Barracuda Spam Firewall 400

  • Editors' rating
    6.5 Good


  • No user licence restrictions
  • extensive customisation options


  • Inbound filtering only
  • cluttered management interface

Security appliances tend to be based on relatively modest hardware, and the Barracuda Spam Firewall 400 is no exception. Rather it’s the software that turns this AMD Athlon-powered system into a security appliance: the Spam Firewall 400 runs a security-hardened Linux OS, a SpamAssassin-based anti-spam filter and a proprietary antivirus scanner. The Barracuda Spam Firewall 400 costs £3,885 for unlimited users.

A single Ethernet port connects the Barracuda to the LAN and once assigned an IP address (using a local terminal) setup is done via a browser. A wizard takes you quickly through the initial configuration with, like most such appliances, a choice of deployments. The easiest is to forward SMTP traffic via the network firewall while, if your email server is located outside the firewall, you’ll need to update your DNS records directly to point to the appliance.

Either way, the Barracuda box can be up and filtering messages in just a few minutes and for several domains simultaneously. However, unlike the SurfControl and Mirapoint appliances, it only handles incoming mail.

The default settings will be good to go for most customers, as the Barracuda software features Bayesian learning technology to fine-tune itself as it goes. However, there’s also plenty of scope for customisation, including the ability to modify the spam scoring system directly, add or change external blacklist servers and specify filter keywords of your own. Attachment filtering is a customisable option too, with the usual facilities to block, quarantine and modify suspect messages.

Exceptions can be handled in a number of ways, including white/black lists with users able to modify these directly using a downloadable mail client plug-in. This is only available for Outlook at present, but Exchange is the main target market with an Exchange Accelerator another key selling point. This uses the LDAP service built into the Microsoft mail server to verify recipients before delivering messages, thus easing the burden on the mail server as well as offering protection from directory attacks.

The management interface is straightforward, if not the best we’ve seen. To begin with you’re presented with a status display with graphs to summarise activity on an hourly and daily basis, and facilities to run a number of built-in reports. Activity logs can also be examined from here, together with lists of the blocked or quarantined messages to determine why mail isn’t getting through. On the downside, all this plus the detailed customisation options makes for a cluttered interface and, although it does the job very well, it’s not the easiest of products to get to grips with.