Barracuda IM Firewall Administrator`s Guide

Barracuda IM Firewall Administrator`s Guide
Barracuda IM Firewall Administrator’s Guide
Version 4.x
Barracuda Networks Inc.
3175 S. Winchester Blvd
Campbell, CA 95008
http://www.barracuda.com
Copyright Notice
Copyright 2007-2010, Barracuda Networks
www.barracuda.com
v3.3-081212-04-1218
All rights reserved. Use of this product and this manual is subject to license. Information in this document is subject to change without notice.
Trademarks
Barracuda IM Firewall is a trademark of Barracuda Networks. All other brand and product names mentioned in this document are registered
trademarks or trademarks of their respective holders.
2
Barracuda IM Firewall Administrator’s Guide
Contents
Chapter 1 – Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 7
Overview . . . . . . . . . . . . . . . . . . .
Features of the Barracuda IM Firewall . . . .
Easy Setup and Client Rollout . . . . . .
Directory Integration. . . . . . . . . . . .
IM Archiving . . . . . . . . . . . . . . . .
Policy Management . . . . . . . . . . . .
Private IM Server . . . . . . . . . . . . .
Secure Server-to-Server Communications
Virus Scanning . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.8
.9
.9
.9
.9
.9
.9
10
10
C h a p t e r 2 – I n s ta n t M e s s a g i n g C o n c e p ts . . . . . . . . . . . . 11
Barracuda IM Firewall Configurations . . . . . . .
Standard Inline Network Configuration . . . . .
Server Only Configuration. . . . . . . . . . . .
Span Port/Network Tap Configuration . . . . . .
Other Instant Messaging Concepts . . . . . . . . .
Logging Messages vs Archiving Conversations.
Protocols vs Transports . . . . . . . . . . . . .
SRV Records . . . . . . . . . . . . . . . . . .
Federation . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
12
13
14
15
16
16
16
16
16
C h a p t e r 3 – G e t t i n g Sta r t e d . . . . . . . . . . . . . . . . . . . . . . 17
Network Considerations . . . . . . . . . . . . . . . . . . . . .
Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . .
External DNS . . . . . . . . . . . . . . . . . . . . . . . . .
Enterprise class Layer 3 Switch, VLANs, VPN concentrators.
Firewall DMZ . . . . . . . . . . . . . . . . . . . . . . . . .
Mounting and Cabling Considerations . . . . . . . . . . . .
Initial Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Prepare for the Installation . . . . . . . . . . . . . . . . . .
Connect Barracuda IM Firewall to Network . . . . . . . . . .
Configure IP Address and Network Settings . . . . . . . . .
Configure Your Corporate Firewall . . . . . . . . . . . . . .
Configure Access to the Barracuda IM Firewall . . . . . . . .
Verify Your Subscription Status . . . . . . . . . . . . . . . .
Update the Barracuda IM Firewall Firmware . . . . . . . . .
Update Definitions. . . . . . . . . . . . . . . . . . . . . . .
Set the Current IM Client Version . . . . . . . . . . . . . . .
Test your Barracuda IM Firewall. . . . . . . . . . . . . . . .
Administrative Settings . . . . . . . . . . . . . . . . . . . . . .
Controlling Access to the Administration Interface . . . . . .
Customizing the Appearance of the Web Interface . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
18
18
18
18
19
19
19
20
20
20
21
22
23
24
25
25
26
26
28
28
28
iii
Setting the Time Zone of the System . . . . . . . . . . . . . . . . . . . . . . 28
Enabling SSL for Administrators and Users. . . . . . . . . . . . . . . . . . . 28
C h a p t e r 4 – C o n f i g u r i n g t h e B a r r a c u d a I M F i r e w a l l . . . . 31
User Accounts . . . . . . . . . . . . . . . . . . . . . . . . .
Creating User Accounts Manually . . . . . . . . . . . . . .
Importing User Accounts from an External Directory Server
Viewing and Modifying Accounts . . . . . . . . . . . . . .
Changing the Role of an Account . . . . . . . . . . . . . .
Rollout Messages. . . . . . . . . . . . . . . . . . . . . . . .
Rosters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Creating Rosters . . . . . . . . . . . . . . . . . . . . . .
Synchronization with LDAP . . . . . . . . . . . . . .
Creating Client Groups . . . . . . . . . . . . . . . . .
Sending out Rosters . . . . . . . . . . . . . . . . . .
Sample Roster . . . . . . . . . . . . . . . . . . . . . . .
Editing Rosters . . . . . . . . . . . . . . . . . . . . . . .
Modify Roster . . . . . . . . . . . . . . . . . . . . . .
Preview Roster . . . . . . . . . . . . . . . . . . . . .
Delete Roster . . . . . . . . . . . . . . . . . . . . . .
Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring the Default Settings of the Barracuda IM Client
Controlling Public IM Access . . . . . . . . . . . . . . . .
Controlling File Transfer Access . . . . . . . . . . . . . .
Adding a Disclaimer to Instant Messages . . . . . . . . . .
Setting the Current Client Version. . . . . . . . . . . . . .
Creating Server Filters and Keyword Notifications . . . . .
Logs and Reports . . . . . . . . . . . . . . . . . . . . . . . .
Message Logs. . . . . . . . . . . . . . . . . . . . . . . .
Conference Logs . . . . . . . . . . . . . . . . . . . . . .
File Transfer Logs . . . . . . . . . . . . . . . . . . . . . .
Presence Log . . . . . . . . . . . . . . . . . . . . . . . .
Automated Reports . . . . . . . . . . . . . . . . . . . . .
User Reports . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
32
32
33
33
34
35
36
36
36
36
36
37
37
37
38
38
39
39
39
39
39
40
40
41
41
41
41
41
41
42
C h a p t e r 5 – M o n i t o r i n g t h e B a r r a c u d a I M F i r e w a l l . . . . . 43
Monitoring Tasks . . . . . . . . . . .
Viewing Performance Statistics . .
Setting up Emailed System Alerts .
Viewing System Tasks . . . . . .
Understanding the Indicator Lights
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
44
44
44
44
45
C h a p t e r 6 – M a i n ta i n i n g t h e B a r r a c u d a I M F i r e w a l l . . . . . 47
Maintenance Functions . . . . . . . . . . . . . . . . . .
Backing up and Restoring Your System Configuration
Updating the Firmware of Your Barracuda IM Firewall
Updating the Definitions from Energize Updates . . .
Replacing a Failed System . . . . . . . . . . . . . .
iv
Barracuda IM Firewall Administrator’s Guide
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
48
48
48
49
49
Reloading, Restarting, and Shutting Down the System .
Using the Built-in Troubleshooting Tools . . . . . . . .
Rebooting the System in Recovery Mode. . . . . . . .
Reboot Options . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
49
50
50
51
C h a p t e r 7 – A b o u t t h e B a r r a c u d a I M F i r e w a l l H a r d w a r e . 53
Front Panel of the Barracuda IM Firewall. . .
Barracuda IM Firewall 220, 320, and 420 .
Barracuda IM Firewall 620 and 820 . . . .
Back Panel of the Barracuda IM Firewall . . .
Barracuda IM Firewall 220, 320, and 420 .
Barracuda IM Firewall 620 and 820 . . . .
Hardware Compliance . . . . . . . . . . . .
Notice for the USA . . . . . . . . . . . .
Notice for Canada . . . . . . . . . . . . .
Notice for Europe (CE Mark) . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
54
54
55
56
56
57
58
58
58
58
A p p e n d i x A – R e g u l a r E x p r e s s i o n s . . . . . . . . . . . . . . . . 59
Using Special Characters in Expressions . . . . . . . . . . . . . . . . . . . . 60
Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
A p p e n d i x B – L i m i t e d Wa r r a n t y a n d L i c e n s e . . . . . . . . . 63
Limited Warranty . . . . . . . . .
Exclusive Remedy. . . . . . . . .
Exclusions and Restrictions . . . .
Software License . . . . . . . . .
Energize Update Software License
Open Source Licensing . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
63
63
64
64
65
69
I n d e x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
v
vi
Barracuda IM Firewall Administrator’s Guide
Chapter 1
Introduction
This chapter provides an overview of the Barracuda IM Firewall and includes the following topics:
•
•
Overview on page 8
Features of the Barracuda IM Firewall on page 9
Introduction 7
Overview
As organizations increasingly move towards instant messaging as a means to communicate and share
information quickly, the ability to manage and control such communications becomes more critical.
The Barracuda IM Firewall is a complete plug-and-play instant messaging solution that will not only
monitor IM traffic to guard against sensitive data leaving or viruses entering your network, but can
also act as an IM server for protected IM communications both internally and with any trusted
external locations. The Barracuda IM Firewall offers:
•
•
•
•
•
Policy enforcement, with the ability to monitor and log both internal and public IM
conversations;
Content filtering, using key words, phrases, and regular expressions to remove or block
sensitive data within IM conversations;
Compliance support, with multiple regulatory standards being satisfied by abilities such as IM
conversation archiving, sensitive data blocking, and strong 256-bit encryption for internal IMs;
A native Barracuda IM Client for secure communications amongst your users;
Built-in detection of viruses in all instant messages and file transfers.
Figure 1.1: Barracuda IM Firewall Architecture
8
Barracuda IM Firewall Administrator’s Guide
Features of the Barracuda IM Firewall
Easy Setup and Client Rollout
The Barracuda IM Firewall installs into your network with minimal configuration, and can easily
transition from a transparent listen-only mode that only monitors existing public IM traffic, to the fullfeatured mode that includes an IM server for complete instant messaging security.
The supplied Barracuda IM Client is available for the Windows, Macintosh, and Linux platforms, and
each new user’s buddy lists can be pre-configured for fast and easy deployment.
Directory Integration
Users and rosters, a.k.a. buddy lists, can be generated automatically for the Barracuda IM Firewall by
synchronization with your LDAP server. Adding new users to your corporate network automatically
allows them access to the Barracuda IM Firewall with their same network credentials, and your LDAP
groups can be used as a buddy group so that any membership changes to that group on your corporate
server will automatically be reflected in every user’s rosters.
IM Archiving
The Barracuda IM Firewall will treat instant messages between the same users that happen within a
certain time period as a single conversation, and package them up in one bundle for easy archiving
and recall. The built-in integration with the Barracuda Message Archiver makes it simple to preserve
all instant messages and conversations for as long as is required by corporate policies.
Policy Management
The Barracuda IM Firewall provides a variety of policy management features for customizing your
instant messaging environment, such as preventing users from transferring files or sending IMs
containing specific keywords or phrases; displaying a custom disclaimer in every new IM session; and
being notified whenever specific keywords or phrases are used in an IM session. You can also control
access to the public IM servers such as Yahoo! and MSN, as well as limit communications with
people outside of your network.
Private IM Server
The Barracuda IM Server allows your users to communicate securely amongst themselves by keeping
all internal messages within your network, without having to relay them out through your firewall to
an external public IM host and allow them back in again. And if you decide to allow it, your local
users will also have the ability to communicate with any external user of an IM client that understands
the open-source instant messaging protocol XMPP.
256-bit AES encryption is applied to all internal messages sent through the Barracuda IM Firewall,
keeping your private messages private.
Introduction 9
Secure Server-to-Server Communications
Securely encrypted instant messages can be sent between any two users on two different Barracuda
IM Firewalls, in much the same manner that emails are sent between any two users at different
organizations. As long as each Barracuda IM Firewall is configured to allow such communications,
user1@company1.dom can exchange secured IMs with user2@company2.dom using the Barracuda
IM Client.
Virus Scanning
Many security technologies are integrated into the Barracuda IM Firewall, including the virus
protection that is standard on all Barracuda Networks products. The latest virus definitions,
maintained and updated around the clock at Barracuda Central, are distributed via Energize Updates
and helps guard your network against the latest forms of IM viruses and other malware.
10
Barracuda IM Firewall Administrator’s Guide
Chapter 2
Instant Messaging Concepts
This chapter provides an overview of the Barracuda IM Firewall and includes the following topics:
•
•
Barracuda IM Firewall Configurations on page 12
Other Instant Messaging Concepts on page 16
Instant Messaging Concepts 11
Barracuda IM Firewall Configurations
The Barracuda IM Firewall can be set up as a firewall to log or block IM traffic with public IM servers
from within your network; as an internal IM server for secure communcations amongst your local
users; or both. The most typical deployment allows for both modes to function, but each
configuration type is described below:
Standard Inline Network Configuration............................................. 13
Server Only Configuration................................................................. 14
Span Port/Network Tap Configuration .............................................. 15
Table 2.1 shows what functions each configuration type will be able to support, while Table 2.2
outlines which each deployment type supports the desired function.
Table 2.1: Supported Deployment Types
Type of configuration
The Barracuda IM Firewall will...
Standard Inline Network Configuration
act as an IM server for secure internal communications,
and will log all traffic with public IM servers
Server Only Configuration
act only as an IM server for secure internal
communications
SPAN Port/Network Tap Configuration
only log traffic with public IM servers
Table 2.2: Deployment Type Details
Desired Function
Type of Configuration Required
Log all public IM traffic
Standard Inline Network Configuration or
SPAN Port/Network Tap Configuration
Secure IM server
Standard Inline Network Configuration or
Server Only Configuration
Secure IM server AND log all public IMs
12
Barracuda IM Firewall Administrator’s Guide
Standard Inline Network Configuration
Standard Inline Network Configuration
The Standard Inline Network deployment requires that the Barracuda IM Firewall be installed
between your corporate firewall and your network’s core switch or hub. Your core switch or hub is
the device through which all network traffic must pass before leaving your network. This
configuration allows the Barracuda IM Firewall to log and/or block all IM traffic on your network, be
they destined for a public IM server or for the Barracuda IM Server.
The following table shows the advantages and disadvantages of this type of deployment.
Advantages
Disadvantages
Allows logging of public IM clients like AOL,
Yahoo!, and MSN instant messengers.
Latency may occur if the number of users on your
network exceed the recommended maximum for the
model of your Barracuda IM Firewall
Allows blocking of public IM clients like AOL,
Yahoo!, and MSN instant messengers.
Network traffic is interrupted during installation.
Allows use of the IM server without using an
additional network port.
Can provide both IM server and gateway
functionality.
Figure 2.1: A standard inline network configuration:
Instant Messaging Concepts 13
Server Only Configuration
For a Server Only deployment, the Barracuda IM Firewall is installed in a demilitarized zone (DMZ)
where your email server may be, and your client machines are connected directly through a network
switch.
The following table describes the advantages and disadvantages of deploying your Barracuda IM
Firewall in server only deployment.
Advantages
Disadvantages
Initial setup does not require any disruption to Cannot log or monitor public IM clients like AOL, Yahoo!,
your network traffic.
and MSN.
The Barracuda IM Firewall can sit in your
DMZ with other servers.
Figure 2.2: A server-only deployment configuration:
14
Barracuda IM Firewall Administrator’s Guide
Span Port/Network Tap Configuration
For the SPAN port or network tap deployment, you connect the Barracuda IM Firewall to a SPAN
port on your core router or switch that connects to your client machines. The placement of your
corporate firewall and its functionality may have an impact on the Barracuda IM Firewall
deployment. A network tap can also be used in between your core router or switch and the Barracuda
IM Firewall. This type of configuration may require technical assistance from Barracuda Networks
Technical Support.
We recommend deploying the Barracuda IM Firewall in this mode if public IM network blocking is
not required, but you must log all public IM traffic.
The following table describes the advantages and disadvantages of deploying your Barracuda IM
Firewall in the SPAN port/network tap deployment.
Advantages
Disadvantages
Allows logging of public IM clients like AOL,
Yahoo!, and MSN instant messengers.
Cannot block use of public IM clients like AOL, Yahoo!,
and MSN instant messengers.
Provides both IM server and gateway
functionality
Network traffic is interrupted during installation (network
tap configuration only).
Figure 2.3: Deployment over a span port and/or network tap:
Instant Messaging Concepts 15
Other Instant Messaging Concepts
Logging Messages vs Archiving Conversations
The Barracuda IM Firewall keeps track of every individual instant message that is sent through it,
recording the time, sender, and recipient of the message as well as the content. When archiving
instant messages, those that are sent between the same set of users within a set time interval are treated
as a single conversation and saved as a single entry, allowing for easier tracking.
Protocols vs Transports
An IM protocol is essentially the language used between an IM client and server to communicate with
each other. It defines everything from how an IM server is set up, to how an individual is identified,
to how the actual packets are sent from one client to another. Many of the major public networks
(AOL, Yahoo!, MSN) usually have their own proprietary protocols, and require that you register an
account with them to communicate with any of their users.
A transport is considered to be the connection or gateway through which users on a Barracuda IM
Firewall connect to those networks. Initiating a transport is as easy as logging into your pre-existing
public IM account from the Barracuda IM Firewall.
There is also a widely-used open source protocol called the Extensible Messaging and Presence
Protocol (XMPP), also known as Jabber. The Barracuda IM Firewall supports XMPP, which allows
your local user ID on the Barracuda IM Firewall to communicate with other XMPP-based IM servers,
such as Google Talk and other Barracuda IM Firewalls.
SRV Records
An SRV, or Service, record is a DNS entry that identifies the server used to provide a specific service
for a particular domain. This is equivalent to an MX record to define mail servers, except that an SRV
record can be defined for many different types of services.
Organizations that wish to allow IM communications with users who are not on the local Barracuda
IM Firewall will need to define an SRV record for their domain, so that external IM servers will know
how to locate and deliver an instant message meant for the local user.
Federation
Federation allows a Barracuda IM Firewall to trust the authentication of a user from a different
Barracuda IM Firewall or any other XMPP-compliant server, and allow that user to communicate
directly and securely with any user that is local to itself. As long as the administrators of each
Barracuda IM Firewall have properly configured both their SRV records and their networks,
encrypted instant messages can then be exchanged between any 2 users on any 2 Barracuda IM
Firewalls.
16
Barracuda IM Firewall Administrator’s Guide
Chapter 3
Getting Started
This chapter provides general instructions for installing the Barracuda IM Firewall.
This chapter covers the following topics:
Network Considerations..................................................................... 18
Initial Setup ....................................................................................... 20
Administrative Settings ...................................................................... 28
Getting Started 17
Network Considerations
The Barracuda IM Firewall can be deployed as a bridge, as a stand-alone server on a network tap, or
inline with your other network devices. These pre-installation considerations may help you
understand some of the issues that may occur.
Firewalls
The Barracuda IM Firewall can manage and log all instant messages, provided that all instant
messaging traffic is sent through the Barracuda IM Firewall. Because the Barracuda IM Firewall
allows you to choose who is allowed to use public instant messaging services, and logs the
communications that go through those services, it is advantageous to ensure that users are only using
the Barracuda IM client and server for their communications.
The easiest way to do this is to install the Barracuda IM Firewall inline and use the POLICY > Public
IM Access page to block users from using public IM clients like Yahoo Messenger. Public IM clients
are specifically designed to bypass conventional firewall policies. To block public IM traffic, we
strongly recommend that you use a tool designed for this purpose, such as the Barracuda IM Firewall
or the Barracuda Web Filter.
If you cannot install the Barracuda IM Firewall inline, your existing corporate firewall may be able
to block the public IM traffic. Check with your corporate firewall vendor for configuration
recommendations.
An alternative to blocking public IM traffic is to install the Barracuda IM Firewall in a location where
it can record all public IM traffic, and then use the recorded messages to enforce your company’s
security protocol.
Note
It is important to allow the IP address of the Barracuda IM Firewall access to the outgoing ports
or none of the public service transports will function. Refer to Table 3.1 for a list of the ports used
by each public IM client.
Routers
Make sure the default gateway is properly set to reach the Internet. Also, if you are testing the
Barracuda IM Firewall in one portion of your network and move to another portion of the network for
deployment, make sure that you check the default gateway and make changes as necessary.
External DNS
If your clients will connect to the Barracuda IM Firewall using an IP address, no external DNS
configuration is required. However, if you plan to have Barracuda IM clients running outside your
network that need to resolve addresses using your internal DNS name, you will need to ensure that
your external DNS is configured.
18
Barracuda IM Firewall Administrator’s Guide
Enterprise class Layer 3 Switch, VLANs, VPN concentrators
These device types are normally capable of handling multiple subnets and providing default routes to
clients. However, they may affect the Barracuda IM Firewall deployment in the following ways:
•
•
A Layer 3 switch can also be setup to have multiple VLANs (Virtual Local Networks) using port
assignments. There is no side effect by having VLAN tags in the traffic that is visible to the
Barracuda IM Firewall. However, when the Barracuda IM Firewall is set up to a single subnet, it
needs to have routes to process requests for other subnets.
A standard solution is to add static routes to these foreign subnets. All Layer 3 switch subnets
should use its IP address as the gateway. In the case of a VPN concentrator, use the IP of the
concentrator as the default gateway for all the networks aggregated by that VPN concentrator.
Firewall DMZ
A demilitarized zone (DMZ) is an area where any servers that access the Internet are placed. Servers
inside this zone may be configured to access certain servers within an internal network with their own
security rules set up. Normally these servers need to be accessible from the Internet such as email
servers.
Mounting and Cabling Considerations
To install the Barracuda IM Firewall you need to:
•
•
Mount it on a rack or shelf
Cable it to other network devices
The Barracuda IM Firewall is designed to be installed in a data center with other networking devices
and servers. Its dimensions are suitable for a 19-inch rack. You must position it within cabling
distance of any switches or other devices that access the network segments that you want to protect.
The appliance can be mounted facing either direction in your rack, so consider which side will have
access to the ports. Under normal operation, only the front ports are in use. However, when deployed
in listen-only mode, the front ports are used to log native IM client traffic, and the back port is used
for management
You may need access to both the front and back panel during and after installation.
Getting Started 19
Initial Setup
These are the general steps to set up your Barracuda IM Firewall. For more detailed instructions for
each step, see the following reference pages.
Prepare for the Installation ............................................................... 20
Connect Barracuda IM Firewall to Network..................................... 20
Configure IP Address and Network Settings ..................................... 21
Configure Your Corporate Firewall................................................... 22
Configure Access to the Barracuda IM Firewall............................... 23
Verify Your Subscription Status.......................................................... 24
Update the Barracuda IM Firewall Firmware .................................. 25
Update Definitions ............................................................................. 25
Set the Current IM Client Version ..................................................... 26
Test your Barracuda IM Firewall ...................................................... 26
Prepare for the Installation
Before installing your Barracuda IM Firewall, complete the following tasks:
•
•
Decide which type of deployment is most suitable to your network. For more information on the
deployment options, see Barracuda IM Firewall Configurations on page 12.
Verify you have the necessary equipment:
• Barracuda IM Firewall (check that you have received the correct model)
• AC power cord
• Ethernet cables
• Mounting rails and screws (available for models 620 and 820 only)
• VGA monitor (recommended)
• PS2 keyboard (recommended)
Connect Barracuda IM Firewall to Network
There are four types of cables you need to plug into the system: the AC Power cable, the monitor
cable, the keyboard cable, and CAT-5 cables for inline, span, and network tap setups.
To physically install the Barracuda IM Firewall:
1.
Fasten the Barracuda IM Firewall to a standard 19-inch rack or other stable location.
Caution
Do not block the cooling vents located on the front and rear of the unit.
2.
Attach the power cord. Connect the AC power cord to the correct location on the rear of your
Barracuda IM Firewall.
After you connect the AC power cord, the Barracuda IM Firewall may power on for a few
seconds and then power off. This behavior is normal.
20
Barracuda IM Firewall Administrator’s Guide
3.
Connect the Barracuda IM Firewall to your network. Attach one end of the CAT-5 network cable
to the LAN port on the front panel of the Barracuda IM Firewall. Attach the other end of the
network cable to your network.
Figure 3.1: Front panel of the Barracuda IM Firewall
BarracudaSpyware
IM Firewall
Barracuda
Firewall
Network Switch
The Barracuda IM Firewall supports 10BaseT, 100BaseT, and Gigabit Ethernet (models 620 and
higher only). Do not connect any other cables to the unit at this time.
4.
Connect your monitor cable and keyboard cable to the back panel of the Barracuda IM Firewall.
5.
Press the Power button located on the front of the unit.
The power light on the front of the Barracuda IM Firewall turns on.
The login prompt for the administrative console displays on the monitor.
Configure IP Address and Network Settings
The Barracuda IM Firewall is assigned a default IP address of 192.168.200.200. You can change the
address using the administrative console or by pressing and holding the Reset button on the front
panel.
Holding Reset for five seconds changes the default IP address to 192.168.200.200. Holding the button
for eight seconds changes the default IP address to 192.168.1.200. Holding the button for 12 seconds
changes the IP address to 10.1.1.200.
Getting Started 21
To set a new IP address from the administrative console:
1.
At the barracuda login prompt, enter admin for the login and admin for the password.
The Administrative Console displays the current IP configuration of the Barracuda IM Firewall.
2.
Using your Tab key, select Change and click Enter to change the IP configuration.
3.
Enter the new IP address, netmask, primary DNS, and default gateway for your Barracuda IM
Firewall. Select Save to enter your changes. The secondary DNS field is optional. Select Exit.
The new IP address and network settings are applied to your Barracuda IM Firewall.
Configure Your Corporate Firewall
If your Barracuda IM Firewall is located behind a corporate firewall, refer to Table 3.1 for the ports
that need to be opened on your corporate firewall to allow communication between the Barracuda IM
Firewall and remote servers.
Table 3.1: Ports to Open on Your Corporate Firewall
Port
Direction
Protocol
Description / Use
22
Out
TCP
Remote diagnostics and technical
support services
25
Out
TCP
Rollout and notification emails
53
Out
UDP
DNS (Domain Name Server)
80
Out
TCP
Firmware and Energize updates
(unless configured to use a proxy)
123
In/Out
UDP
NTP (Network Time Protocol)
443
In
TCP
For remote access over SSL (https) to
the Barracuda IM Firewall. See
Configure Access to the Barracuda
IM Firewall on page 23.
5190
In/Out
TCP
AOL AIM® communications
5223
In/Out
TCP
For remote Internet users to connect
with the Barracuda IM Firewall
5269
In/Out
TCP
For communications with other IM
servers. See Keywords support the
use of PERL regular expressions. on
page 40 for more information.
1863
In/Out
TCP
MSN® Messenger communications
4000
In/Out
TCP
ICQ® communications
5050
In/Out
TCP
Yahoo!® Messenger communications
8000
Out
TCP
The administration Web port. See
step 4c of Controlling Access to the
Administration Interface on page 28
Port 25 is the default port used for SMTP traffic. Some organizations choose to have email
notifications and alerts from the Barracuda IM Firewall sent to an external email address directly or
by using an external SmartHost, without relaying through the corporate mail server. In these
22
Barracuda IM Firewall Administrator’s Guide
situations, the corporate firewall will have to be modified to allow outgoing emails from the
Barracuda IM Firewall over the desired SMTP port.
The Barracuda IM Firewall should not usually be accepting incoming SMTP requests from systems
outside of your organization’s network. However, if your email server is located in a DMZ, you may
need to configure your corporate firewall to allow traffic over the designated SMTP port from the
Barracuda IM Firewall to your internal email server
Configure Access to the Barracuda IM Firewall
After specifying the IP address of the Barracuda IM Firewall and opening the necessary ports on your
corporate firewall, configure the Barracuda IM Firewall from the administration interface. Make sure
the client’s computer is connected to the same network as the Barracuda IM Firewall and that the
appropriate routing is in place to allow connection to the Barracuda IM Firewall’s IP address via a
Web browser.
To configure the Barracuda IM Firewall:
1.
From a Web browser, enter the IP address of the Barracuda IM Firewall followed by port 8000.
For example: http://192.168.200.200:8000.
2.
To log into the administration interface, enter admin for the username and admin for the
password.
3.
Go to the BASIC > IP Configuration page, and perform the following steps:
3a. Enter the IP address of your primary and secondary DNS servers (if these have not yet
been set up).
3b. (Optional) Configure any static routes.
3c. Click Save Changes.
Note
If the IP address of your Barracuda IM Firewall on the IP Configuration page is changed, you are
disconnected from the administration interface. Please log in again using the new IP address.
4.
Go to the BASIC > Administration page, and perform the following steps:
4a. Make sure the local time zone is set correctly.
Time on the Barracuda IM Firewall is automatically updated via NTP (Network Time
Protocol). It requires that port 123 is opened for inbound and outbound UDP (User
Datagram Protocol) traffic on your firewall (if the Barracuda IM Firewall is located
behind one).
It is important that the time zone is set correctly because this information is used to
determine the delivery times for messages and in all logs and reports.
4b. If desired, change the port number used to access the Barracuda IM Firewall
administration interface. The default port is 8000.
4c. Enter the amount of time for the session expiration length (in minutes) of your
administration interface session. If you are idle for the length of time specified here,
you are required to log back into the administration interface.
4d. Enter the email address for the Barracuda IM Firewall administrator. This email address
is included in the rollout emails so users know who to contact if they have questions
about their new IM client.
Getting Started 23
4e. (Optional) Specify your local SMTP server in the Outbound SMTP Host/Smart Host
field.
4f. Click Save Changes.
5.
Change the password for the admin account:
5a. Go to the USERS > Account View page.
5b. Under the Administrator Actions column, click the Password link for the Admin
account to change the password.
Verify Your Subscription Status
Once you install the Barracuda IM Firewall, your Energize Update and Instant Replacement
subscriptions are most likely active. However, it is important you verify the subscription status so
your Barracuda IM Firewall can continue to receive the latest virus updates from Barracuda Central.
The Energize Update service is responsible for downloading these virus definitions to your
Barracuda IM Firewall.
To check your subscription status:
1.
Go to the BASIC > Status page.
2.
From the Subscription Status section, verify that the word Current appears next to Energize
Updates and Instant Replacement Service (if purchased), and Premium Support (if purchased).
Figure 3.2 shows the location of the Subscription Status section.
Figure 3.2: Subscription Status
Verify your subscriptions are current
24
Barracuda IM Firewall Administrator’s Guide
3.
If your subscription is not current, perform the following steps:
3a. Click the Activate link as shown in Figure 3.3. The product activation displays in a
new browser window.
Figure 3.3: Location of the Activate Link
Click to activate your
subscription
3b. On the Product Activation page, fill in the required fields and click Activate. A
confirmation page opens to display the terms of your subscription.
3c. After a few minutes, from the Barracuda IM Firewall administration interface, click
Refresh in the Subscription Status section of the BASIC > Status page. The status of
your subscriptions displays as Current.
Note
If your subscription status does not change to Current, or if you have trouble filling out the Product
Activation page, call your Barracuda Networks sales representative.
Update the Barracuda IM Firewall Firmware
To update the firmware on the Barracuda IM Firewall:
1.
Go to the ADVANCED > Firmware Update page. Verify that the installed version matches the
Latest General Release. The Download Now button next to the Latest General Release is
disabled if the Barracuda IM Firewall is already up-to-date with the latest firmware.
2.
If the installed version does not match the Latest General Release: read the release notes to learn
about the latest features and fixes provided in the new firmware version, and click Download
Now to begin the download. Updating the firmware may take several minutes. Do not turn off
the unit during this process.
You can view the download status by clicking the Refresh button next to the firmware download
progress. A ”Firmware downloaded” message displays once the download is complete, and the
Refresh button will turn into Apply Now.
3.
Click the Apply Now button when the download completes.
4.
Click OK when prompted to reboot the Barracuda IM Firewall. A Status page displays the
progress of the reboot. Once the reboot is complete, the login page appears.
Update Definitions
To update the virus definitions:
1.
Go to the ADVANCED > Energize Updates page.
2.
Select On for Automatically Update. The recommended setting is On for all available
definitions.
Getting Started 25
3.
Check to see if the current version is the same as the latest general release. If the rules are up-todate, proceed to the next section. If the rules are not up-to-date, continue to the next step.
4.
Click Update to download and install the latest available definitions onto the Barracuda
Message Archiver.
Set the Current IM Client Version
To ensure you are rolling out the latest IM client version:
1.
Go to the USERS > Client Configuration page.
2.
Select the IM client version that you want your organization to use for each operating system.
The users in your organization will be able to download this client version from their welcome
email. All users that are added to the system automatically receive a welcome email. For more
information on adding user accounts, refer to User Accounts on page 32.
3.
Click Save Changes.
Test your Barracuda IM Firewall
To test your Barracuda IM Firewall you will need to send an instant message from the Barracuda IM
client to make sure the Barracuda IM Firewall is able to log the message.
If your Barracuda IM Firewall is configured for Standard or Listen-only mode, you should also make
sure your Barracuda system is able to log messages from third-party IM clients (like AIM or Yahoo),
as described in step 3 below.
To test your Barracuda IM Firewall:
1.
Create two user accounts by performing the following steps:
1a. From the DOMAINS > Domain Manager page, add your domain. A domain is required to
1b.
1c.
1d.
1e.
add users.
Go to USERS > User Add/Update to create a new user.
Enter your e-mail address. Your username is created as your e-mail address.
Click Save Changes. A Rollout Email is sent to this address that contains a link to
download the Barracuda IM client.
Repeat the steps to create an account for another user.
Note
You can add multiple users simultaneously by entering email addresses one per line. All users will
received a unique Rollout Email.
2.
Download the Barracuda IM Client by performing the following steps:
2a. Click the link in the Rollout Email to download the Barracuda IM client.
2b. Download the client associated with your operating system.
The Barracuda IM Client is available for a number of operating systems. The client
download page will list the client versions available for your operating system.
2c. When you have successfully downloaded the appropriate client for your system, follow
rest of the Client Installation Instructions located on the download page.
26
Barracuda IM Firewall Administrator’s Guide
2d. Send an instant message to the other Barracuda IM Firewall user that you created in
Step 1.
2e. From a Web browser, log into the Barracuda IM Firewall and go to the LOGS/REPORTS
> Message Log page to ensure that your instant message has been logged.
3.
Connect to the Barracuda IM server using an AIM, Yahoo!, ICQ, or MSN IM client:
3a. Open the AIM, Yahoo, ICQ, or MSN IM client.
3b. Login with your credentials and send an instant message to another user on that service.
3c. From a Web browser, log into the Barracuda IM Firewall and go to the LOGS/REPORTS
> Message Log page to ensure that your instant message has been logged.
If your messages do not appear in the log, go back through the installation and configuration
steps described earlier in this chapter to make sure your Barracuda IM Firewall has been
installed correctly.
For further details on the Barracuda IM Client, see the Barracuda IM Client End User’s Guide.
Getting Started 27
Administrative Settings
This section covers the basic administrative settings for your Barracuda IM Firewall.
Controlling Access to the Administration Interface..............................28
Customizing the Appearance of the Web Interface............................ 28
Setting the Time Zone of the System .................................................. 28
Enabling SSL for Administrators and Users ..................................... 28
Controlling Access to the Administration Interface
The BASIC > Administration page allows you to perform the following tasks:
•
•
•
•
Change the password of the administration account.
Change the port used to access the Web administration interface.
Change the length of time users can be logged into the Web interface (default is 20 minutes).
In the Administrator IP/Range field, specify the IP addresses or netmask of the systems that
can access the Web interface as the user admin. All other systems will be denied access. If left
blank, then the admin user will be able to log in from any IP address.
Customizing the Appearance of the Web Interface
The ADVANCED > Appearance page allows you to customize the default images used on the Web
interface. This page is only available on the Barracuda IM Firewall model 620 and above.
Setting the Time Zone of the System
You can set the time zone of your Barracuda IM Firewall from the BASIC > Administration page . The
current time on the system is automatically updated via Network Time Protocol (NTP). When the
Barracuda IM Firewall resides behind a firewall, NTP requires port 123 to be opened for outbound
UDP traffic.
It is important that the time zone is set correctly because this information is used in all logs and
reports.
Note: The Barracuda IM Firewall automatically reboots when you change the timezone.
Enabling SSL for Administrators and Users
The ADVANCED > Secure Administration page allows you to modify various settings related to SSL
(https) access to the Web interface for your Barracuda IM Firewall.
SSL not only ensures that your passwords are encrypted, but also ensures that all data transmitted to
and received from the administration interface is encrypted as well. All Barracuda IM Firewalls
28
Barracuda IM Firewall Administrator’s Guide
support SSL access without any additional configuring. However, some sites may wish to enforce
using a secured connection to access the Web interface, or prefer to use their own trusted certificates.
Note
The SSL configuration referred to here is related only for the Web-based administrative interface.
There is no need to explicitly configure SSL for traffic between the Barracuda IM Firewall and your
email servers.
To enforce SSL-only access:
1.
Go to the ADVANCED > Secure Administration page.
2.
Select Yes to enable HTTPS/SSL access only to the Web interface.
3.
Select Yes to Use HTTPS links in emails sent out by the Barracuda IM Firewall.
4.
Enter your desired Web Interface HTTPS/SSL port. The default is 443.
5.
Click Save Changes to save and activate your changes.
If you wish to change the certificate that is used, you must first create and upload it before changing
the Certificate Type in the SSL Certificate Configuration section. The Barracuda IM Firewall
supports the following types of certificates:
•
•
•
Default (Barracuda Networks) certificates are signed by Barracuda Networks. On some
browsers, these may generate some benign warnings which can be safely ignored. No additional
configuration is required to use these certificates, and are provided free of charge as the default
type of certificate.
Private (self-signed) certificates provide strong encryption without the cost of purchasing a
certificate from a trusted Certificate Authority (CA). These certificates are created by providing
the information requested in the Certificate Generation section of the ADVANCED > Secure
Administration page. You may also want to download the Private Root Certificate and import it
into your browser, to allow it to verify the authenticity of the certificate and prevent any
warnings that may come up when accessing the Web interface.
Trusted (signed by a trusted CA) certificates are issued by trusted Certificate Authorities
(CA), and must be purchased from them separately with a Certificate Signing Request (CSR).
This can be downloaded after providing the information requested in the Certificate
Generation section of the ADVANCED > Secure Administration page. Once you have received
the certificate and key from the CA, you must upload both items to the Barracuda Message
Archiver from the Trusted Certificate section of that same page. The certificate will be in
effect as soon as the upload is completed.
Getting Started 29
30
Barracuda IM Firewall Administrator’s Guide
Chapter 4
Configuring the Barracuda IM Firewall
This chapter describes the configuration and management tasks you can perform from the
administration interface. The following topics are covered:
User Accounts .................................................................................... 32
Rollout Messages ............................................................................... 35
Rosters ............................................................................................... 36
Policies .............................................................................................. 39
Logs and Reports ............................................................................... 41
Note
For more detailed information about a specific page in the administration interface, view the online
help by clicking the question mark icon on the right side of the interface.
Configuring the Barracuda IM Firewall 31
User Accounts
Each user that you allow to chat securely over your network needs to have an account on the
Barracuda IM Firewall.
You can use one of the following methods to add user accounts to your Barracuda system:
•
•
Create accounts manually.
Import accounts from your external directory server.
In some cases, you may need to manually create accounts as well as import them from LDAP. For
example, if your organization’s regular employees have LDAP accounts but your contractors or
consultants do not, then you may need to manually create accounts for contractors if you want them
to chat securely with your internal employees using the Barracuda IM client.
Creating User Accounts Manually
When you create an account manually, the Barracuda IM Firewall:
•
•
Generates a unique password for the account.
Emails a rollout message to the new account. This message contains the user’s login and
password information, provides a link to the Barracuda IM client installation, and describes how
to download the Barracuda IM client.
Before you create a user account, perform the following tasks:
•
•
If desired, customize the rollout message from the USERS > User Rollout page as described in
Rollout Messages on page 35. The Barracuda IM Firewall automatically sends a rollout message
to new user accounts so you need to modify this message before you create accounts on the
system.
View the default settings for the Barracuda IM Client and make any desired changes. The
default settings are located on the USERS > Client Configuration page, and the online help
describes each setting in detail. You should make any necessary changes before users start
downloading the IM client from their rollout email.
To manually create a user account:
1.
From the DOMAINS > Domain Manager page, add one or more domains to the Barracuda IM
Firewall. You must add at least one domain before you can create a user account.
2.
From the USERS > User Add/Update page, add the email address (one per line) for each user
account you want to create. If you enter an email address for an account that already exists, the
Barracuda IM Firewall generates a new password for the account and sends a new rollout
message to the user.
3.
The Barracuda IM Firewall emails to the new user a rollout message as created on the USERS >
User Rollout page.
32
4.
By default, all new accounts are automatically assigned the role of user.
5.
To change the role for this account to an admin, domain admin, or auditor, see Changing the
Role of an Account on page 34.
Barracuda IM Firewall Administrator’s Guide
Importing User Accounts from an External Directory Server
If you already use an external directory server like LDAP for authentication, you can enable your
Barracuda IM Firewall to import these accounts so you do not need to create them manually, and also
allow the user of LDAP groups to use when defining rosters. The Barracuda IM Firewall is
compatible with any LDAP-compliant external directory server.
Before you import user accounts, perform the following tasks:
•
If desired, customize the rollout message as described in Rollout Messages on page 35.
The Barracuda IM Firewall automatically sends a rollout message to new user accounts so you
need to modify this message before you import accounts to the system. You can disable the
rollout emails on the USERS > User Rollout page.
•
View the default settings for the Barracuda IM Client and make any desired changes.
The default settings are located on the USERS > Client Configuration page, and the online help
describes each setting in detail. You should make any necessary changes before users start
downloading the IM client from their rollout email.
When you’re ready to begin importing, go to the DOMAINS > Directory Services page to being
importing users from the desired domain. The settings provided here will be used whenever the
Barracuda IM Firewall needs to contact your LDAP server to synchronize accounts and group
membership. From here, you can also elect to use the Department attribute of a user’s vCard in the
same way an LDAP group would be used by a roster.
The Barracuda IM Firewall will also synchronize the vCard setting for user accounts if so desired. If
you want to change what is displayed or make any other modifications to the vCard for your users,
click on the Edit LDAP Attribute Mapping button to bring up the editor for LDAP Attributes.
If configured to send rollout emails, the Barracuda IM Firewall emails a rollout email to the users you
imported. For information regarding changing roles, see Rollout Messages on page 35.
By default, all newly-added accounts are automatically assigned the role of user For information
regarding changing roles, see Changing the Role of an Account on page 34.
Viewing and Modifying Accounts
The USERS > Account View page displays all the accounts that have been created manually or
imported from your external directory server and use the Barracuda IM client. This page lets you view
details about each account and perform various management tasks such as:
•
•
•
•
Changing the role or password of the account;
Logging into the administration interface as that account;
Sending the account a rollout email;
Deleting the account.
To quickly locate a specific account, use the filter feature at the top of the page to search for specific
patterns in the account details.
Configuring the Barracuda IM Firewall 33
Changing the Role of an Account
By default, every new account that you create or import is assigned the role of user. However, you
may need to change the role of an account so it can be used to manage specific domains on your
Barracuda IM Firewall, or audit IMs on a particular domain.
You can assign the following types of roles to an account:
•
•
User—Manages only their account by viewing their own IM logs, modifying their vCard
information, and changing their password.
Domain Admin—Manages specific domains but cannot configure system-wide settings.
Domain admins can view logging information and create users for their domains but do not have
access to the system-wide settings on the BASIC > IP Configuration page, BASIC >
Administration page, and ADVANCED tab.
•
Admin—Manages all the domains on the Barracuda system and can configure system-wide
settings. This role is equivalent to the default admin role on the Barracuda IM Firewall.
•
Auditor—Able to only view the message logs for designated domains, and change the audit
status of a message. Auditors have no ability to make any domain-specific or system-wide
changes.
To change the role of an account:
1.
Go to the USERS > Accounts View page.
2.
Locate the account you want to change, and click the link in the Role column identifying that
account’s current status. A pop-up window appears.
3.
From the Role drop-down menu, select the role for the account.
4.
In the Domains Managed area, enter the domains (one per line) that you want the account to
manage. These domains must match the domains that have already been created on the system.
To configure the account to manage all domains, enter all_domains.
If you are changing the role of an account to a User role, do not enter any domains. User
accounts do not manage domains.
If you are changing the role to an Admin role. then do NOT enter anything in this field.
5.
34
Click Save Changes.
Barracuda IM Firewall Administrator’s Guide
Rollout Messages
The USERS > User Rollout page lets you choose whether or not to send a “welcome”, or rollout,
message to new users, and to customize the actual message that the Barracuda IM Firewall sends to
each new user account. You should always review the contents of the message before creating or
importing a large number of user accounts.
The following paragraphs show an example of the default user rollout message:
Congratulations __USERNAME__! Your company has successfully created an account for you
on their new Barracuda IM Firewall corporate instant messaging solution. Barracuda IM
Firewall provides secure corporate instant messaging within your company, as well as
connectivity to AOL, Yahoo!, MSN, and ICQ instant messaging networks, all from a single
client. To begin using your new account, simply follow the instruction in this email.
Below you will find your username and password, a link to download the client, and installation
instructions.
Username: __USERNAME__
Password: __PASSWORD__
Server: __SERVER__
Configuring the Barracuda IM Firewall 35
Rosters
The USERS > Roster Creation page lets you create and manage rosters (also known as buddy lists)
for your users. Once you create a roster, you can push the roster out to your users immediately or wait
until the Barracuda system automatically distributes new rosters every night at midnight.
Creating Rosters
New rosters are created from the USERS > Roster Creation page. Both the roster recipient list and
the contents of the actual roster can be populated with any combination of individual usernames and
LDAP groups.
Synchronization with LDAP
To use LDAP groups in your roster or as a roster recipient, just list the LDAP group name as you
would a username. Before a roster is delivered to users’ clients, the Barracuda IM Firewall will
always contact your LDAP server to retrieve the latest member lists for each LDAP group.
You can also enable use of the Department attribute from a user’s vCard information in the same
way as you would an LDAP group in your rosters. To do so, go to the DOMAINS > Directory Services
page and set the Treat “Department” as an LDAP group option to Yes for the desired domain.
Creating Client Groups
You can define your own Client Groups inside each roster, to partition your user lists into smaller,
easier-to-use sections. A Client Group is created simply by putting your name for the group inside
square brackets, followed by the list of usernames and/or LDAP groups that you want to put into that
group.
Any number of Client Groups can be created, each containing any combination of individual
usernames or LDAP groups. See the Sample Roster on page 37 for an example of a roster with 2
Client Groups, one with names users and the other using an LDAP group instead of listing out all the
members in that group.
If you do not include any Client Groups in your roster, then all roster members are put under the
General group in the IM client.
Sending out Rosters
Roster updates are sent out automatically to users’ clients every night at midnight. If you have created
new rosters or if you have made changes to the rosters that you wish to distribute immediately, click
on the Synchronize Groups Now button. This will initiate a synchronization with your LDAP servers
to retrieve the most recent Department and LDAP group membership lists; expand all such group
names in the rosters with those lists, and send out the updated rosters to all users’ clients.
36
Barracuda IM Firewall Administrator’s Guide
Sample Roster
Figure 4.1 shows an example of a roster that created in the Web GUI and distributed to a user’s
Barraucda IM client. Notice that this roster uses the subgroups Finance and Human Resources to
organize the roster members.
Figure 4.1: Roster Example
Editing Rosters
A list of all rosters currently defined on your Barracuda IM Firewall is available from the USERS >
Roster Creation page, in the Rosters section at the top. A quick overview of the rosters is displayed,
along with options to modify, preview, and delete the rosters.
Modify Roster
Clicking on the Modify link for a roster will populate the roster editing section with the current
definitions. Make your changes as appropriate and save. Note that any changes will not be
propagated immediately, but will wait until midnight to go out. You must click on the Synchronize
Groups Now button for immediate delivery of your modified roster.
Configuring the Barracuda IM Firewall 37
Preview Roster
The Rosters section just displays the items used to define the roster. If you would like to see how the
roster would look on a user’s client, click on the Preview link for that roster. A separate window will
appear that contains not only the individual parts of the roster, but will also expand each LDAP group
in the roster so that the individual members are listed with all known information. The fully-expanded
roster that is pushed out to users’ clients will be shown in the Roster As Presented To Users section
of the popup.
Delete Roster
To delete a roster, simply click on the Delete link for that roster.
38
Barracuda IM Firewall Administrator’s Guide
Policies
Policies help you monitor the use of instant messages on your Barracuda IM Firewall, both in terms
of content of the instant messages as well as how your users use instant messaging in your
organization.
Configuring the Default Settings of the Barracuda IM Client
The settings on the USERS > Client Configuration page let you pre-configure the Barracuda IM Client
for your users. The online help describes each field in detail.
Note
Changes made on this page may not affect any users that are currently logged in.
Controlling Public IM Access
The POLICY > Public IM Access page lets you control which users have access to public IM networks.
You can allow all users access to public IM networks, block all users from accessing these networks,
or manually specify users that you want to allow access (all other users will be denied access). The
settings on this page apply only to third party IM use through the Barracuda IM client.
The Public IM Gateway section at the bottom of the page should only be used for inline deployments
so you can block public IM clients from connecting to your Barracuda IM Firewall. This is useful if
you want to prevent users from using public IM clients (like AOL’s AIM and Yahoo! Messenger) to
connect to their respective public networks. If you block these services, users can still access them
through the Barracuda IM Client if they have been given permission in the Public IM Proxy section
at the top of the page.
Controlling File Transfer Access
The POLICY > File Transfer Access page lets you control which users and groups are allowed to send
files from their Barracuda IM client. The settings on this page do not apply to third party IM clients
like Yahoo Messenger.
All file transfers are scanned for viruses. Zipped files are also decompressed to check for viruses.
Adding a Disclaimer to Instant Messages
A disclaimer is a short statement that appears in front of the first instant message sent from a user.
You can use disclaimers to:
•
Inform users that their IM session is being logged
Configuring the Barracuda IM Firewall 39
•
State policies that impact a user’s IM session. For example, if you have a content filter that
blocks messages containing swear words, you can use a disclaimer to notify users about this
policy so they can avoid having their messages blocked.
A new disclaimer is prepended each time a user’s status is changed from offline to online, and is also
displayed at 30 minute intervals during an ongoing conversation.
Setting the Current Client Version
The USERS > Client Configuration page also lets you specify the version of the Barracuda IM Client
that you want to make available to your users. After you download and install a new firmware version
on your Barracuda IM Firewall, check the Set Current Client section on this page to see if a new
Barracuda IM Client is included with the latest firmware. If a new client is included, you can select
the new version and your users will be notified that an updated IM client is available.
Creating Server Filters and Keyword Notifications
The POLICY > Content Filtering page allows you to configure content filters for the Barracuda IM
Firewall to block or filter messages that contain specific keywords, phrases, or regular expressions,
and also send an email or IM notification when the offense is detected.
For example, you can use content filters to prevent swear words from appearing in the instant
messages sent from your users, or to identify users that need to be reminded of your organization’s
IM standards and policies.
Keywords support the use of PERL regular expressions.
40
Barracuda IM Firewall Administrator’s Guide
Logs and Reports
The Barracuda IM Firewall has several types of logs and reports available to help you keep an eye on
the IM traffic at your location:
Message Logs
The LOGS/REPORTS > Message Log page displays all the instant messages that have been sent over
your private IM environment, including sender and recipient information. You can also view the
complete conversation for a message, search for messages that match a specific pattern, and export
portions of the Message Log as a CSV (comma-separated values), XML, or Excel file.
Conference Logs
The LOGS/REPORTS > Conference Logs page displays all the messages sent from within a
conference. You can also view the complete conversation that occured in a conference, search for
messages that match a specific pattern, and export portions of the Conference Log as a CSV (commaseparated values), XML, or Excel file.
File Transfer Logs
The LOGS/REPORTS > File Transfer Log page displays a list of all the files that have been sent from
within an IM session. Copies of the file are available for download, as well as the status of the file
transfer (sent, received, rejected, etc.)
Presence Log
The LOGS/REPORTS > Presence Log page shows the status changes made by each user connected to
the Barracuda IM Firewall. For example, if a user manually changes their status from online to Do
Not Disturb, the Presence Log keeps a record of this change. The Presence Log also keeps track of
when a user’s status goes to idle due to inactivity.
Automated Reports
The LOGS/REPORTS > Daily Reports page lets you choose which reports your Barracuda IM Firewall
will send to which email addresses on a daily basis. To distribute a report, enter the email addresses
(separated by commas) in the provided field and click Save Changes.
Multiple report types are available, including a Links Report, providing a summary of the HTTP
hyperlinks sent through IM clients on a daily basis, and an IM Traffic report that has a breakdown of
the daily IM traffic.
Configuring the Barracuda IM Firewall 41
User Reports
The LOGS/REPORTS > User Reports page lets you create a report on a specific user’s IM activity over
a defined period of time. The user report includes the following sections:
•
Messaging Statistics—Shows the total, average, and percent of messages the user has sent from
the supported IM clients. For example, if a user sends messages with the Barracuda IM Client
and the MSN client, the report shows statistics for each of these clients.
•
Daily Totals—Shows the total number of messages the user has sent from each IM client for
each day in the reporting period.
•
Presence—Shows the status of the user for each hour of each day in the reporting period.
Each of these sections also includes a chart that provides a visual representation of the data.
To generate a user report:
1.
Specify a start date.
2.
Select one of the following to specify an end date:
• Fixed: Lets you enter a specific ending date for the report.
• Relative: Lets you specify the number of days after the start date that you want the report
to end.
42
3.
Enter the full email address for the user whose activities you which to view. You can only view a
report for one user at a time.
4.
Click Run Report.
Barracuda IM Firewall Administrator’s Guide
Chapter 5
Monitoring the Barracuda IM Firewall
This chapter describes the monitoring tasks you can perform from the Web interface. The following
topics are covered:
Monitoring Tasks ............................................................................... 44
Note
For more detailed information about a specific page in the Web interface, view the online help by
clicking the question mark icon on the right side of the interface.
Monitoring the Barracuda IM Firewall 43
Monitoring Tasks
This section describes the monitoring tasks you can perform from the Web administration interface
and from the front panel of the Barracuda IM Firewall. This section covers the following topics:
Viewing Performance Statistics ......................................................... 44
Setting up Emailed System Alerts ...................................................... 44
Viewing System Tasks......................................................................... 44
Understanding the Indicator Lights................................................... 45
Viewing Performance Statistics
The BASIC > Status provides an overview of the health and performance of your Barracuda IM
Firewall, including:
•
•
•
Traffic and policy statistics, such as the amount of overall IM traffic and how many messages
have triggered a particular policy category.
The subscription status of Energize Updates.
Performance statistics, including CPU temperature and system load. Performance statistics
displayed in red signify that the value exceeds the normal threshold. These values will fluctuate
based on the amount of traffic that is being handled, but if any setting remains consistently in the
red for a long period of time, please contact Technical Support.
Setting up Emailed System Alerts
The BASIC > Administration page allows you to configure the Barracuda IM Firewall to automatically
email notifications to the addresses you specify. To enter multiple addresses, separate each address
with a comma.
System alerts notify you when:
•
•
Your Energize Update subscription is about to expire
New firmware updates are available
Viewing System Tasks
The ADVANCED > Task Manager page provides a list of tasks that are in the process of being
performed and also displays any errors encountered when performing these tasks.
Some of the tasks that the Barracuda IM Firewall tracks include:
•
•
•
User creation
Roster and LDAP synchronizations
Configuration restoration
If a task takes a long time to complete, you can click the Cancel link next to the task name and then
run the task at a later time when the system is less busy.
The Task Errors section will list an error until you manually remove it from the list. The errors are not
phased out over time.
44
Barracuda IM Firewall Administrator’s Guide
Understanding the Indicator Lights
The Barracuda IM Firewall has five indicator lights on the front panel that blink when the system
processes any message.
Figure 5.1 displays the location of each of the lights.
Figure 5.1: Indicator Lights
Table 5.1 describes each indicator light.
Table 5.1: Description of the Indicator Lights
Light
Color
Description
Red
Reserved for future use
Yellow
Reserved for future use
Traffic
Green
Blinks when the Barracuda IM Firewall processes
traffic.
Data I/O
Green
Blinks during data transfer.
Power
Green
Displays a solid green light when the system is
powered on.
Monitoring the Barracuda IM Firewall 45
46
Barracuda IM Firewall Administrator’s Guide
Chapter 6
Maintaining the Barracuda IM Firewall
This chapter provides general instructions for general maintenance of the Barracuda IM Firewall.
Maintenance Functions...................................................................... 48
Maintaining the Barracuda IM Firewall 47
Maintenance Functions
This section describes how to manage and maintain your Barracuda IM Firewall using the Web
administration interface. This section covers the following topics:
Backing up and Restoring Your System Configuration ..................... 48
Updating the Firmware of Your Barracuda IM Firewall .................. 48
Updating the Definitions from Energize Updates.............................. 49
Replacing a Failed System ................................................................ 49
Reloading, Restarting, and Shutting Down the System ..................... 49
Using the Built-in Troubleshooting Tools .......................................... 50
Rebooting the System in Recovery Mode........................................... 50
Backing up and Restoring Your System Configuration
The ADVANCED > Backup page lets you back up and restore the configuration of your Barracuda IM
Firewall. You should back up your system on a regular basis in case you need to restore this
information on a replacement Barracuda IM Firewall or in the event your current system data
becomes corrupt.
If you are restoring a backup file on a new Barracuda IM Firewall that is not configured, you need to
assign your new system an IP address and DNS information on the BASIC > IP Configuration page.
Note the following about the backup files:
•
•
•
Do not edit backup files. Any configuration changes you want to make must be done through the
Web interface. The configuration backup file contains a checksum that prevents the file from
being uploaded to the system if any changes are made.
Backup files are compressed and encrypted, so you will not be able to view or edit a backup file
in Windows WordPad or Microsoft Word. You should avoid even attempting to open up a
backup file in Windows Notepad because the file can become corrupted if it is inadvertently
saved.
The following information is not included in the backup file:
• System password
• System IP information
• DNS information
Updating the Firmware of Your Barracuda IM Firewall
The ADVANCED > Firmware Update page allows you to manually update the firmware version of the
system or revert to a previous version. The only time you should revert back to an old firmware
version is if you recently downloaded a new version that is causing unexpected problems. In this case,
call Barracuda Networks Technical Support before reverting back to a previous firmware version.
If you have the latest firmware version already installed, the Download Now button will be disabled.
Note
Always make a backup of your configuration prior to upgrading your firmware.
48
Barracuda IM Firewall Administrator’s Guide
Note
Applying a new firmware version results in a temporary loss of service. For this reason, you should
apply new firmware versions during non-busy hours.
Updating the Definitions from Energize Updates
The ADVANCED > Energize Updates page allows you to manually update the Virus, Client, and IM
Protocol definitions used on your Barracuda IM Firewall, as well as change the interval at which the
Barracuda IM Firewall checks for updates.
We recommend that the Automatically Update setting be set to Hourly so your Barracuda IM Firewall
receives the latest rules as soon as they are made available by Barracuda Central.
There are
Replacing a Failed System
Before you replace your Barracuda IM Firewall, use the tools provided on the ADVANCED >
Troubleshooting page to try to resolve the problem.
In the event that a Barracuda IM Firewall fails and you cannot resolve the issue, customers that have
purchased the Instant Replacement service can call Technical Support and arrange for a new unit to
be shipped out within 24 hours.
After receiving the new system, ship the old Barracuda IM Firewall back to Barracuda Networks at
the address below with an RMA number marked clearly on the package. Barracuda Networks
Technical Support can provide details on the best way to return the unit.
Barracuda Networks
3175 S. Winchester Blvd
Campbell, CA 95008
attn: RMA # <your RMA number>
Note
To set up the new Barracuda IM Firewall so it has the same configuration as your old failed system,
first manually configure the new system’s IP information on the BASIC > IP Configuration page,
and then restore the backup file from the old system onto the new system. For information on
restoring data, refer to Backing up and Restoring Your System Configuration on page 48.
Reloading, Restarting, and Shutting Down the System
The System Reload/Shutdown section on the BASIC > Administration page allows you to shutdown,
restart, and reload system configuration on the Barracuda IM Firewall.
Shutting down the system powers off the unit. Restarting the system reboots the unit. Reloading the
system re-applies the system configuration.
Maintaining the Barracuda IM Firewall 49
You can also reset the Barracuda IM Firewall by pressing the RESET button on the front panel of the
system. The following actions occur:
Note
•
Reboots the system
•
Resets the firmware version to the factory setting
Do not press and hold the RESET button for longer than a few seconds. Doing so changes the
IP address of the system. Pushing and holding the RESET button for eight seconds changes the
default IP address to 192.168.1.200. Holding the button for 12 seconds changes the IP address to
10.1.1.200.
Using the Built-in Troubleshooting Tools
The ADVANCED > Troubleshooting page provides various tools that help troubleshoot network
connectivity issues that may be impacting the performance of your Barracuda IM Firewall.
For example, you can test your Barracuda IM Firewall’s connection to the Barracuda Networks
update servers to make sure that it can successfully download the latest Energize Update definitions.
You can also ping other devices from the Barracuda IM Firewall, perform a traceroute from the
Barracuda IM Firewall to any another system, and other tasks.
Rebooting the System in Recovery Mode
If your Barracuda IM Firewall experiences a serious issue that impacts its core functionality, you can
use diagnostic and recovery tools that are available at the reboot menu to return your system to an
operational state.
Before you use the diagnostic and recovery tools, do the following:
•
•
•
Use the built-in troubleshooting tools on the ADVANCED > Troubleshooting page to help
diagnose the problem.
Perform a system restore from the last known good backup file.
Contact Barracuda Networks Technical Support for additional troubleshooting tips.
As a last resort, you can reboot your Barracuda IM Firewall and run a memory test or perform a
complete system recovery, as described in this section.
To perform a system recovery or hardware test:
1.
Connect a monitor and keyboard directly to your Barracuda IM Firewall.
2.
Reboot the system by doing one of the following:
• Click Restart on the BASIC > Administration page.
• Press the Power button on the front panel to turn off the system, and then press the Power
button again to turn back on the system.
The Barracuda splash screen displays with the following three boot options:
Barracuda
Recovery
Hardware_Test
3.
50
Use your keyboard to select the desired boot option, and press Enter.
Barracuda IM Firewall Administrator’s Guide
You must select the boot option within three seconds of the splash screen appearing. If you do
not select an option within three seconds, the Barracuda IM Firewall defaults to starting up in
the normal mode (first option).
For a description of each boot option, refer to Reboot Options on page 51.
Note
To stop a hardware test, reboot your Barracuda IM Firewall by pressing Ctrl-Alt-Del.
Reboot Options
Table 6.1 describes the options available at the reboot menu.
Table 6.1: Reboot Options
Reboot Options
Description
Barracuda
Starts the Barracuda IM Firewall in the normal (default) mode. This
option is automatically selected if no other option is specified within the
first three (3) seconds of the splash screen appearing.
Recovery
Displays the Recovery Console where you can select the following
options:
• Perform filesystem repair—Repairs the file system on the
Barracuda IM Firewall.
• Perform full system re-image—Restores the factory settings on
your Barracuda IM Firewall and clears out all configuration
information.
• Enable remote administration—Initiates a connection to Barracuda
Central that allows Barracuda Networks Technical Support to access
the system. Another method for enabling this toubleshooting
connection is to click Establish Connection to Barracuda
Networks on the ADVANCED >Troubleshooting page.
• Run diagnostic memory test—Runs a diagnostic memory test from
the operating system. If problems are reported when running this
option, we recommend running the Hardware_Test option next.
Hardware_Test
Performs a thorough memory test that shows most memory related
errors within a two-hour time period. The memory test is performed
outside of the operating system and can take a long time to complete.
Reboot your Barracuda IM Firewall to stop the hardware test.
Maintaining the Barracuda IM Firewall 51
52
Barracuda IM Firewall Administrator’s Guide
Chapter 7
About the Barracuda IM Firewall Hardware
This appendix provides hardware information for the Barracuda IM Firewall. The following topics
are covered:
Front Panel of the Barracuda IM Firewall ....................................... 54
Back Panel of the Barracuda IM Firewall ........................................ 56
Hardware Compliance ....................................................................... 58
About the Barracuda IM Firewall Hardware 53
Front Panel of the Barracuda IM Firewall
Figure 7.1 and Figure 7.2 illustrate the front panels for each model.
Barracuda IM Firewall 220, 320, and 420
Figure 7.1 shows the front components as described in Table 7.1.
Figure 7.1: Barracuda IM Firewall 220, 320, and 420 Front Panel
1
2
3 4 567 8 9
Table 7.1 describes the front components on the Barracuda IM Firewall 220, 320, and 420.
Table 7.1: Front Panel Descriptions
Diagram Location
54
Component Name
Description
1
WAN port
Port for WAN connection
2
LAN port
Port for LAN connection
3
Reserved for future use
4
Reserved for future use
5
Traffic
Blinks when the Barracuda IM
Firewall processes traffic.
6
Hard Disk
Displays hard disk activity
7
System Power
Displays system power
8
Reset Button
Resets the Barracuda IM
Firewall
9
Power Button
Powers on or off the Barracuda
IM Firewall
Barracuda IM Firewall Administrator’s Guide
Barracuda IM Firewall 620 and 820
Figure 7.2 shows the front components as described in Table 7.2.
Figure 7.2: Barracuda IM Firewall 620 and 820 Front Panel
2 3
1
4
7
5 6
8
9
10
11
14
13
12
15
Table 7.2 describes the front components on the Barracuda IM Firewall 620 and 820.
Table 7.2: Barracuda IM Firewall 620 and 820 Front Panel Descriptions
Diagram Location
Component Name
Description
1
Hard Disk Drive #1
Location of #1 hard disk drive
2
Hard Disk Drive Inactivity
Displays the hard disk is inactive
3
Hard Disk Drive Activity
Displays the hard disk drive is
active
4
Hard Disk Drive #2
Location of #2 hard disk drive
5
Hard Disk Drive Inactivity
Displays the hard disk is inactive
6
Hard Disk Drive Activity
Displays the hard disk drive is
active
7
Reserved for future use
8
Reserved for future use
9
Traffic
Blinks when the Barracuda IM
Firewall processes traffic.
10
WAN port
Port for WAN connection
11
Hard Disk
Displays hard disk activity
12
System Power
Displays system power
13
LAN Port
Port for LAN connection
14
Reset Button
Resets the Barracuda IM
Firewall
15
Power Button
Powers on or off the Barracuda
IM Firewall
About the Barracuda IM Firewall Hardware 55
Back Panel of the Barracuda IM Firewall
Figure 7.3 and Figure 7.4 illustrates the back panels for each model.
Barracuda IM Firewall 220, 320, and 420
Figure 7.3 shows the back components as described in Table 7.3.
Figure 7.3: Barracuda IM Firewall 220, 320, and 420 Back Panel
1
2
34
5
6
7
8
9
Table 7.3 describes the back components on the Barracuda IM Firewall 220, 320, and 420.
Table 7.3: Barracuda IM Firewall 220, 320, and 420 Back Component Descriptions
Diagram Location
56
Component Name
Description
1
Power Supply
Connection for the AC power cord; standard
power supply
2
Fan
Location of the fan
3
Mouse Port
Connection for the mouse
4
Keyboard Port
Connection for the keyboard
5
Serial Port
Connection for the serial console cable
6
Parallel Port
Connection for the parallel cable
7
Monitor Port
Connection for the monitor
8
USB Ports (4)
Connection for USB devices
9
Ethernet Port
Ethernet back port. This port is only used when
the front LAN and WAN port are in dedicated
listen-only mode.
Barracuda IM Firewall Administrator’s Guide
Barracuda IM Firewall 620 and 820
Figure 7.4 shows the back components as described in Table 7.4.
Figure 7.4: Barracuda IM Firewall 620 and 820 Back Panel
1
2
34 5
6
7
8
9
Table 7.4 describes the back components on the Barracuda IM Firewall 620 and 820.
Table 7.4: Barracuda IM Firewall 620 and 820 Back Component Descriptions
Diagram Location
Component Name
Description
1
Fan
Location of the fan
2
Power Supply
Connection for the AC power
cord; standard power supply
3
Mouse Port
Connection for the mouse
4
Keyboard Port
Connection for the keyboard
5
USB Ports (2)
Connection for USB devices
6
Serial Port
Connection for the serial console
cable
7
Monitor Port
Connection for the monitor
8
LAN Port
Connection for the LAN
9
Unused
About the Barracuda IM Firewall Hardware 57
Hardware Compliance
This section contains compliance information for the Barracuda IM Firewall hardware.
Notice for the USA
Compliance Information Statement (Declaration of Conformity Procedure) DoC FCC Part 15: This
device complies with part 15 of the FCC Rules.
Operation is subject to the following conditions:
1.
This device may not cause harmful interference, and
2.
This device must accept any interference received including interference that may cause
undesired operation. If this equipment does cause harmful interference to radio or television
reception, which can be determined by turning the equipment off and on, the user in encouraged
to try one or more of the following measures:
•
•
•
•
Reorient or relocate the receiving antenna.
Increase the separation between the equipment and the receiver.
Plug the equipment into an outlet on a circuit different from that of the receiver.
Consult the dealer on an experienced radio/ television technician for help.
Notice for Canada
This apparatus compiles with the Class B limits for radio interference as specified in the Canadian
Department of Communication Radio Interference Regulations.
Notice for Europe (CE Mark)
This product is in conformity with the Council Directive 89/336/EEC, 92/31/EEC (EMC).
58
Barracuda IM Firewall Administrator’s Guide
Appendix A
Regular Expressions
The Barracuda IM Firewall allows you to use regular expressions when creating Content Filtering
policies. Regular Expressions allow you to flexibly describe text so that a wide range of possibilities
can be matched.
When using regular expressions:
•
•
Be careful when using special characters such as |, *, '.' in your text. For more information, refer
to Using Special Characters in Expressions on page 60.
All matches are not case sensitive.
Table A.1 describes the most common regular expressions supported by the Barracuda IM Firewall.
Table A.1: Common Regular Expressions
Expression
Matches...
Operators
*
Zero or more occurrences of the character immediately preceding
+
One or more occurrences of the character immediately preceding
?
Zero or one occurrence of the character immediately preceding
|
Either of the characters on each side of the pipe
()
Characters between the parenthesis as a group
Character Classes
.
Any character except new line
[ac]
Letter 'a' or letter 'c'
[^ac]
Anything but letter 'a' or letter 'c'
[a-z]
Letters 'a' through 'z'
[a-z.]
Letters 'a' through 'z' or 'A' through 'Z' or a dot
[a-z\-]
Letters 'a' through 'z' or 'A' through 'Z' or a dash
\d
Digit, shortcut for [0-9]
[^\d]
Non-digit
\a
Digit, shortcut for [0-9]
\w
Part of word: shortcut for [A-Za-z0-9_]
[^\w]
Non-word character
Regular Expressions 59
Table A.1: Common Regular Expressions
Expression
Matches...
\s
Space character: shortcut for [ \n\r\t]
[^\s]
Non-space character
Miscellaneous
^
Beginning of line
$
End of line
\b
Word boundary
\t
Tab character
Using Special Characters in Expressions
The following characters have a special meaning in regular expressions and should be prepended by
a backward slash ( \ ) when you want them interpreted literally:
Table A.2: Special Characters
.
$
[
(
]
)
\
|
*
^
?
@
Examples
Table A.3 provides some examples to help you understand how regular expressions can be used.
Table A.3: Regular Expressions
60
Example
Matches...
viagra
viagra, VIAGRA or vIaGRa
d+
One or more digits: 0, 42, 007
(bad|good)
letters 'bad' or matches the letters 'good'
^free
letters 'free' at the beginning of a line
v[i1]agra
viagra or v1agra
v(ia|1a)gra
viagra or v1agra
v\|agra
v|agra
v(i|1|\|)?agra
vagra, viagra, v1agra or v|agra
Barracuda IM Firewall Administrator’s Guide
Table A.3: Regular Expressions
Example
Matches...
\*FREE\*
*FREE*
\*FREE\* V.*GRA
*FREE* VIAGRA, *FREE* VEHICLEGRA, etc
Regular Expressions 61
62
Barracuda IM Firewall Administrator’s Guide
Appendix B
Limited Warranty and License
Limited Warranty
Barracuda Networks, Inc., or the Barracuda Networks, Inc. subsidiary or authorized Distributor
selling the Barracuda Networks product, if sale is not directly by Barracuda Networks, Inc.,
("Barracuda Networks") warrants that commencing from the date of delivery to Customer (but in case
of resale by a Barracuda Networks reseller, commencing not more than sixty (60) days after original
shipment by Barracuda Networks, Inc.), and continuing for a period of one (1) year: (a) its products
(excluding any software) will be free from material defects in materials and workmanship under
normal use; and (b) the software provided in connection with its products, including any software
contained or embedded in such products will substantially conform to Barracuda Networks published
specifications in effect as of the date of manufacture. Except for the foregoing, the software is
provided as is. In no event does Barracuda Networks warrant that the software is error free or that
Customer will be able to operate the software without problems or interruptions. In addition, due to
the continual development of new techniques for intruding upon and attacking networks, Barracuda
Networks does not warrant that the software or any equipment, system or network on which the
software is used will be free of vulnerability to intrusion or attack. The limited warranty extends only
to you the original buyer of the Barracuda Networks product and is non-transferable.
Exclusive Remedy
Your sole and exclusive remedy and the entire liability of Barracuda Networks under this limited
warranty shall be, at Barracuda Networks or its service centers option and expense, the repair,
replacement or refund of the purchase price of any products sold which do not comply with this
warranty. Hardware replaced under the terms of this limited warranty may be refurbished or new
equipment substituted at Barracuda Networks option. Barracuda Networks obligations hereunder are
conditioned upon the return of affected articles in accordance with Barracuda Networks then-current
Return Material Authorization ("RMA") procedures. All parts will be new or refurbished, at
Barracuda Networks discretion, and shall be furnished on an exchange basis. All parts removed for
replacement will become the property of the Barracuda Networks. In connection with warranty
services hereunder, Barracuda Networks may at its discretion modify the hardware of the product at
no cost to you to improve its reliability or performance. The warranty period is not extended if
Barracuda Networks repairs or replaces a warranted product or any parts. Barracuda Networks may
change the availability of limited warranties, at its discretion, but any changes will not be retroactive.
IN NO EVENT SHALL BARRACUDA NETWORKS LIABILITY EXCEED THE PRICE PAID
FOR THE PRODUCT FROM DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR
CONSEQUENTIAL DAMAGES RESULTING FROM THE USE OF THE PRODUCT, ITS
ACCOMPANYING SOFTWARE, OR ITS DOCUMENTATION.
Limited Warranty and License 63
Exclusions and Restrictions
This limited warranty does not apply to Barracuda Networks products that are or have been (a)
marked or identified as "sample" or "beta," (b) loaned or provided to you at no cost, (c) sold "as is,"
(d) repaired, altered or modified except by Barracuda Networks, (e) not installed, operated or
maintained in accordance with instructions supplied by Barracuda Networks, or (f) subjected to
abnormal physical or electrical stress, misuse, negligence or to an accident.
EXCEPT FOR THE ABOVE WARRANTY, BARRACUDA NETWORKS MAKES NO OTHER
WARRANTY, EXPRESS, IMPLIED OR STATUTORY, WITH RESPECT TO BARRACUDA
NETWORKS PRODUCTS, INCLUDING WITHOUT LIMITATION ANY IMPLIED
WARRANTY OF TITLE, AVAILABILITY, RELIABILITY, USEFULNESS,
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR
ARISING FROM COURSE OF PERFORMANCE, DEALING, USAGE OR TRADE. EXCEPT
FOR THE ABOVE WARRANTY, BARRACUDA NETWORKS PRODUCTS AND THE
SOFTWARE IS PROVIDED "AS IS" AND BARRACUDA NETWORKS DOES NOT WARRANT
THAT ITS PRODUCTS WILL MEET YOUR REQUIREMENTS OR BE UNINTERRUPTED,
TIMELY, AVAILABLE, SECURE OR ERROR-FREE, OR THAT ANY ERRORS IN ITS
PRODUCTS OR THE SOFTWARE WILL BE CORRECTED. FURTHERMORE, BARRACUDA
NETWORKS DOES NOT WARRANT THAT BARRACUDA NETWORKS PRODUCTS, THE
SOFTWARE OR ANY EQUIPMENT, SYSTEM OR NETWORK ON WHICH BARRACUDA
NETWORKS PRODUCTS WILL BE USED WILL BE FREE OF VULNERABILITY TO
INTRUSION OR ATTACK.
Software License
PLEASE READ THIS SOFTWARE LICENSE AGREEMENT ("AGREEMENT") CAREFULLY
BEFORE USING THE BARRACUDA SOFTWARE. BY USING THE BARRACUDA
SOFTWARE YOU ARE AGREEING TO BE BOUND BY THE TERMS OF THIS LICENSE. IF
YOU DO NOT AGREE TO THE TERMS OF THIS LICENSE DO NOT USE THE SOFTWARE.
IF YOU DO NOT AGREE TO THE TERMS OF THIS LICENSE YOU MAY RETURN THE
SOFTWARE OR HARDWARE CONTAINING THE SOFTWARE FOR A FULL REFUND TO
YOUR PLACE OF PURCHASE.
1. The software, documentation, whether on disk, in read only memory, or on any other media or in
any other form (collectively "Barracuda Software") is licensed, not sold, to you by Barracuda
Networks, Inc. ("Barracuda") for use only under the terms of this License and Barracuda reserves all
rights not expressly granted to you. The rights granted are limited to Barracuda's intellectual property
rights in the Barracuda Software and do not include any other patent or intellectual property rights.
You own the media on which the Barracuda Software is recorded but Barracuda retains ownership of
the Barracuda Software itself.
2. Permitted License Uses and Restrictions. This License allows you to use the Software only on the
single Barracuda labeled hardware device on which the software was delivered. You may not make
copies of the Software and you may not make the Software available over a network where it could
be utilized by multiple devices or copied. You may not make a backup copy of the Software. You
may not modify or create derivative works of the Software except as provided by the Open Source
Licenses included below. The BARRACUDA SOFTWARE IS NOT INTENDED FOR USE IN
THE OPERATION OF NUCLEAR FACILITIES, AIRCRAFT NAVIGATION OR
COMMUNICATION SYSTEMS, LIFE SUPPORT MACHINES, OR OTHER EQUIPEMENT IN
WHICH FAILURE COULD LEAD TO DEATH, PERSONAL INJURY, OR ENVIRONMENTAL
DAMAGE.
64
Barracuda IM Firewall Administrator’s Guide
3. You may not transfer, rent, lease, lend, or sublicense the Barracuda Software.
4. This License is effective until terminated. This License is automatically terminated without notice
if you fail to comply with any term of the License. Upon termination you must destroy or return all
copies of the Barracuda Software.
5. YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT THE USE OF THE BARRACUDA
SOFTWARE IS AT YOUR OWN RISK AND THAT THE ENTIRE RISK AS TO
SATISFACTION, QUALITY, PERFORMANCE, AND ACCURACY IS WITH YOU. THE
BARRACUDA SOFTWARE IS PROVIDED "AS IS" WITH ALL FAULTS AND WITHOUT
WARRANTY OF ANY KIND, AND BARRACUDA HEREBY DISCLAIMS ALL WARRANTIES
AND CONDITIONS WITH RESPECT TO THE BARRACUDA SOFTWARE, EITHER
EXPRESSED OR IMPLIED OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES AND/OR CONDITIONS OF MERCHANTIBILITY, OF
SATISFACTORY QUALITY, OF FITNESS FOR ANY APPLICATION, OF ACCURACY, AND
OF NON-INFRINGEMENT OF THIRD PARTY RIGHTS. BARRACUDA DOES NOT
WARRANT THE CONTINUED OPERATION OF THE SOFTWARE, THAT THE
PERFORMANCE WILL MEET YOUR EXPECTATIONS, THAT THE FUNCTIONS WILL
MEET YOUR REQUIREMENTS, THAT THE OPERATION WILL BE ERROR FREE OR
CONTINUOUS, OR THAT DEFECTS WILL BE CORRECTED. NO ORAL OR WRITTEN
INFORMATION GIVEN BY BARRACUDA OR AUTHORIZED BARRACUDA
REPRESENTATIVE SHALL CREATE A WARRANTY. SHOULD THE BARRACUDA
SOFTWARE PROVE DEFECTIVE, YOU ASSUME THE ENTIRE COST OF ALL NECESSARY
SERVICING, REPAIR, OR CORRECTION.
6. License. YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT YOU WILL PROVIDE
AN UNLIMITED ZERO COST LICENSE TO BARRACUDA FOR ANY PATENTS OR OTHER
INTELLECTUAL PROPERTY RIGHTS UTILIZED IN THE BARRACUDA SOFTWARE
WHICH YOU EITHER OWN OR CONTROL.
7. Limitation of Liability. TO THE EXTENT NOT PROHIBITED BY LAW, IN NO EVENT
SHALL BARRACUDA BE LIABLE FOR PERSONAL INJURY OR ANY INCIDENTAL
SPECIAL, INDIRECT, OR CONSEQUENTIAL DAMAGES WHATSOEVER, INCLUDING,
WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, LOSS OF DATA, BUSINESS
INTERRUPTION, OR ANY OTHER COMMERCIAL DAMAGES OR LOSSES, ARISING OUT
OF OR RELATED TO YOUR ABILITY TO USE OR INABILITY TO USE THE BARRACUDA
SOFTWARE HOWEVER CAUSED, REGARDLESS OF THE THEORY OF LIABILITY AND
EVEN IF BARRACUDA HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES. In no
event shall Barracuda's total liability to you for all damages exceed the amount of one hundred dollars.
8. Export Control. You may not use or otherwise export or re-export Barracuda Software except as
authorized by the United States law and the laws of the jurisdiction where the Barracuda Software
was obtained.
Energize Update Software License
PLEASE READ THIS ENERGIZE UPDATE SOFTWARE LICENSE CAREFULLY BEFORE
DOWNLOADING, INSTALLING OR USING BARRACUDA NETWORKS OR BARRACUDA
NETWORKS-SUPPLIED ENERGIZE UPDATE SOFTWARE.
BY DOWNLOADING OR INSTALLING THE ENERGIZE UPDATE SOFTWARE, OR USING
THE EQUIPMENT THAT CONTAINS THIS SOFTWARE, YOU ARE CONSENTING TO BE
BOUND BY THIS LICENSE. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS
LICENSE, THEN (A) DO NOT DOWNLOAD, INSTALL OR USE THE SOFTWARE, AND (B)
Limited Warranty and License 65
YOU MAY RETURN THE SOFTWARE FOR A FULL REFUND, OR, IF THE SOFTWARE IS
SUPPLIED AS PART OF ANOTHER PRODUCT, YOU MAY RETURN THE ENTIRE
PRODUCT FOR A FULL REFUND. YOUR RIGHT TO RETURN AND REFUND EXPIRES 30
DAYS AFTER PURCHASE FROM BARRACUDA NETWORKS OR AN AUTHORIZED
BARRACUDA NETWORKS RESELLER, AND APPLIES ONLY IF YOU ARE THE ORIGINAL
PURCHASER.
The following terms govern your use of the Energize Update Software except to the extent a particular
program (a) is the subject of a separate written agreement with Barracuda Networks or (b) includes a
separate "click-on" license agreement as part of the installation and/or download process. To the
extent of a conflict between the provisions of the foregoing documents, the order of precedence shall
be (1) the written agreement, (2) the click-on agreement, and (3) this Energize Update Software
License.
License. Subject to the terms and conditions of and except as otherwise provided in this Agreement,
Barracuda Networks, Inc., or a Barracuda Networks, Inc. subsidiary (collectively "Barracuda
Networks"), grants to the end-user ("Customer") a nonexclusive and nontransferable license to use
the Barracuda Networks Energize Update program modules and data files for which Customer has
paid the required license fees (the "Energize Update Software"). In addition, the foregoing license
shall also be subject to the following limitations, as applicable:
Unless otherwise expressly provided in the documentation, Customer shall use the Energize Update
Software solely as embedded in, for execution on, or (where the applicable documentation permits
installation on non-Barracuda Networks equipment) for communication with Barracuda Networks
equipment owned or leased by Customer; Customer's use of the Energize Update Software shall be
limited to use on a single hardware chassis, on a single central processing unit, as applicable, or use
on such greater number of chassis or central processing units as Customer may have paid Barracuda
Networks the required license fee; and Customer's use of the Energize Update Software shall also be
limited, as applicable and set forth in Customer's purchase order or in Barracuda Networks' product
catalog, user documentation, or web site, to a maximum number of (a) seats (i.e. users with access to
the installed Energize Update Software), (b) concurrent users, sessions, ports, and/or issued and
outstanding IP addresses, and/or (c) central processing unit cycles or instructions per second.
Customer's use of the Energize Update Software shall also be limited by any other restrictions set
forth in Customer's purchase order or in Barracuda Networks' product catalog, user documentation or
web site for the Energize Update Software.
General Limitations. Except as otherwise expressly provided under this Agreement, Customer shall
have no right, and Customer specifically agrees not to:
i.
transfer, assign or sublicense its license rights to any other person, or use the Energize
Update Software on unauthorized or secondhand Barracuda Networks equipment, and any
such attempted transfer, assignment or sublicense shall be void;
ii.
make error corrections to or otherwise modify or adapt the Energize Update Software or
create derivative works based upon the Energize Update Software, or to permit third parties
to do the same; or
iii. decompile, decrypt, reverse engineer, disassemble or otherwise reduce the Energize Update
Software to human-readable form to gain access to trade secrets or confidential
information in the Energize Update Software.
Upgrades and Additional Copies. For purposes of this Agreement, "Energize Update Software" shall
include (and the terms and conditions of this Agreement shall apply to) any Energize Update
upgrades, updates, bug fixes or modified versions (collectively, "Upgrades") or backup copies of the
Energize Update Software licensed or provided to Customer by Barracuda Networks or an authorized
distributor/reseller for which Customer has paid the applicable license fees. NOTWITHSTANDING
ANY OTHER PROVISION OF THIS AGREEMENT: (1) CUSTOMER HAS NO LICENSE OR
RIGHT TO USE ANY SUCH ADDITIONAL COPIES OR UPGRADES UNLESS CUSTOMER,
66
Barracuda IM Firewall Administrator’s Guide
AT THE TIME OF ACQUIRING SUCH COPY OR UPGRADE, ALREADY HOLDS A VALID
LICENSE TO THE ORIGINAL ENERGIZE UPDATE SOFTWARE AND HAS PAID THE
APPLICABLE FEE FOR THE UPGRADE; (2) USE OF UPGRADES IS LIMITED TO
BARRACUDA NETWORKS EQUIPMENT FOR WHICH CUSTOMER IS THE ORIGINAL END
USER PURCHASER OR LESSEE OR WHO OTHERWISE HOLDS A VALID LICENSE TO USE
THE ENERGIZE UPDATE SOFTWARE WHICH IS BEING UPGRADED; AND (3) USE OF
ADDITIONAL COPIES IS LIMITED TO BACKUP PURPOSES ONLY.
Energize Update Changes. Barracuda Networks reserves the right at any time not to release or to
discontinue release of any Energize Update Software and to alter prices, features, specifications,
capabilities, functions, licensing terms, release dates, general availability or other characteristics of
any future releases of the Energize Update Software.
Proprietary Notices. Customer agrees to maintain and reproduce all copyright and other proprietary
notices on all copies, in any form, of the Energize Update Software in the same form and manner that
such copyright and other proprietary notices are included on the Energize Update Software. Except
as expressly authorized in this Agreement, Customer shall not make any copies or duplicates of any
Energize Update Software without the prior written permission of Barracuda Networks. Customer
may make such backup copies of the Energize Update Software as may be necessary for Customer's
lawful use, provided Customer affixes to such copies all copyright, confidentiality, and proprietary
notices that appear on the original.
Protection of Information. Customer agrees that aspects of the Energize Update Software and
associated documentation, including the specific design and structure of individual programs,
constitute trade secrets and/or copyrighted material of Barracuda Networks. Customer shall not
disclose, provide, or otherwise make available such trade secrets or copyrighted material in any form
to any third party without the prior written consent of Barracuda Networks. Customer shall implement
reasonable security measures to protect and maintain the confidentiality of such trade secrets and
copyrighted material. Title to Energize Update Software and documentation shall remain solely with
Barracuda Networks.
Indemnity. Customer agrees to indemnify, hold harmless and defend Barracuda Networks and its
affiliates, subsidiaries, officers, directors, employees and agents at Customers expense, against any
and all third-party claims, actions, proceedings, and suits and all related liabilities, damages,
settlements, penalties, fines, costs and expenses (including, without limitation, reasonable attorneys
fees and other dispute resolution expenses) incurred by Barracuda Networks arising out of or relating
to Customers (a) violation or breach of any term of this Agreement or any policy or guidelines
referenced herein, or (b) use or misuse of the Barracuda Networks Energize Update Software.
Term and Termination. This License is effective upon date of delivery to Customer of the initial
Energize Update Software (but in case of resale by a Barracuda Networks distributor or reseller,
commencing not more than sixty (60) days after original Energize Update Software purchase from
Barracuda Networks) and continues for the period for which Customer has paid the required license
fees. Customer may terminate this License at any time by notifying Barracuda Networks and ceasing
all use of the Energize Update Software. By terminating this License, Customer forfeits any refund
of license fees paid and is responsible for paying any and all outstanding invoices. Customer's rights
under this License will terminate immediately without notice from Barracuda Networks if Customer
fails to comply with any provision of this License. Upon termination, Customer must cease use of all
copies of Energize Update Software in its possession or control.
Export. Software, including technical data, may be subject to U.S. export control laws, including the
U.S. Export Administration Act and its associated regulations, and may be subject to export or import
regulations in other countries. Customer agrees to comply strictly with all such regulations and
acknowledges that it has the responsibility to obtain licenses to export, re-export, or import Energize
Update Software.
Limited Warranty and License 67
Restricted Rights. Barracuda Networks' commercial software and commercial computer software
documentation is provided to United States Government agencies in accordance with the terms of this
Agreement, and per subparagraph "(c)" of the "Commercial Computer Software - Restricted Rights"
clause at FAR 52.227-19 (June 1987). For DOD agencies, the restrictions set forth in the "Technical
Data-Commercial Items" clause at DFARS 252.227-7015 (Nov 1995) shall also apply.
No Warranty. The Energize Update Software is provided AS IS. Customer's sole and exclusive
remedy and the entire liability of Barracuda Networks under this Energize Update Software License
Agreement will be, at Barracuda Networks option, repair, replacement, or refund of the Energize
Update Software.
Renewal. At the end of the Energize Update Service Period, Customer may have the option to renew
the Energize Update Service at the current list price, provided such Energize Update Service is
available. All initial subscriptions commence at the time of sale of the unit and all renewals
commence at the expiration of the previous valid subscription.
In no event does Barracuda Networks warrant that the Energize Update Software is error free or that
Customer will be able to operate the Energize Update Software without problems or interruptions. In
addition, due to the continual development of new techniques for intruding upon and attacking
networks, Barracuda Networks does not warrant that the Energize Update Software or any equipment,
system or network on which the Energize Update Software is used will be free of vulnerability to
intrusion or attack.
DISCLAIMER OF WARRANTY. ALL EXPRESS OR IMPLIED CONDITIONS,
REPRESENTATIONS, AND WARRANTIES INCLUDING, WITHOUT LIMITATION, ANY
IMPLIED WARRANTY OR CONDITION OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE, NONINFRINGEMENT, SATISFACTORY QUALITY OR ARISING
FROM A COURSE OF DEALING, LAW, USAGE, OR TRADE PRACTICE, ARE HEREBY
EXCLUDED TO THE EXTENT ALLOWED BY APPLICABLE LAW. TO THE EXTENT AN
IMPLIED WARRANTY CANNOT BE EXCLUDED, SUCH WARRANTY IS LIMITED IN
DURATION TO THE WARRANTY PERIOD. BECAUSE SOME STATES OR JURISDICTIONS
DO NOT ALLOW LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY LASTS, THE
ABOVE LIMITATION MAY NOT APPLY TO YOU. THIS WARRANTY GIVES YOU SPECIFIC
LEGAL RIGHTS, AND YOU MAY ALSO HAVE OTHER RIGHTS WHICH VARY FROM
JURISDICTION TO JURISDICTION.
General Terms Applicable to the Energize Update Software License Disclaimer of Liabilities. IN NO
EVENT WILL BARRACUDA NETWORKS BE LIABLE FOR ANY LOST REVENUE, PROFIT,
OR DATA, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL, OR PUNITIVE
DAMAGES HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY
ARISING OUT OF THE USE OF OR INABILITY TO USE THE ENERGIZE UPDATE
SOFTWARE EVEN IF BARRACUDA NETWORKS OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. In no event shall Barracuda Networks'
liability to Customer, whether in contract, tort (including negligence), or otherwise, exceed the price
paid by Customer. BECAUSE SOME STATES OR JURISDICTIONS DO NOT ALLOW
LIMITATION OR EXCLUSION OF CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE
ABOVE LIMITATION MAY NOT APPLY TO YOU.
This Energize Update Software License shall be governed by and construed in accordance with the
laws of the State of California, without reference to principles of conflict of laws, provided that for
Customers located in a member state of the European Union, Norway or Switzerland, English law
shall apply. The United Nations Convention on the International Sale of Goods shall not apply. If any
portion hereof is found to be void or unenforceable, the remaining provisions of the Energize Update
Software License shall remain in full force and effect. Except as expressly provided herein, the
Energize Update Software License constitutes the entire agreement between the parties with respect
to the license of the Energize Update Software and supersedes any conflicting or additional terms
contained in the purchase order.
68
Barracuda IM Firewall Administrator’s Guide
Open Source Licensing
Barracuda products may include programs that are covered by the GNU General Public License
(GPL) or other "open source" license agreements. The GNU license is re-printed below for you
reference. These programs are copyrighted by their authors or other parties, and the authors and
copyright holders disclaim any warranty for such programs. Other programs are copyright by
Barracuda Networks.
GNU GENERAL PUBLIC LICENSE, (GPL) Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.
51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing
it is not allowed.
Preamble
The licenses for most software are designed to take away your freedom to share and change it.
contrast, the GNU General Public
By
License is intended to guarantee your freedom to share and change free software--to make sure the
software is free for all its users. This General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to using it. (Some other Free
Software Foundation software is covered by the GNU Library General Public License instead.) You can
apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public Licenses
are designed to make sure that you have the freedom to distribute copies of free software (and charge
for this service if you wish), that you receive source code or can get it if you want it, that you can
change the software or use pieces of it in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or
to ask you to surrender the rights. These restrictions translate to certain responsibilities for you
if you distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whethergratis or for a fee, you must give the
recipients all the rights that you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their rights.
We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which
gives you legal permission to copy, distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain that everyone understands that
there is no warranty for this free software. If the software is modified by someone else and passed
on, we want its recipients to know that what they have is not the original, so that any problems
introduced by others will not reflect on the original authors' reputations.
Finally, any free program is threatened constantly by software patents. We wish to avoid the danger
that redistributors of a free program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any patent must be licensed for
everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and modification follow.
GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains a notice placed by the copyright
holder saying it may be distributed under the terms of this General Public License. The "Program",
below, refers to any such program or work, and a "work based on the Program" means either the Program
or any derivative work under copyright law: that is to say, a work containing the Program or a portion
of it, either verbatim or with modifications and/or translated into another language. (Hereinafter,
translation is included without limitation in the term "modification".) Each licensee is addressed
as "you".
Activities other than copying, distribution and modification are not covered by this License; they are
outside its scope. The act of running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the Program (independent of having been
made by running the Program). Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any
medium, provided that you conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License
and to the absence of any warranty; and give any other recipients of the Program a copy of this
License along with the Program.
You may charge a fee for the physical act of transferring a copy, and you may at your option offer
warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based
on the Program, and copy and distribute such modifications or work under the terms of Section 1 above,
provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices stating that you changed the files
and the date of any change.
b) You must cause any work that you distribute or publish, that in whole or in part contains or
is derived from the Program or any part thereof, to be licensed as a whole at no charge to all
third parties under the terms of this License.
Limited Warranty and License 69
c) If the modified program normally reads commands interactively when run, you must cause it,
when started running for such interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a notice that there is no warranty (or
else, saying that you provide a warranty) and that users may redistribute the program under these
conditions, and telling the user how to view a copy of this License. (Exception: if the Program
itself is interactive but does not normally print such an announcement, your work based on the
Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If identifiable sections of that work are
not derived from the Program, and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those sections when you distribute them
as separate works. But when you distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of this License, whose permissions
for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote
it.
Thus, it is not the intent of this section to claim rights or contest your rights to work written
entirely by you; rather, the intent is to exercise the right to control the distribution of derivative
or collective works based on the Program.
In addition, mere aggregation of another work not based on the Program with the Program (or with a
work based on the Program) on a volume of a storage or distribution medium does not bring the other
work under the scope of this License.
3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or
executable form under the terms of Sections 1 and 2 above provided that you also do one of the
following:
a) Accompany it with the complete corresponding machine-readable source code, which must be
distributed under the terms of Sections 1 and 2 above on a medium customarily used for software
interchange; or,
b) Accompany it with a written offer, valid for at least three years, to give any third party, for
a charge no more than your cost of physically performing source distribution, a complete machinereadable copy of the corresponding source code, to be distributed under the terms of Sections 1 and
2 above on a medium customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer to distribute corresponding
source code. (This alternative is allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such an offer, in accord with Subsection
b above.)
The source code for a work means the preferred form of the work for making modifications to it. For
an executable work, complete source code means all the source code for all modules it contains, plus
any associated interface definition files, plus the scripts used to control compilation and
installation of the executable. However, as a special exception, the source code distributed need not
include anything that is normally distributed (in either source or binary form) with the major
components (compiler, kernel, and so on) of the operating system on which the executable runs, unless
that component itself accompanies the executable.
If distribution of executable or object code is made by offering access to copy from a designated
place, then offering equivalent access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not compelled to copy the source along
with the object code.
4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under
this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void,
and will automatically terminate your rights under this License. However, parties who have received
copies, or rights, from you under this License will not have their licenses terminated so long as
such parties remain in full compliance.
5. You are not required to accept this License, since you have not signed it. However, nothing else
grants you permission to modify or distribute the Program or its derivative works. These actions
are prohibited by law if you do not accept this License. Therefore, by modifying or distributing
the Program (or any work based on the Program), you indicate your acceptance of this License to do
so, and all its terms and conditions for copying, distributing or modifying the Program or works
based on it.
6. Each time you redistribute the Program (or any work based on the Program), the recipient
automatically receives a license from the original licensor to copy, distribute or modify the Program
subject to these terms and conditions. You may not impose any further restrictions on the recipients'
exercise of the rights granted herein. You are not responsible for enforcing compliance by third
parties to this License.
7. If, as a consequence of a court judgment or allegation of patent infringement or for any other
reason (not limited to patent issues), conditions are imposed on you (whether by court order,
agreement or otherwise) that contradict the conditions of this License, they do not excuse you from
the conditions of this License. If you cannot distribute so as to satisfy simultaneously your
obligations under this License and any other pertinent obligations, then as a consequence you may
not distribute the Program at all. For example, if a patent license would not permit royalty-free
redistribution of the Program by all those who receive copies directly or indirectly through you,
then the only way you could satisfy both it and this License would be to refrain entirely from
distribution of the Program.
If any portion of this section is held invalid or unenforceable under any particular circumstance, the
balance of the section is intended to apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any patents or other property right
claims or to contest validity of any such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is implemented by public license practices.
Many people have made generous contributions to the wide range of software distributed through that
system in reliance on consistent application of that system; it is up to the author/donor to decide
70
Barracuda IM Firewall Administrator’s Guide
if he or she is willing to distribute software through any other system and a licensee cannot impose
that choice.
This section is intended to make thoroughly clear what is believed to be a consequence of the rest of
this License.
8. If the distribution and/or use of the Program is restricted in certain countries either by patents
or by copyrighted interfaces, the original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding those countries, so that
distribution is permitted only in or among countries not thus excluded. In such case, this License
incorporates the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions of the General Public License
from time to time. Such new versions will be similar in spirit to the present version, but may differ
in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies a version number of
this License which applies to it and "any later version", you have the option of following the terms
and conditions either of that version or of any later version published by the Free Software Foundation.
If the Program does not specify a version number of this License, you may choose any version ever
published by the Free Software Foundation.
10. If you wish to incorporate parts of the Program into other free programs whose distribution
conditions are different, write to the author to ask for permission. For software which is
copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals of preserving the free status
of all derivatives of our free software and of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT
PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER,
OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO
YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF
THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE
WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software
which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion
of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found.
one line to give the program's name and an idea of what it does.
Copyright (C) yyyy
name of author
This program is free software; you can redistribute it and/or modify it under the terms of the GNU
General Public License as published by the Free Software Foundation; either version 2 of the License,
or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not,
write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) 19yy name of author Gnomovision comes with ABSOLUTELY NO
WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use
may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary.
Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes
passes at compilers) written by James Hacker.
signature of Ty Coon, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Library General Public
License instead of this License.
Limited Warranty and License 71
Barracuda Products may contain programs that are copyright (c)1995-2005 International Business Machines Corporation and others. All rights reserved.
These programs are covered by the following License:
"Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to
deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the
Software, and to permit persons to whom the Software is furnished to do so, provided that the above copyright notice(s) and this permission notice appear
in all copies of the Software and that both the above copyright notice(s) and this permission notice appear in supporting documentation."
Barracuda Products may include programs that are covered by the BSD License: "Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE."
Barracuda Products may include the libspf library which is Copyright (c) 2004 James Couzens & Sean Comeau All rights reserved. It is covered by the
following agreement: Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following
conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2.
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS MAKING USE OF THIS LICENSE OR ITS
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Barracuda Products may contain programs that are Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved. Redistribution and use in
source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code
must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. The
name "Carnegie Mellon University" must not be used to endorse or promote products derived from this software without prior written permission. For
permission or any other legal details, please contact Office of Technology Transfer Carnegie Mellon University 5000 Forbes Avenue Pittsburgh, PA
15213-3890 (412) 268-4387, fax: (412) 268-7395 tech-transfer@andrew.cmu.edu .Redistributions of any form whatsoever must retain the following
acknowledgment: "This product includes software developed by Computing Services at Carnegie Mellon University
(http://www.cmu.edu/computing/)." CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS
SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL CARNEGIE
MELLON UNIVERSITY BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
Barracuda products may include programs that are covered by the Apache License or other Open Source license agreements. The Apache license is reprinted below for you reference. These programs are copyrighted by their authors or other parties, and the authors and copyright holders disclaim any
warranty for such programs. Other programs are copyright by Barracuda Networks.
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction, and distribution as defined by
Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting
the License.
"Legal Entity" shall mean the union of the acting entity and all other entities that control, are
controlled by, or are under common control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the direction or management of such entity,
whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding
shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this
License.
"Source" form shall mean the preferred form for making modifications, including but not limited to
software source code, documentation source, and configuration files.
"Object" form shall mean any form resulting from mechanical transformation or translation of a Source
form, including but not limited to compiled object code, generated documentation, and conversions to
other media types.
"Work" shall mean the work of authorship, whether in Source or Object form, made available under the
License, as indicated by a copyright notice that is included in or attached to the work (an example
is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived
from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes of this License, Derivative
Works shall not include works that remain separable from, or merely link (or bind by name) to the
interfaces of, the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including the original version of the Work and any
modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted
to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity
authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted"
72
Barracuda IM Firewall Administrator’s Guide
means any form of electronic, verbal, or written communication sent to the Licensor or its
representatives, including but not limited to communication on electronic mailing lists, source code
control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the
purpose of discussing and improving the Work, but excluding communication that is conspicuously marked
or otherwise designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution
has been received by Licensor and subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor
hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform,
sublicense, and distribute the Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor
hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made, use, offer to sell, sell, import,
and otherwise transfer the Work, where such license applies only to those patent claims licensable by
such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of
their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute
patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging
that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent
infringement, then any patent licenses granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in
any medium, with or without modifications, and in Source or Object form, provided that You meet the
following conditions:
(a) You must give any other recipients of the Work or Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright,
patent, trademark, and attribution notices from the Source form of the Work, excluding those notices
that do not pertain to any part of the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works
that You distribute must include a readable copy of the attribution notices contained within such
NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at
least one of the following places: within a NOTICE text file distributed as part of the Derivative
Works; within the Source form or documentation, if provided along with the Derivative Works; or, within
a display generated by the Derivative Works, if and wherever such third-party notices normally appear.
The contents of the NOTICE file are for informational purposes only and do not modify the License. You
may add Your own attribution notices within Derivative Works that You distribute, alongside or as an
addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot
be construed as modifying the License.
You may add Your own copyright statement to Your modifications and may provide additional or different
license terms and conditions for use, reproduction, or distribution of Your modifications, or for any
such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work
otherwise complies with the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally
submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions. Notwithstanding the above, nothing herein
shall supersede or modify the terms of any separate license agreement you may have executed with
Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade names, trademarks, service
marks, or product names of the Licensor, except as required for reasonable and customary use in
describing the origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides
the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR
CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or
conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are
solely responsible for determining the appropriateness of using or redistributing the Work and assume
any risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory, whether in tort (including
negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including
any direct, indirect, special, incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the Work (including but not limited to
damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other
commercial damages or losses), even if such Contributor has been advised of the possibility of such
damages.
9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works
thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this License. However, in accepting such
obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any
other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for
any liability incurred by, or claims asserted against, such Contributor by reason of your accepting
any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following boilerplate notice, with the fields
enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!)
The text should be enclosed in the appropriate comment syntax for the file format. We also recommend
Limited Warranty and License 73
that a file or class name and description of purpose be included on the same "printed page" as the
copyright notice for easier identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in
compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is
distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied. See the License for the specific language governing permissions and limitations under the
License.
Source Code Availability
Per the GPL and other "open source" license agreements the complete machine readable source code for programs covered by the GPL or other "open
source" license agreements is available from Barracuda Networks at no charge. If you would like a copy of the source code or the changes to a particular
program we will gladly provide them, on a CD, for a fee of $100.00. This fee is to pay for the time for a Barracuda Networks engineer to assemble the
changes and source code, create the media, package the media, and mail the media. Please send a check payable in USA funds and include the program
name. We will mail the packaged source code for any program covered under the GPL or other "open source" license.
74
Barracuda IM Firewall Administrator’s Guide
Index
A
Active Directory 33
administration interface
logging in 23
administration interface, SSL 29
ADVANCED tab 34
Appearance 28
Backup 48
Energize Updates 25, 49
Firmware Update 25, 48
Secure Administration 28, 29
Task Manager 44
Troubleshooting 49, 50, 51
alerts
emailed 44
B
back panel details 56
Barracuda IM Firewall
configuring 23
installing 20
managing 48
monitoring 44
BASIC tab
Administration 23, 28, 34, 44, 49, 50
IP Configuration 23, 34, 48, 49
Status 24, 25, 44
C
Certificate Generation 29
Certificate Type 29
certificates 29
character tags 63
configuring, Barracuda IM Firewall 23
conversations 16
Creating Client Groups 36
Creating Rosters 36
Current Client Version 40
D
Default (Barracuda Networks) certificates 29
Index - 75
definitions
updating 25
Department field 36
diagnostic memory test 51
Disclaimer 39
DOMAINS tab
Directory Services 33, 36
Domain Manager 26, 32
E
Editing Rosters 37
equipment, required 20, 21
Extensible Messaging and Presence Protocol (XMPP) 16
External Directory Server 33
F
failed system, replacing 49
firewall, configuring 22
front panel details 54
H
hardware compliance information 58
hardware test 51
I
IM protocols 16
indicator lights 45
installing, Barracuda IM Firewall 20
IP address, setting 21
J
Jabber 16
K
Keyword Notifications 40
L
LDAP 33
LDAP groups 36
LDAP Synchronization 36
LEDs (on front panel) 45
lights (on front panel) 45
LOGS/REPORTS tab
Daily Reports 41
Message Log 27, 41
Presence Log 41
M
Message Log page 41
Modify Roster 37
monitoring
message log 41
N
network planning 18
network time protocol 23
NTP 23
P
POLICY tab
File Transfer Access 39
Public IM Access 39
Server Filtering 40
Preview Roster 38
Private (self-signed) certificates 29
R
reboot options 50
recovery mode 50
regular expressions, about 59
re-imaging system 51
remote administration 51
repairing, file system 51
replacing failed system 49
RESET button, using 50
S
Sending out Rosters 36
SSL Certificate Configuration 29
SSL certificates 29
SSL-only access 29
subscription
activating 25
status 24
Synchronize Groups Now 36, 37
T
TCP ports 22
testing memory 51
time zone 28
transports 16
76 -
Treat “Department” as an LDAP group 36
Trusted (signed by a trusted CA) certificates 29
Trusted Certificates 29
U
UDP ports 22
USERS tab
Account View 24, 33
Accounts View 34
Client Configuration 26, 32, 33, 39, 40
Roster Creation 36, 37
User Add/Update 26, 32
User Rollout 32, 33, 35
X
XMPP 16
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising