Barracuda Email Security Gateway for Amazon Web Service
Defend your AWS deployment against email-borne threats.

Comprehensive Protection from Email-borne Threats

The Barracuda Email Security Gateway is an email security gateway that manages and filters all inbound and outbound email traffic to protect organizations from email-borne threats and data leaks. As a complete email management solution, the Barracuda Email Security Gateway lets organizations encrypt messages and leverage the cloud to spool email if mail servers become unavailable.

Stop threats before they hit the network

Offload CPU-intensive tasks like antivirus and DDoS filtering to the cloud reduces the processing load on the appliance and to ensure that threats never reach the network perimeter. The Barracuda Email Security Gateway is integrated with a cloud-based service that pre-filters email before delivery to the onsite Barracuda Email Security Gateway, which performs further inbound security checks and outbound filtering

Ensure continuous email availability

Email is a critical vehicle in today’s business world, therefore a failure of the email server can significantly limit business operations. With the Cloud Protection Layer, bundled free of charge with the Barracuda Email Security Gateway, email is spooled for up to 96 hours, with an option to re-direct traffic to a secondary server.

Protect sensitive data

Leverage powerful encryption technology to ensure that sensitive data cannot be viewed by outside parties. Outbound filtering and quarantine capabilities certify that every outbound email complies with corporate DLP policies.

Simplify Email Security

Simple and easy to deploy configurations on the Barracuda Email Security Gateway guarantee that customized email protection is in place in a matter of minutes. Cloud-based centralized management enhances day-to-day workflow and is included with no additional fees.

• Advanced Threat Protection

  Barracuda's Advanced Threat Protection (ATP) combines behavioral, heuristic, and sandboxing technologies to protect against zero hour and targeted attacks. ATP automatically scans email attachments in real-time; suspicious attachments are detonated in a sandbox environment to observe behavior. In addition to blocking the attachment, the results are integrated into the Barracuda Real Time Intelligence System providing protection for all other customers.

• Spam Protection

  With a long-standing heritage in spam protection, Barracuda Networks remains the leader in identifying and blocking spam. A comprehensive set of security layers ensures that organizations remain productive in the face of evolving threats.

  The Barracuda Email Security Gateway leverages Barracuda Central to identify email from known spammers and determine whether domains embedded in email lead to known spam or malware domains. Its industry-leading techniques protect against attempts to embed text inside images with the intent of hiding content from traditional spam filters.

• Virus Protection

  As virus attacks become more sophisticated, email infrastructures require advanced virus protection. The potential for the destruction and release of information, or the disruption of a network, severely impacts productivity and can lead to financial loss.

  The Barracuda Email Security Gateway scans email and incoming files by using three powerful layers of virus scanning technology. It also decompresses archives for complete protection. Powerful virus definitions are automatically updated via Energize Updates to maintain the latest protection against email-borne viruses.

  To provide protection from tainted internal email, a Microsoft Exchange Plug-In safeguards organizations against the spread of viruses that don’t access the email gateway. The virus definitions are also regularly updated to ensure the most current protection.

• Denial of Service (DoS) Attack Protection

  Not every attack is focused on viruses, getting users to send their credit card number, or clicking on a malicious link. Often, the objective of the attack is focused on compromising or completely disabling a network. As a device that sits in front of an email server, the Barracuda Email Security Gateway is positioned to stop spammers before they overload an email server.

• Email Spooling

  The Barracuda Email Security Gateway ensures that email can still be delivered even during email server failures or loss of connectivity. In the event of on-premises disruptions, email can be spooled in the Cloud Protection Layer (CPL) for up to 96 hours. An alternate destination can also be specified if delivery to the primary destination fails.

  During email server outages, the email for all mail servers is visible through the Cloud Protection Layer. From the message log, administrators can see the status of all spooled emails and whether email has been re-delivered

• Spam and Virus Pre-Filtering

  The Barracuda Email Security Gateway is integrated with a cloud-based service that pre-filters email before delivery to the onsite Barracuda Email Security Gateway. The Cloud Protection Layer is continuously updated with definitions in real time from Barracuda Central. In addition, Barracuda’s global cloud infrastructure provides the flexibility to handle email surges during specific periods of the day and during Denial of Service attacks.

  The Cloud Protection Layer ensures that an organization’s email security infrastructure scales with the increasing growth in email volume, attachment sizes, and the organization as a whole. By leveraging the bandwidth and computing power of the CPL, organizations can easily scale their email security solution.

Outbound Email Security

• Encryption

  The Barracuda Email Security Gateway offers a number of encryption features. It is fully integrated with a cloud-based email encryption service for outbound email. Email that matches policy or is marked for encryption via the Barracuda Outlook Add-in is sent securely via TLS to the Barracuda Message Center.

  The Barracuda Message Center uses AES with 256-bit keys to encrypt email. To encrypt email traffic between sites over the Internet, the Barracuda Email Security Gateway Message Transport Agent supports SMTP over TLS. This can be used between Barracuda Email Security Gateways or other email servers that support SMTP over TLS.

• Outbound Filtering

  Outbound filtering prevents organizations from being put on spam block lists and prevents sensitive email data from leaving the organization. Employees can inadvertently cause internal systems to become a source for botnet spam. By using a subset of its defense layers, the Barracuda Email Security Gateway’s outbound filtering stops outbound spam and viruses. It also lets administrators enforce content polices for data loss prevention (DLP) and meet other content standards in outgoing email. Predefined filters and custom policies can be used to detect sensitive data and block or encrypt email.

Simplified Email Management

• Cloud-Based Central Management

  The Barracuda Email Security Gateway is integrated with the Barracuda Cloud Control (BCC) web-based management portal. Leveraging Barracuda’s global cloud infrastructure, organizations can centrally manage all their devices through a “single pane of glass” interface. Administrators have a global view of all their devices or services and can centrally manage policies and configuration. The simple interface makes it easy for small and medium-sized organizations to implement and manage the service with minimal IT overhead.

• Barracuda Central

  All Barracuda products are supported by Barracuda Central, a 24/7 advanced security operations center that works continuously to monitor and block the latest Internet threats. Barracuda Central collects and analyzes data from more than 200,000 collection points worldwide in order to develop defenses, rules, and signatures. Barracuda Central responds to outbreaks as they emerge and delivers the latest definitions via Barracuda Energize Updates. These updates require zero administration and ensure that the Barracuda Email Security Gateway provides comprehensive and accurate protection against the latest Internet threats.

Technical Specs

Comprehensive Protection

• Spam and virus filtering
• Prevents spoofing
• Denial of Service (DoS/DDoS) protection
• Directory harvest protection
• Outbound email filtering

DLP and Reputation Loss

• Maintain compliance
• Prevents reputation loss and block-listing
• Pre-defined filters (e.g., HIPAA, credit card, and U.S. Social Security Numbers)

Advanced Policy Control

• IP and content-based filtering
• Bulk email categorization
• Content encryption
• Sender/recipient filtering
• RBL and DNSBL support
• Keyword blocking
• Character-set blocking
• Reverse DNS blocking
• URL pattern and category blocking
• TLS encryption policy
• Secondary authentication

Sender Authentication

• SPF and DomainKeys
• Emailreg.org
• Invalid bounce suppression

Spam Filter

• Rate control
• IP reputation analysis
• Fingerprint and image analysis
• Rules-based scoring algorithms

Virus Filter

• Triple-layer virus blocking
• Integrated Exchange AV Agent
• Decompression of archives
• File type blocking
• Barracuda Antivirus Supercomputing Grid
• Advanced Threat Detection^* to protect against ransomware, zero hour and targeted attacks.

Administrators

• Web-based interface
• User account administration
• Reports, graphs, and statistics
• LDAP interface
• Multiple domain support
• Secure remote administration
• Delegated domain administration
• Delegated help desk role
• Email spooling
• Configure backup to cloud

End Users

• User-based filtering
• Individual spam scoring
• Personal allow and block lists
• End-user quarantine and digest emails
• Outlook
• Bayesian analysis