Aconnect Phone And Internet > Barracuda NextGen Firewall SC1


Product categories


show blocks helper

Barracuda NextGen Firewall SC1


BNGIFSC1a (Barracuda / Firewall)

SKU: BNGIFSC1a Category:


Barracuda NextGen Firewall SC1


Simplifying Machine-to-Machine Connectivity

The S-Series is designed for companies that need to securely and cost-effectively connect large numbers of remote devices like Automated Teller Machines (ATMs), point-of-sale kiosks, wind power stations, networked industrial machines or even very small offices. Managing and protecting network traffic among these remote machines is often a logistical nightmare involving managing many different firewalls, VPN software and routing steps.

Flexible Deployment Options

In order to be able to deploy Barracuda NextGen Firewall S-Series’ even to a wide variety of use cases and remote locations the SC1 appliance comes with a choice of uplinks and even automated failover in case one uplink fails. Besides the typical wired uplinks using DHCP or Static IP, the integrated wireless Access Point functionality can be reversed to access the WAN via existing wireless networks. For even more deployment flexibility the SC1 is even available with an optional 3G modem.

Easy and Affordable Scalability to Thousands of Devices

Instead of having all S-Series appliances establish a VPN connection to the primary Firewall/VPN gateway – and potentially bog down corporate traffic – Barracuda designed the Secure Access Concentrator (SAC). The Secure Access Connector is “stackable” and optimized to handle VPN tunnel termination, routing and offload Application enforcement, intrusion protection (IPS) and Content Security tasks for thousands of remote locations.

Full Next Generation Security Levels

The encrypted connection between the SC1 appliance and the Secure Access Connector (SAC) is established with the Barracuda Networks proprietary enhanced IPsec protocol called TINA, which is more resilient and performant than most competitive VPN solutions – without giving up on any security aspects. Every SAC can maintain an encrypted connection to thousands of remote SC1 appliances, while literally dozens of Secure Access Connectors can be remote controlled by the Barracuda NextGen Control Center. Full next generation protection is available at customer-friendly priced options for unlimited users per Secure Access Connector gateway deployed. Advanced Threat Protection via sandboxing and detonation in the cloud is available.


Next Generation Security – Secure Connector 1 (SC1)

The SC1 is a secure connectivity device providing zone-based firewalling, Wi-Fi, and full VPN connectivity for connecting large number of remote devices or micro offices and centrally backhauling all network traffic.

While the device does not perform advanced functions like application detection, IPS, antivirus, or URL filtering on the box itself this can still be done centrally at the Secure Access Concentrators, larger offices, headquarters, or datacenter where the devices connect to.


Due to the limitations that come with standard IPsec connections, Barracuda Networks has created several powerful extensions to standard IPsec tunnel management. This core of the Barracuda S-Series VPN engine is called TINA (Transport Independent Network Architecture). The TINA protocol allows the use of TCP, UDP, and ESP for high speed VPN connections, which improves the VPN connectivity substantially by adding:

Endpoint-to-Endpoint (not network-to-network) connectivity

NAT friendliness

Multiple physical transport paths for a logical tunnel

HTTPS and SOCKS4/5 proxy compatibility

Dynamic Address Support

Tunnel heartbeat monitoring

Advanced Threat Detection

While traditional solutions usually detect network threats after they have breached the network by sending log notifications to the administrator, the Barracuda Advanced Threat Detection (ATD) implements full system emulation, providing deep visibility into malware behavior. Files are checked against a cryptographic hash database that is constantly updated. In case the file is unknown, it is emulated in a virtual sandbox where malicious behavior can be discovered. The Barracuda ATD offers Administrators granular, file-type-based control including automatic quarantine and blacklisting features to maintain the highest level of protection for an organization’s network.

Intrusion Detection and Protection

The Intrusion Detection and Prevention System (IDS/IPS) of the S-Series strongly enhances network security by providing complete and comprehensive real-time network protection against a broad range of network threats, vulnerabilities, exploits, and exposures in operating systems, applications, and databases preventing network attacks such as:

SQL injections and arbitrary code executions

Access control attempts and privilege escalations

Cross-Site Scripting and buffer overflows

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks

Directory traversal and probing and scanning attempts

Backdoor attacks, Trojans, rootkits, viruses, worms, and spyware

Barracuda NextGen Firewall S-Series Secure Access Concentrators provides advanced attack and threat protection features such as: Stream segmentation and packet anomaly protection, TCP split handshake protection, IP and RPC defragmentation, FTP evasion protection, URL and HTML decoding. As a result, the Barracuda NextGen Firewall S-Series is able to identify and block advanced evasion attempts and obfuscation techniques that are used by attackers to circumvent and trick traditional intrusion prevention systems. As part of the Barracuda Energize Updates subscription, automatic signature updates are delivered on a regular schedule or on an emergency basis to ensure that the Barracuda NextGen Firewall S-Series is constantly up-to-date. If the firewall unit is centrally managed, the updates are conveniently distributed by the Barracuda S-Series Control Center.

Denial of Service (DoS) and Distributed Denial of Service (DDoS) Protection

In today’s world of omnipresent botnets, one of the main tasks of perimeter protection is to ensure ongoing availability of the network for legitimate requests and to detect and repel malicious denial of service attacks. With TCP SYN Flood Protection, the Barracuda NextGen Firewall S-Series effectively functions as a generic TCP proxy, forwarding only legitimate TCP traffic to the inside of the network.

Web Filtering

Configuring and maintaining configurations of security appliances can be a complicated and time-consuming task. To ease administrator’s life’s, the S-Series uses a new template based editor, called SCA Editor. Templates can be created at the various organizational levels supported by the respective NextGen Control Center version (Global, range or cluster level). Once a template is changed all SC1 appliances linked to this template are automatically updated within seconds.




Barracuda networks Inc. designs and delivers security and data protection solutions. It was founded on November 17, 2004. They offer industry leading solutions designed to solve mainstream IT problems while applying efficient and cost worthy solutions. They have a range of market products which span three distinct markets which are content marketing, networking and application delivery, data storage, protection and disaster recovery. Barracuda which is a publicly traded company provides security and storage solutions that simplify IT. Some of the organisations that make use of Barracuda solutions are highly known like Coca-Cola, CitiBank, FedEx, IBM, Delta Dental, Harvard University, L’Oreal, Liberty Tax Service, Mythbusters and Spokane Public Schools among others. What they do is provide firewalls that combine computer network hardware and software to protect enterprises and hunt down network threats.