About Barracuda

The Email Security Gateway is an email security gateway that manages and filters all inbound and outbound email traffic to protect organizations from email-borne threats and data leaks.

SIRP and Baracuda automate threat detection and mitigation. Protection against malicious domains and IPs is possible because the actions and playbooks are executed on SIRP using Barracuda

SIRP’s integration with Barracuda allows security teams to execute response actions right from SIRP.

Supported Actions

SIRP’s Barracuda integration app allows you to execute the following actions






Adding domain to Domain Manager



Deleting domain from Domain Manager



Blocking IP Address for the Domain

Enable and Configure the Barracuda App

Whitelist SIRP's IP and Generate API password

  • Log into the Barracuda Spam firewall web console

  • Select Basic and then select the Administration tab

  • Enter SIRP's IP and Netmask in Allowed IP/Range table and click Add

    Note: For SIRP to access the Barracuda email security instance through its API SIRP IP needs to be added.

  • Add an API Password right under the table, and click Save on the top left.

Configure the app in SIRP

  • Next, log in to SIRP, then go to Apps from the left navigation bar

  • Locate the Barracuda Email Security Gateway App.

  • Click on the Toggle button to enable the app.

  • For configuration, click configure & it will ask for the followings.

    • Configuration name

    • URL (web URL of Barracuda)

    • API-Password

Barracuda in Action

Example 1: Blocking a malicious domain

The action can be executed from a ticket or playbook.

The blocked domain is visible in Barracuda in the Domain Manager list.

Note: You can also unblock a domain following the same steps

Example 2: Block IP FOR DOMAIN action below parameters are required.

For this action the following parameters are required:

  • IP: The desired IP that needs to be blocked

  • Domain: The IP must be blocked against a domain that is already present in the blocklist

  • Input: IP that is needed to be blocked.

  • Domain: Domain name that is already blocked by Barracuda

  • Block-Type:

    • Tag

    • Quarantine

    • Block

Once the IP for Domain action is successfully performed, its results can view on Barracuda in the BLOCK/ACCEPT tab, under the IP/Filters section, the in the Blocked IP/Range table.

Did this answer your question?