When the low bid gets the contract, things can turn out other than planned—such as when a Chinese chip being used in US military devices turns out to have a backdoor. Remote parties could reprogram or disable it without the user being aware of anything being amiss—at least, until it was too late. Admittedly, this backdoor (and similar ones) could be something less sinister: it could just be a set of debugging routines that someone neglected to remove from the finished product. But, the result is the same.
Likewise, Barracuda Networks offers a range of email security products, both as plug-in hardware appliances and as hosted services in the cloud—but problems can appear upon close examination. That’s not to say that using Barracuda isn’t vastly superior to using no protection at all; however, when looking at spam filtering. three problems may come with it.
1. Nagging Security Questions
In 2013 the Barracuda hardware appliance solution was, like the previously mentioned Chinese chip, found to have a hard-coded, undocumented backdoor that allowed remote access and control. The devices were built with an access point that allowed Barracuda’s tech support department to access the device without explicit permission from its owner or administrator. By extension, that meant there was nothing to stop anyone in the rest of the Internet from doing the same thing.
During that year, Barracuda updated its appliances and reportedly patched them so that their backdoors only responded to controls coming from the Barracuda IP address. Of course, one must keep in mind that it’s possible for hackers to spoof IP addresses.
Beyond that, owners having trouble configuring their devices behind a firewall have to move it to a public IP address to allow remote troubleshooting by Barracuda tech support. That, again, leaves it open to unauthorized remote access.
A user in any field with privacy regulations and compliance audits will have to establish that any Barracuda appliance that’s present in the network is not a vulnerability. Undoubtedly, there are multiple ways to do that, but it takes extra resources.
2. Low Resale Value
If an enterprise no longer needs its office technology for any reason, the hardware can at least still be counted as a disposable asset. But used Barracuda security appliances can only be sold for scrap value, because Barracuda will not renew or extend a warranty on its appliances except for the original owner. If an appliance is resold the next owner cannot get firmware or virus updates, or support of any kind. The new owner will only have outdated coverage that will become increasingly useless as the nature of malware evolves. A buyer’s recourse is to acquire a new machine, at full retail—or find another vendor.
If the original owner lets coverage lapse and then wants to renew it at a later date, that’s possible. However, Barracuda will demand that coverage be paid back to the date of the original lapse.
3. Spam Still Gets Through
Users repeatedly note that the protections Barracuda offers end up producing results equivalent to that of Microsoft Office 365. (And, for whatever reason, its filters typically fail to take note of “social viruses,” i.e., the kind that say, “This document contains macros. To activate them click here.”)
This is not to dismiss Barracuda’s protection—being equal to Office 365 is a nontrivial feat, as Office 365 offers rigorous filtering. But it’s just that, filtering, rather than technology that controls the source of the email, through techniques like challenge-response and silverlisting. With simple spam filtering, mail from total strangers can still arrive and be acted on.
Sendio’s Opt-Inbox solution can assure that all arriving email is from verified, legitimate correspondents, and inadequate filtering is irrelevant. You can request a demo to see just how effective it can be in keeping your organization safe.
