The Email Security Gateway is an email security gateway that manages and filters all inbound and outbound email traffic to protect organizations from email-borne threats and data leaks.
SIRP and Baracuda automate threat detection and mitigation. Protection against malicious domains and IPs is possible because the actions and playbooks are executed on SIRP using Barracuda
SIRP’s integration with Barracuda allows security teams to execute response actions right from SIRP.
SIRP’s Barracuda integration app allows you to execute the following actions
Adding domain to Domain Manager
Deleting domain from Domain Manager
BLOCK IP FOR DOMAIN
Blocking IP Address for the Domain
Enable and Configure the Barracuda App
Whitelist SIRP's IP and Generate API password
Log into the Barracuda Spam firewall web console
Select Basic and then select the Administration tab
Enter SIRP's IP and Netmask in Allowed IP/Range table and click Add
Note: For SIRP to access the Barracuda email security instance through its API SIRP IP needs to be added.
Add an API Password right under the table, and click Save on the top left.
Configure the app in SIRP
Next, log in to SIRP, then go to Apps from the left navigation bar
Locate the Barracuda Email Security Gateway App.
Click on the Toggle button to enable the app.
For configuration, click configure & it will ask for the followings.
URL (web URL of Barracuda)
Barracuda in Action
Example 1: Blocking a malicious domain
The action can be executed from a ticket or playbook.
The blocked domain is visible in Barracuda in the Domain Manager list.
Note: You can also unblock a domain following the same steps
Example 2: Block IP FOR DOMAIN action below parameters are required.
For this action the following parameters are required:
IP: The desired IP that needs to be blocked
Domain: The IP must be blocked against a domain that is already present in the blocklist
Input: IP that is needed to be blocked.
Domain: Domain name that is already blocked by Barracuda
Once the IP for Domain action is successfully performed, its results can view on Barracuda in the BLOCK/ACCEPT tab, under the IP/Filters section, the in the Blocked IP/Range table.