Barracuda Email Security Gateway for Amazon Web Service
Defend your AWS deployment against email-borne threats.
Our Price: $3,990.00
Get comprehensive email gateway security in your Amazon Web Services infrastructure, along with advanced capabilities that help you ensure business continuity and prevent data loss.
Barracuda Email Security Gateway for AWS gives you industry-leading protection against spam, viruses, and advanced malware—including zero-day ransomware and other threats when Advanced Threat Protection is enabled. Outbound filtering prevents data loss, and 96-hour email spooling in the Barracuda Cloud ensures continuity in case of email server downtime.
Email Security Gateway for AWS is available directly in the AWS Marketplace, or on a bring-your-own-license (BYOL) basis.
Comprehensive Protection for the Long Term
Barracuda Email Security Gateway for AWS includes spam and virus blocking, data protection, email continuity, DoS prevention, encryption, and policy management—combined to deliver a complete solution. As new requirements emerge, it is automatically updated with new capabilities to ensure continuous protection.
Unmatched Ease of Use
Barracuda Email Security Gateway for AWS provides multi-layer security, email continuity, and data leakage prevention. Advanced Threat Protection1 combines behavioral, heuristic, and sandboxing technologies to protect against zero-hour, targeted attacks and ransomware.
Complete Email Threat Protection
Fast, easy set-up and simple, intuitive management keep time and resource needs low. The integration of the Barracuda Cloud Protection Layer2 makes it easy to scale capacity as your business grows.
Comprehensive Protection from Email-borne Threats
The Barracuda Email Security Gateway is an email security gateway that manages and filters all inbound and outbound email traffic to protect organizations from email-borne threats and data leaks. As a complete email management solution, the Barracuda Email Security Gateway lets organizations encrypt messages and leverage the cloud to spool email if mail servers become unavailable.
Stop threats before they hit the network
Offload CPU-intensive tasks like antivirus and DDoS filtering to the cloud reduces the processing load on the appliance and to ensure that threats never reach the network perimeter. The Barracuda Email Security Gateway is integrated with a cloud-based service that pre-filters email before delivery to the onsite Barracuda Email Security Gateway, which performs further inbound security checks and outbound filtering
Ensure continuous email availability
Email is a critical vehicle in today’s business world, therefore a failure of the email server can significantly limit business operations. With the Cloud Protection Layer, bundled free of charge with the Barracuda Email Security Gateway, email is spooled for up to 96 hours, with an option to re-direct traffic to a secondary server.
Protect sensitive data
Leverage powerful encryption technology to ensure that sensitive data cannot be viewed by outside parties. Outbound filtering and quarantine capabilities certify that every outbound email complies with corporate DLP policies.
Simplify Email Security
Simple and easy to deploy configurations on the Barracuda Email Security Gateway guarantee that customized email protection is in place in a matter of minutes. Cloud-based centralized management enhances day-to-day workflow and is included with no additional fees.
Comprehensive application security
OWASP Top-10 Attacks
XML and JSON protection
Application layer DDoS
Advanced Bot Protection
Data loss prevention
Credit card numbers (PII)
Social Security Number (PII)
Custom policies (IP)
Inbound Email Security
- Advanced Threat Protection
Barracuda's Advanced Threat Protection (ATP) combines behavioral, heuristic, and sandboxing technologies to protect against zero hour and targeted attacks. ATP automatically scans email attachments in real-time; suspicious attachments are detonated in a sandbox environment to observe behavior. In addition to blocking the attachment, the results are integrated into the Barracuda Real Time Intelligence System providing protection for all other customers.
- Spam Protection
With a long-standing heritage in spam protection, Barracuda Networks remains the leader in identifying and blocking spam. A comprehensive set of security layers ensures that organizations remain productive in the face of evolving threats.
The Barracuda Email Security Gateway leverages Barracuda Central to identify email from known spammers and determine whether domains embedded in email lead to known spam or malware domains. Its industry-leading techniques protect against attempts to embed text inside images with the intent of hiding content from traditional spam filters.
- Virus Protection
As virus attacks become more sophisticated, email infrastructures require advanced virus protection. The potential for the destruction and release of information, or the disruption of a network, severely impacts productivity and can lead to financial loss.
The Barracuda Email Security Gateway scans email and incoming files by using three powerful layers of virus scanning technology. It also decompresses archives for complete protection. Powerful virus definitions are automatically updated via Energize Updates to maintain the latest protection against email-borne viruses.
To provide protection from tainted internal email, a Microsoft Exchange Plug-In safeguards organizations against the spread of viruses that don’t access the email gateway. The virus definitions are also regularly updated to ensure the most current protection.
- Denial of Service (DoS) Attack Protection
Not every attack is focused on viruses, getting users to send their credit card number, or clicking on a malicious link. Often, the objective of the attack is focused on compromising or completely disabling a network. As a device that sits in front of an email server, the Barracuda Email Security Gateway is positioned to stop spammers before they overload an email server.
- Email Spooling
The Barracuda Email Security Gateway ensures that email can still be delivered even during email server failures or loss of connectivity. In the event of on-premises disruptions, email can be spooled in the Cloud Protection Layer (CPL) for up to 96 hours. An alternate destination can also be specified if delivery to the primary destination fails.
During email server outages, the email for all mail servers is visible through the Cloud Protection Layer. From the message log, administrators can see the status of all spooled emails and whether email has been re-delivered
- Spam and Virus Pre-Filtering
The Barracuda Email Security Gateway is integrated with a cloud-based service that pre-filters email before delivery to the onsite Barracuda Email Security Gateway. The Cloud Protection Layer is continuously updated with definitions in real time from Barracuda Central. In addition, Barracuda’s global cloud infrastructure provides the flexibility to handle email surges during specific periods of the day and during Denial of Service attacks.
The Cloud Protection Layer ensures that an organization’s email security infrastructure scales with the increasing growth in email volume, attachment sizes, and the organization as a whole. By leveraging the bandwidth and computing power of the CPL, organizations can easily scale their email security solution.
Outbound Email Security
The Barracuda Email Security Gateway offers a number of encryption features. It is fully integrated with a cloud-based email encryption service for outbound email. Email that matches policy or is marked for encryption via the Barracuda Outlook Add-in is sent securely via TLS to the Barracuda Message Center.
The Barracuda Message Center uses AES with 256-bit keys to encrypt email. To encrypt email traffic between sites over the Internet, the Barracuda Email Security Gateway Message Transport Agent supports SMTP over TLS. This can be used between Barracuda Email Security Gateways or other email servers that support SMTP over TLS.
- Outbound Filtering
Outbound filtering prevents organizations from being put on spam block lists and prevents sensitive email data from leaving the organization. Employees can inadvertently cause internal systems to become a source for botnet spam. By using a subset of its defense layers, the Barracuda Email Security Gateway’s outbound filtering stops outbound spam and viruses. It also lets administrators enforce content polices for data loss prevention (DLP) and meet other content standards in outgoing email. Predefined filters and custom policies can be used to detect sensitive data and block or encrypt email.
Simplified Email Management
- Cloud-Based Central Management
The Barracuda Email Security Gateway is integrated with the Barracuda Cloud Control (BCC) web-based management portal. Leveraging Barracuda’s global cloud infrastructure, organizations can centrally manage all their devices through a “single pane of glass” interface. Administrators have a global view of all their devices or services and can centrally manage policies and configuration. The simple interface makes it easy for small and medium-sized organizations to implement and manage the service with minimal IT overhead.
- Barracuda Central
All Barracuda products are supported by Barracuda Central, a 24/7 advanced security operations center that works continuously to monitor and block the latest Internet threats. Barracuda Central collects and analyzes data from more than 200,000 collection points worldwide in order to develop defenses, rules, and signatures. Barracuda Central responds to outbreaks as they emerge and delivers the latest definitions via Barracuda Energize Updates. These updates require zero administration and ensure that the Barracuda Email Security Gateway provides comprehensive and accurate protection against the latest Internet threats.
|Model Comparison||Level 3||Level 4||Level 6|
|License Type||BYOL Marketplace||BYOL Marketplace||BYOL Marketplace|
|Compatible with all Email Servers|
|Hardened and Secure OS|
|Outbound Email Filtering|
|Cloud Protection Layer|
|MS Exchange/LDAP Accelerator|
|Per User Settings and Quarantine|
|Delegated Help Desk Role|
|Clustering & Remote Clustering|
|Per User Score Settings|
|Delegated Domain Administration|
|Per Domain Settings|
|Advanced Threat Protection||Optional||Optional||Optional|
|Model Comparison||Level 3||Level 4||Level 6|
|AWS container size||M3.medium/T2.medium||M3.large/M4.large/C4.large/T2.large||M3.xlarge/M4.xlarge/C4.xlarge|
|Active email users||3,000-10,000||8,000-22,000||15,000-30,000|
|Advanced Threat Protection1|
|Outbound email filtering|
|Cloud Protection Layer2|
|MS Exchange/LDAP Accelerator|
|Per-user settings and quarantine|
|Delegated help desk roles|
|Clustering and remote clustering|
|Per domain settings|
|Per-user score settings|
|Delegated domain administration|
1Advanced Threat Protection (ATP) is available as an add-on subscription.
2Available with ATP only.
- Spam and virus filtering
- Prevents spoofing
- Denial of Service (DoS/DDoS) protection
- Directory harvest protection
- Outbound email filtering
DLP and Reputation Loss
- Maintain compliance
- Prevents reputation loss and block-listing
- Pre-defined filters (e.g., HIPAA, credit card, and U.S. Social Security Numbers)
Advanced Policy Control
- IP and content-based filtering
- Bulk email categorization
- Content encryption
- Sender/recipient filtering
- RBL and DNSBL support
- Keyword blocking
- Character-set blocking
- Reverse DNS blocking
- URL pattern and category blocking
- TLS encryption policy
- Secondary authentication
- SPF and DomainKeys
- Invalid bounce suppression
- Rate control
- IP reputation analysis
- Fingerprint and image analysis
- Rules-based scoring algorithms
- Triple-layer virus blocking
- Integrated Exchange AV Agent
- Decompression of archives
- File type blocking
- Barracuda Antivirus Supercomputing Grid
- Advanced Threat Detection* to protect against ransomware, zero hour and targeted attacks.
- Web-based interface
- User account administration
- Reports, graphs, and statistics
- LDAP interface
- Multiple domain support
- Secure remote administration
- Delegated domain administration
- Delegated help desk role
- Email spooling
- Configure backup to cloud
- User-based filtering
- Individual spam scoring
- Personal allow and block lists
- End-user quarantine and digest emails
- Bayesian analysis
Download the Barracuda Email Security Gateway AWS Datasheet (.PDF)
Barracuda Email Security Gateway FAQ:
The Barracuda Email Security Gateway, an integrated physical appliance and software solution, uses a multilayered approach to provide the most comprehensive email protection available against spam, viruses, spoofing, phishing and spyware attacks. An added benefit of the Barracuda Email Security Gateway is the optimized processing of each email to maximize performance and capability to filter millions of messages per day.
Behind the industry-leading initiatives of Predictive Sender Profiling and Barracuda Real-Time Protection are 12 explicit defense layers including: Denial of Service and Security Protection, Rate Controls, IP Reputation Analysis, Sender Authentication, Recipient Verification, Virus Protection, Policy (user-specified rules), Fingerprint Analysis, Intent Analysis, Image Analysis, Bayesian Analysis, and a Spam Rules Scoring engine.
Deployed at the network perimeter, all incoming email must pass through all 12 defense layers of the Barracuda Email Security Gateway before any of it can reach the intended recipients. The defense layers are grouped into two main classes: connection management, which involves dropping incoming mail connections before receiving messages, and mail scanning, which analyzes messages upon receipt. During the filtering process, emails are checked for new and familiar spammer attacks, viruses, and customized administrator policy violations. Based on administrator and user preferences, spam can be tagged, quarantined or blocked.
Tagging email benefits organizations by easily identifying messages that meet set criteria. Tagged emails are delivered to the recipient with a customizable label, such as [BULK], that is added to the subject of the message.
Quarantining emails is a safeguard that allows for examination of questionable messages prior to accepting or rejecting; typically, quarantined email does turn out to be spam. An administrator can choose two types of email quarantine: global or per user quarantine.
When configured for global quarantine, the Barracuda Email Security Gateway routes all quarantined email to a mailbox specified by the administrator. When configured for per user quarantine, the Barracuda Email Security Gateway stores the email locally and notifies users periodically of their quarantined email. Users can choose to delete quarantined email, forward it to their own mailboxes or whitelist the sender address to prevent future email from being quarantined. Per user quarantine is available with the Barracuda Email Security Gateway 300, 400, 600, 800 and 900 models.
The Barracuda Email Security Gateway uses a combination of proprietary and open source software. The Barracuda Email Security Gateway operating system is based on a hardened, stable Linux kernel that has undergone strict scrutiny by top security researchers. The robust MTA is capable of handling a high number of SMTP connections and mail delivery volumes. Starting with firmware release 3.5, the Barracuda Email Security Gateway MTA has a built-in journaling function that can be used in conjunction with the Barracuda Message Archiver.
The Microsoft Exchange Accelerator, available on Barracuda Email Security Gateway 300 and higher, uses the Lightweight Directory Access Protocol (LDAP) built into Exchange to verify recipients before delivering messages to the Microsoft Exchange Server.
Barracuda Networks has announced several initiatives against spam:
- Multi-Pass Optical Character Recognition Engine: Image spam generally embeds text within images with the intent of hiding content and bypassing the text rules processing layers of spam filters. & With Barracuda Networks’ industry-leading multi-pass OCR engine, Barracuda Email Security Gateways render the spammers’ tricks to hide text behind color or blurred images ineffective.
- Predictive Sender Profiling: Barracuda Networks’ industry-leading Predictive Sender Profiling probes deeper into sent email and digs into the campaign itself to identify anomalous sender activity, allowing Barracuda Networks to effectively block spam typically unstoppable by traditional reputation analysis.
- Barracuda Real-Time Protection: Barracuda Real-Time Protection uses an advanced set of technologies to immediately block the latest virus, spyware and other malware attacks as they emerge. Leveraging the Barracuda Email Security Gateways large and diverse customer base, Barracuda Networks leads in industry in detecting early trends and responding to email-borne threats.
The Barracuda Email Security Gateway provides comprehensive protection against virus threats through three powerful layers. The first layer consists of a well-respected open source virus scanning engine. The second layer is a proprietary virus engine maintained by Barracuda Central, an advanced 24/7 security operations center that works to continuously monitor and block the latest Internet threats. The third layer is Barracuda Real-Time Protection, a set of advanced technologies that enable Barracuda Email Security Gateways to immediately block the latest virus, spyware and other malware attacks as they emerge without having to wait for a signature to be downloaded onto the Barracuda Email Security Gateway.
Barracuda Central engineers diligently work 24x7 monitoring spam and virus threats around the world. Since response times are crucial with real-time threats, when one is detected the Barracuda Email Security Gateway uses Barracuda Real-Time Protection to mitigate these threats as they emerge without waiting for new updates.
The Barracuda Email Security Gateway is designed as an easy-to-install appliance requiring minimal administrative overhead. Without any tuning, the Barracuda Email Security Gateway offers a 95 percent spam accuracy rate with a 0.01 percent false positive rate. Taking into account the six defense layers automatically tuned by Energize Updates, the Barracuda Email Security Gateway is easily kept up-to-date for ongoing spam accuracy.
With no tuning, the Barracuda Email Security Gateway is set to minimize false positives, typically at 0.01 percent or less – one of the lowest false positive ratings in the industry. As with any solution that allows for user customization, each customer’s false positive return will vary depending on how the administrator tunes the unit (i.e. a stricter spam score setting may result in more false positives).
The Barracuda Energize Updates subscription provides the latest spam and virus definition updates that block new campaigns before they become an outbreak. Barracuda Central engineers constantly update spam and virus definitions and are able to remotely tune six of the 12 defense layers, thereby minimizing administration time. Energize Updates also gives you access to technical support, new firmware releases and the opportunity to participate in the Barracuda Early Release Firmware program.
Most per user policy settings are available in Barracuda Email Security Gateway 300 and higher. Per user policies empower users with the ability to set their own individual scoring policies (available on models 600 or higher), Bayesian database, allow lists and block lists.
Yes. The Barracuda Email Security Gateway filters outbound messages for viruses and basic spam scanning policies. For advanced outbound scanning, Barracuda Networks offers the Barracuda Email Security Gateway-Outbound which includes different workflows for quarantining outbound email traffic for review by policy auditors.
Invalid bounce messages are non-delivery reports to forged email addresses. To block invalid bounce messages, enable the Invalid Bounce Suppression feature and relay all your outgoing email through the Barracuda Email Security Gateway.
Yes, the Barracuda Email Security Gateway offers different ways to block spam from other countries:
- Based on a Reverse DNS lookup, administrators block messages whose top level domain resolves to a country’s hostname
- Based on the declared character set of an email, administrators block messages that contain a specific language set.
- While it is not recommended by Barracuda Networks, administrators create custom policies to filter other patterns in the subject, header or body to block unwanted email from other countries.
A local Barracuda Networks sales representative can evaluate your environment based on the number of active users, email traffic and desired features. As your organization expands, multiple Barracuda Email Security Gateways can be clustered to accommodate your growth.
Spear phishing attacks are highly personalized, and typically very low volume with no malicious attachments or links inside. Because of this, they are very hard to stop with existing email security solutions. As a complement to the Barracuda Email Security Gateway, Barracuda Sentinel is the leading comprehensive AI solution for real-time spear phishing and cyber fraud defense. Delivered as a cloud service, Barracuda Sentinel combines a powerful artificial intelligence engine, domain fraud visibility using DMARC, and anti-fraud training into a comprehensive solution that protects people, businesses, and brands from spear phishing, impersonation attempts, business email compromise (BEC), and cyber fraud.
- Pricing and product availability subject to change without notice.
Our Price: $3,990.00
Our Price: $7,182.00
Our Price: $13,680.00
Our Price: $3,192.00
Get a Quote!
Our Price: $13.68
Get a Quote!
Our Price: $3,990.00
Get a Quote!
Our Price: $7,182.00
Get a Quote!
Our Price: $13,680.00