Advanced Remote Access for Barracuda Cloudgen Firewall
Total Page:16
File Type:pdf, Size:1020Kb
SOLUTION BRIEF Advanced Remote Access for Barracuda CloudGen Firewall With today’s mobile and remote workforce, the focus is on employee productivity rather than location. Work is being done anytime and anywhere—at home, in the coffee shop, on a train. Giving workers the freedom to do their work outside the office, without fixed hours, from their BYOD is a growing trend. At the same time the IT department needs to roll out these connectivity options across multiple platforms, prevent unauthorized access, enforce access policies, provide multi-factor authentication and ensure always on availability with fewer resources, but on a global level. The Advanced Remote Access subscription for Barracuda CloudGen Firewall extends the basic VPN connectivity provided with every device to enable all the above—at a fraction of the price point of dedicated solutions - in the most flexible and convenient way, for the end user and the administrator. Every Barracuda CloudGen Firewall supports an unlimited The app is available for Windows, macOS, iOS, and Android number of VPN clients at no extra cost. Barracuda’s Network and is available for download from the respective app stores. Access VPN client provides a sophisticated VPN client for End users can install the app without elevated privileges on the Windows, macOS, and Linux that provides richer performance device. CudaLaunch looks and feels the same on every platform and functionality than standard IPsec client software. and provides fast, Java-independent access to commonly used applications in the company network – regardless if hosted on- Benefits include quick restoration of VPN tunnels, “Always On” premises or in the cloud. CudaLaunch’ zero-touch provisioning VPN connections for PCs, redundant VPN gateway support, and administration features drastically reduce support and selective routing of network traffic through the VPN tunnel, administration costs for rapidly changing mobile and BYOD and optimal VPN-gateway detection based on location. The devices. For ad-hoc access to company resources, the SSL- Barracuda Network Access Client, when used with a Barracuda VPN portal provides simple browser-based remote access on CloudGen Firewall, provides centrally managed Network Access desktop or mobile devices. When accessing the portal via the Control (NAC) and an advanced personal firewall. This enforces web browser on a desktop or mobile device, users can browse client health and security policies for remote users connecting apps, network folders, and files as if they were connected to the to the corporate network. For remote workers and road office network. The SSL-VPN portal supports all commonly used warriors requiring access to company or cloud-based resources desktop and mobile devices. CudaLaunch is the ideal solution. CudaLaunch is a simple-to-use remote connectivity application specifically designed to securely CudaLaunch and SSL-VPN functionality is provided as part of the extend the company network to BYOD and mobile devices. Advanced Remote access subscription. Barracuda Networks • SOLUTION BRIEF • Advanced Remote Access NETWORK AND APP SECURITY Designed for corporate devices Designed for BYOD and mobile Advanced Remote Access VPN client for desktop The Advanced Remote Access subscription is available optionally Power user Remote worker CudaLaunch for Barracuda CloudGen Firewall F18 hardware units and higher Road warrior as well as for virtual and cloud-based deployments. It upgrades FW SSL VPN every CloudGen Firewall to enable CudaLaunch and SSL-VPN. via browser CloudGen Firewall Ad hoc Besides the additional client-side functionality, Advanced Remote Access enables functionality otherwise only available on fully fledged unified remote access or multi-factor authentication solutions but at a fraction of the cost. INCLUDED ADVANCED REMOTE ACCESS GENERAL TINA: High performance dedicated VPN protocol ✓ ✓ Unlimited client-to-site users per device ✓ ✓ Multiple concurrent client-to-site VPN sessions by the same user - ✓ Multi-factor authentication with time-based one-time passwords (TOTP) - ✓ BARRACUDA NETWORKS ACCESS CLIENT SOFTWARE TINA-based VPN client for Windows, macOS, Linux, and openBSD ✓ ✓ Microsoft Access Control Services support ✓ ✓ Personal firewall and health checks 1 - ✓ Two-factor authentication 1 ✓ ✓ TOTP as secondary authentication - ✓ Self-enrollment option for TOTP secondary authentication option - ✓ Radius as secondary authentication option - ✓ RSA SecureID secondary authentication option - ✓ BROWSER-BASED REMOTE ACCESS SSL VPN portal (desktop and mobile) - ✓ Built-in health checks - ✓ Activation of dynamic firewall rules 2 - ✓ Activation of dynamic apps 3 - ✓ Multi-policy authentication 4 - ✓ Multi-factor authentication (unlimited users) 5 - ✓ CUDALAUNCH UNIFIED REMOTE ACCESS APP 6 SSL tunnels - ✓ Native apps - ✓ Built-in health checks - ✓ Fully transparent VPN connectivity (iOS, Android, Windows) - ✓ Activation of dynamic firewall rules 2 - ✓ Activation of dynamic apps 3 - ✓ RDP launcher - ✓ Multi-policy authentication 4 - ✓ Multi-factor authentication (unlimited users) 5 - ✓ 1 For Windows and macOS; requires external handling of additional authentication factors (e.g., Azure Multi-Factor Authentication) 2 Dynamic firewall rules enable, e.g., on-demand temporary access via VPN or access to certain networks. 3 This special type of resource is only available after a SSL-VPN/CudaLaunch user with “superuser” privileges activates these on the fly. This is super helpful, e.g., when access for maintenance purposes of a device (e.g., printer or an IoT device) is required only on-demand. “Superuser” privileges can be assigned in the portal settings. 4 Evaluates which multi-factor authentication the user may use to authenticate with based on the username and user information (group membership, NAC)” 5 Evaluates user name and one or multiple credentials against multiple authentication schemes within an Access Control Policy. Supports TOTP, Radius, RSA Secure ID, and many more. For details, please see the product overview available via https://assets.barracuda.com/assets/docs/dms/Barracuda_CloudGen_Firewall_PO_US.pdf 6 CudaLaunch is a lightweight multi-platform application that provides secure access to an organization’s applications and data from remote locations and a variety of devices. SOLUTION BRIEF • US 1.1 • Copyright 2020 Barracuda Networks, Inc. • 3175 S. Winchester Blvd., Campbell, CA 95008 • 408-342-5400/888-268-4772 (US & Canada) • barracuda.com Barracuda Networks and the Barracuda Networks logo are registered trademarks of Barracuda Networks, Inc. in the United States. All other names are the property of their respective owners..