/
Integrating Ubiquiti UniFi Cloud Gateway

Integrating Ubiquiti UniFi Cloud Gateway

In order to set up the Ubiquiti UniFi Cloud Gateway Collector, you need to follow the procedures below: 

  1. Enable Ubiquiti UniFi Cloud Gateway 

  2. Install the XDR Collector 

  3. Configure Ubiquiti UniFi Cloud Gateway 

  4. Open the ports on the XDR Collector Host 

To enable Ubiquiti UniFi Cloud Gateway 

  1. In Barracuda XDR Dashboard, navigate to Administration> Integrations

  2. On the Ubiquiti UniFi Cloud Gateway card, click Setup.

    UnifiSetup.png

  3. Select the Enabled check box.

  4. If the default UDP port set in the Integration can’t be forwarded because it is already in use, type a different UDP port number.

    UbiquityPort.png

  5. Click Save.

To install the XDR Collector

If you haven't already set up the XDR Collector, do one of the following: 

To configure Ubiquiti UniFi Cloud Gateway 

Barracuda Managed XDR can monitor syslog-formatted messages from Ubiquiti UniFi Cloud Gateway, if this is configured to forward the messages to the appropriate XDR Agents.

  1. Sign in to the UniFi controller web interface.
    NOTE Your UniFi controller web interface URL is the IP address of your controller.

  2. Click Settings > CyberSecure.

  3. Click the Traffic Logging tab. 

  4. For Activity Logging (Syslog), select SIEM Server.
    NOTE Do not Select Debug Logs or Netconsole. 

  5. For Contents, click Edit.

  6. Ensure that only these logs are selected: 

    • Admin Activity 

    • Critical 

    • Devices 

    • Security Detections 

    • Triggers

    • VPN

    • Firewall Default Policy 

  7. Click Save

  8. In the Server Address field, type the IP address for the Barracuda Sensor.

  9. In the Port field, type the number of the port you set in the integration step.

  10. For Logging Levels, ensure that Auto is selected. 

  11. Click Apply changes.

To open the ports on the XDR Collector Host 

If you have a firewall protecting your collector, ensure that it allows incoming traffic on the UDP port you’re using. 

Here are some examples of how to do that on commonly used firewalls. You need to do this for the port configured for Ubiquiti. 

Linux ufw 

sudo ufw allow 9257/udp

Linux Iptables 

sudo iptables -A INPUT -p udp --dport 9257 -j ACCEPT

Linux firewalld 

sudo firewall-cmd --permanent --add-port=9257/udp

Windows 

netsh advfirewall firewall add rule name="Ubiquiti UniFi" dir=in action=allow protocol=UDP localport=9257

 

Contact Us
Barracuda Campus
Barracuda Support