/
Setting up ATR for SecureEdge

Setting up ATR for SecureEdge

What ATR does

ATR determines whether an alert is malicious.

If the alert is identified as malicious, the IP Address is automatically added to the firewall or network security solution block list, depending on how malicious ATR determines it to be.

For more information about Automated Threat Response (ATR), see Setting up ATR.

Setting up ATR

The documentation below outlines the requirements for the Barracuda XDR Automated Threat Response (ATR) for Barracuda SecureEdge.

For additional information, see How to Configure Barracuda XDR Automated Threat Response (ATR) in SecureEdge.

Requirements

You must have:

  • Access to the Barracuda XDR Dashboard set up and functioning properly

  • Access to Barracuda SecureEdge set up and functioning properly

Also, Barracuda SecureEdge must be integrated in Barracuda XDR. For more information, see Integrating Barracuda SecureEdge Firewall.

You only need to set up ATR for a single device, even when there are multiple firewall devices in the same workspace. The registration token is applied to SecureEdge rather than individual firewalls and ATR blocks are set up for “All Sites.”

To configure Barracuda SecureEdge

  1. In Barracuda SecureEdge, click Integration > Barracuda XDR > ATR Configuration.

  2. Slide Automated Threat Response to Enabled.

    2025-03-31_15h51_51.png

  3. Click Save.

  4. Copy the Authentication Token.

To configure ATR for SecureEdge

  1. In Barracuda XDR Dashboard, click ATR Settings > Firewalls.

  2. In the Firewall table, click the Barracuda SecureEdge row.

  3. Click Edit Config.

  4. In the Edit Config dialog box, paste the Authentication Token you copied in the previous procedure into the Authentication Token.

    EditConfigDialog.png

  5. Click Save.

If you need to edit the configuration at any time, follow the Editing XDR ATR Settings for a Firewall procedure.

 

Contact Us
Barracuda Campus
Barracuda Support