the object is to be changed, it only has to be changed once, preferably on the Control Center. The changes are then automatically applied to any point where the object is referenced. This provides a faster, easier, and more convenient way to change configurations.

When you configure multiple NextGen firewalls on the WAN, there are always components that share the firewalls, such as: For example, domain names, DNS servers, NTP servers, application security settings, URL filter configurations, and so on. The Barracuda NextGen Control Center collects all of this information in a repository (global configuration node) connected to multiple Barracuda NextGen firewalls. Using repositories in the NextGen Control Center, an administrator can update thousands of firewalls in the repository with just a single change. Repositories also offer the flexibility to override certain settings on specific firewalls. If z. For example, if a site uses a different DNS server than the others,

Centralized software updates
The Barracuda NextGen Control Center provides centralized software updates for all centrally administered NextGen firewalls. Updates can be scheduled for a period of time and even for certain NextGen firewalls. If a software update is unsuccessful, it will be automatically reset and reported.

Multi-Administrator Login
As with the NextGen Firewall F-Series, the Barracuda NextGen Control Center allows simultaneous login of multiple administrators in "write mode". This is useful in MSSP and multi-admin environments where there is a greater likelihood of administrators teams managing systems. Once a change needs to be made, only the dedicated configuration node needs to be disabled for the change by the administrator who actually makes the change. All other settings outside this locked configuration node are still viewable and modifiable by other administrators who are logged on to the system.

Role-based administration
The Barracuda NextGen Control Center offers many benefits in role-based administration. Administrators can be assigned specific roles, such as: For example: - MSSP Admin - Customer Admin - Log Viewer - Auditor - Content Filter Admin. In addition, custom roles with special privileges can also be created. For example, you can define services to delegate specific tasks to a dedicated team or end user. If a team or an end-user wants to change the firewall rules, a specific administration role can be created for customers who may only change that part of the configuration. The admin can then see all other configurations, but may not change anything else.

Client capability
Barracuda's NextGen Firewall Control Center units C610 / VC610 and higher provide a special multi-tenant management experience, allowing an MSSP to manage multiple customers on the same Barracuda NextGen Control Center. For example, administrators of customer 1 do not see customer 2 and vice versa. There is no limit to how many customers can be managed with a Barracuda NextGen Control Center.

Status Map
The standard screen of a Barracuda NextGen Control Center displays a status overview of all centrally managed Barracuda NextGen firewalls. The status is visualized via a traffic light concept (red, yellow, green) and is available for individual units, clusters and entire client installations (so-called "ranges"). The "worst" status always wins, so that the administrator can view the overall status centrally and receive further information from the system with just a few mouse clicks.

Distributed Firewall
The NextGen Control Center lets you create a global firewall rule set that installs on all firewalls associated with the Control Center. In addition, local and special rule sets can be defined on individual firewalls. For example, the MSSP may have a Network Operation Center (NOC) to monitor all services provided to a customer. In this environment, there are global firewall rules that allow for any kind of connection monitoring and local firewall rules that are specific to a customer. Depending on the customer, the MSSP can determine whether global or local rules take precedence. This provides additional configuration granularity because each customer has specific rules that allow traffic to pass through the firewall. With this feature, the MSSP can be sure that there is reliable monitoring and reliable log flow. This is necessary to prove a service level agreement.

Multi-revision management
The security landscape is constantly changing. As a result, Barracuda Networks is constantly introducing new, exciting features and enhanced security features for all NextGen firewalls and releasing them with the Energize Updates subscription. But if you manage tens or even thousands of devices on a company's WAN network, some devices, networks, or even branch offices will inevitably have older firmware versions than certain devices that require the latest technology. Fortunately, the Barracuda NextGen Control Center is backwards compatible with older firmware versions that have been in use for at least three years.

Revision Control System (RCS)
Both the Barracuda NextGen Control Center and all Barracuda NextGen Firewall F-Series devices can log all administrator actions and selectively reset changes as needed. If a rollback is required, the administrator has the option to undo all or only specific changes (eg firewall rules) while leaving the network settings unchanged.

Drag & Drop VPN GTI Editor
The Barracuda NextGen Control Center's VPN Graphical Tunnel Interface (GTI) provides a graphical user interface for creating and managing VPN tunnels. When manually configuring VPN tunnels, there are many identical configuration steps and settings. Because the GTI editor eliminates many of these redundant steps, you can configure VPN tunnels faster and with less errors.

Pool Licensing
For a pooled license, the Barracuda NextGen Firewall license is tied to the NextGen Control Center, not the serial number and hardware combination. In the case of a hardware failure, for example, a new appliance can be used without renewed licensing. This is ideal for Managed Security Services providers as they can optimize license usage.

Further information is summarized in the Barracuda Pool Licensing with Barracuda NextGen Firewall F white paper .

Zero-Touch Deployment (ZTD)
Zero-Touch Deployment allows you to deliver and commission appliances directly from the factory to the desired remote location without the need for trained on-site IT staff. Simply plug in and turn on the device - it will automatically select the appropriate uplink to the Internet and retrieve the appropriate configuration in the NextGen Control Center. With no manual on-site configuration required, you can roll out NextGen firewalls in widely distributed organizations at a very low cost.

NextGen F-Series for IoT - Secure Access Controller
Model Part#BNCVFAC400a
Number of IPsunlimited
Number of CPU Cores Allowed2
Max. VPN Connections500
Application ControlYes
Dynamic RoutingYes
SSL InterceptionYes
Web FilterYes
Malware ProtectionOptional
Advanced Threat DetectionOptional

Click here to view the manufacturer's item description/brochure

ROHS Compliant

Weight: 30 lb

Warranty: 1 Year Manufacturer

Brand New

Condition Levels Explained

The product is brand new.

1 Year Manufacturer Warranty

Product Warranties Explained

The product has a manufacturer warranty for the time period specified.