Barracuda Networks VERSION SP4 manual Border Patrol, Analyse Enforce Monitor

Furthermore the update service provides the information necessary to diagnose the up-to-dateness of the client's signature databases and engine versions..

As a prerequisite, either the Access Control Service (standalone Barracuda NG Firewall) or the CC (for managed Barracuda NG Firewalls) must have access to the internet.

1.5Endpoint Security Policy Introduction Practices (Analyse, Enforce, Monitor)

For implementing firewalls at formerly unrestricted network transitions like LAN-segments or endpoint firewalls for LAN endpoints, a smooth implementation tactics is widely used.

A widely used but not recommended way is to start with a pass all policy, analysing traffic instead of controlling it, and then introducing rules step-by-step reducing traffic using the pass-all policy, and at last replacing pass-all by block-all. This might be called the AEM-model:

1.) Analyse

2.) Enforce

3.) Monitor

When implementing a firewall at a clear network perimeter like an internal-internet transition it is not advisable to use this model. The rule set should be built according to SAEM:

1.) Strictly Enforce

2.) Analyse

3.) Enforce

4.) Monitor

While from a strict security point of view this is also recommended for formerly unrestricted network transitions, many administrators nevertheless use AEM for practical reasons. If, however, you have the chance to already know what should happen at the network point of concern, use as much of this know-how as possible and do not start with pass-all only. And if you use AEM, do not finish with a pass-all rule.

Keep in mind that your rule sets should always mirror your overall abstract security policy for the network point of concern. Using AEM or SAEM is not a matter of technical possibilities but of weighing risk and effort.

1.6The Border Patrol

Clients often need to access remote trust zones for which restricted access rights and stronger security measures apply. Consequently, the means to assess the suitability of crossing clients to access target trust zones needs to be available. The building block responsible for evaluating trust zone transitions is called border patrol. In short, the border patrol validates the credentials of crossing clients, including authentication and health status data, so that the applicable security measures are correctly met.

15 Barracuda NG Network Access Client - Administrator’s Guide