Barracuda ESG were physical or virtual appliances designed to protect email servers from spam, virus, spoofing, phishing and spyware attacks. The product line is discontinued.
N/A
Microsoft Defender XDR
Score 8.8 out of 10
N/A
Microsoft 365 Defender combines SIEM and XDR capabilities for Microsoft 365 environments, encompassing threat detection, post-breach detection, automated investigation, and response for endpoints. Additionally, it protects cloud apps, emails and documents, and employee identities.
Good combination when using their other products like an incident response. When using automated workflows, this makes creating sender policies a breeze. Unfortunately, this can also be done too well as it may filter out valid emails and to resend or place them back into users' mailbox isn't an easy thing to do even if you attempt to resend through the Email Security Gateway.
Microsoft Defender XDR is well suited for organizations already invested in the Microsoft Ecosystem - including Microsoft 365, Azure Ad and INTune. For example, in scenarios where you need to correlament the fishing attacks with the closing point behavior and identity agreement, Microsoft Defender XDR does a big task of sewing the timeline of a full attack simultaneously and even automatically removing. This hybrid function is also ideal for the environment, where safety visibility in distance tools, cloud apps and email is important. Microsoft Defender XDR provides centralized insight and response in all these domains without the requirement of many devices. However, it is less suitable in the atmosphere with diverse or non-microsoft infrastructure, such as an organization running a mixture of Linux server, Google work area or third-party EDR tools. Cross-platform support is still developing, and integration of the microsoft ecosystem often requires additional configurations or third-party connectors. For companies of that situation, Microsoft Defender XDR cannot give its full value from the XDR box.
ESS has a simple interface for both users and administrators.
The "Manage Quarantine" button in each email is a direct sign-on link, so users don't have to remember their password to manage their quarantine (this is GOLD, Jerry!).
The baseline functionality (catching spam/malware/phishing/malware attachments/malformed PDFs etc) is super-solid, with few false positives and few false negatives.
The software uses advanced AI and machine learning algorithms to monitor activities and detect any anomalies immediately, protecting our financial data.
Automated responses to known threats reduce the impact of possible incidents and improve our security posture.
Microsoft 365 Defender easily combines with other Microsoft 365 services and external security solutions, providing a complete and unified security solution.
You need to take time in adding your contacts to a whitelist so that you don't miss an email.
I recommend changing the time interval; Barracuda notifies you that you have quarantined emails as we were only getting 1 per day and we missed some urgent emails.
The quarantine folder is web based, we'd prefer it to have been an add-in for Outlook.
Improved algorithms to minimize false positives in threat detection, reducing the impact on security teams and preventing unnecessary investigations into non-threatening incidents.
Advanced User-Friendly Interface:
Streamlined and intuitive user interface for the centralized dashboard, making it more accessible for security professionals with varying levels of expertise.
Greater Third-Party Integration:
Increased compatibility and integration capabilities with a broader range of third-party security tools
We are pleased with the product and have no plans to look for alternatives. We are deeply invested in Microsoft ecosystem and Defender XDR provides seamless integration to other Microsoft products. For academic institution pricing is also quite affordable. In the contrary, we hope to extend the scope of the product for our entire environment.
Setting up the Barracuda for use with Microsoft 365 provides issues that Barracuda seems to have no fix for. I mentioned these issues to their support, because I am constantly reminded of them by their system, and I was told that those errors are normal for our setup and to ignore them which is frustrating to me.
Overall the UI is modern and OK to use. Attack story is quite nice visual of incident. Advanced hunting supports autocomplete so that helps doing KQL-queries efficiently. The product is quite comprehensive and one can get lost in the vast UI. Learning curve is quite high and navigation is complex. As product also continues to evolve the UI might change somewhat.
In our experience there has been very little downtime for Microsot Defender XDR. For us there hasn’t been any single incident where we needed the product and it was not available.
The WebUI is the only piece I find lacking on the Barracuda ESK. Its is not the fastest and is fairly utilitarian in its approach. The Outlook plug-in, while not in wide use here, causes zero slowdown in Outlook or the Barracuda ESG.
Most of the time the product is as responsive as you might expect from cloud product. Occasionly the product is little slugish, this has been at most a slight irritation. Reports generate quickly ennough for our needs. We also not have found that Defender XDR slows down systems that it is integrated with
Barracuda Email Security Gateway support is great at responding and escalating cases when needed. Timeliness is key when dealing with email attacks, spoofing or malware. Barracuda also has great resources for end-user training as our end users are our first line of defense in combatting attacks on our company. Training end-users pays off in time spent dealing with any email attacks
Their support throughout our onboarding of the product was fabulous. They not only took the time to carefully explain to teams not as well equipped with the lingo but explained to the tech team how to teach the other teams to be successful. They never once seemed impatient or annoyed with basic questions and didn’t pretend to know something when they needed to research an answer
Microsoft Provides a good training for the Microsoft 365 Defender and has a good learning paths to learn and take the exams and get your Certifications.
seemless and almost transparent. can be deployed by script if needed so every endpoint on our system get's it. if you have intune it gets dumped on the the endpoint by policy so nothing escapes it
Barracuda integrates well with Office 365 and mail flow is great. It was the first solution we found that was part of a greater suite to fit all the requirements we had. With the Email Security gateway being in the cloud, it required no extra hardware but also nothing new installed on an endpoint as some solutions require.
Our product in that area, for instance as a security platform and for us it is for the moment really bad point. We started to move in that direction that there is that disconnect from the client management. So if there is some action that needs to be executed detected by security team, there is not an easy way to make that available to the team that is responsible for managing the identities as users, as the devices
Azure cloud provides techical power to scale the product for whole organization. From organizational point of view scaling Defender XDR for various IT teams needs good collaboration and clear norms that all teams must agree to and follow.
The gateway learns current scam which can prevent unmeasureable damage. As a government organization attacks on our network affect public safety.
Previous gateways I have managed have required significant amounts of time grooming. The Barracuda gateway has freed up a great deal of my time due to its intelligence and intent scanning.
I have very few incidences where a legitimate malicious email will pass through the filter. Just one of these emails can wreak havoc on an organization.
