How to Whitelist IP addresses in Barracuda

Whitelisting by IP in Barracuda in Email Security Gateway

The below instructions are based on Barracuda's knowledge base. For more information on how to whitelist in Barracuda, check out this video from Barracuda

  1. Log in to your Barracuda Cloud Control.
  2. Go to Email Security > Inbound Settings > IP Address Policies.
  3. In the IP Blocking / Exemption section, use the top line to enter one of our IP addresses:
    34.66.138.178
    34.121.251.163
    35.239.224.225
    104.197.155.117
    104.236.69.186
    142.93.178.213
    This process will need to be repeated for each IP address
  4. In the Netmask field, please type 255.255.255.255
  5. Set the Policy field to Exempt.
  6. If you'd like, add a note in the Comment field. For example, Wizer Phishing IP Address.
  7. Click Add to whitelist the IP address.
  8. Repeat steps 2 through 7 for each of the Wizer IP addresses.

If you are using Barracuda's Email Security Gateway (on-premises), follow these steps to whitelist Barracuda by IP address:

  1. Log in to your Barracuda Email Security Gateway web interface.
  2. Go to the BLOCK/ACCEPT > IP Filters page.
  3. In the Allowed IP/Range section, use the top line to enter one of our IP addresses
    34.66.138.178
    34.121.251.163
    35.239.224.225
    104.197.155.117
    104.236.69.186
    142.93.178.213
  4. In the Netmask field, type 255.255.255.255
  5. Set the Policy field to Exempt.
  6. If you'd like, add a note in the Comment field. For example, Wizer Phishing IP Address.
  7. Click Add to whitelist the IP address.
  8. Repeat steps 2 through 7 for each of the Wizer IP addresses.

Barracuda Intent Analysis

You may need to whitelist Wizer in Barracuda's Intent Analysis feature to prevent the URLs in phishing emails from being altered and potentially distorted resulting in the phishing reports. See this article from Barracuda explaining this process.

If you are using Barracuda's Email Security Service (cloud), follow these steps to whitelist Barracuda's Intent Analysis:

  1. Log in to your Barracuda Cloud Control.
  2. Navigate to Email Security > Inbound Settings > Anti-Phishing.
  3. Under the Intent section, add KnowBe4's hostnames. Make sure the Policy drop-down is set to Ignore.

If you are using Barracuda's Email Security Gateway (on-premises), follow these steps to whitelist Barracuda's Intent Analysis:

  1. Log in to your Barracuda Email Security Gateway web interface.
  2. Navigate to Email Security Gateway > Basic > Spam Checking.
  3. Under the Intent Analysis section, add KnowBe4's hostnames to the URI Exemptions: text box field.

Barracuda Advanced Threat Protection (ATP) 

If you are using Barracuda's Advanced Threat Protection (ATP) and have experienced false clicks or false attachment opens, you can set up exemptions. Setting up exemptions allows you to bypass PDF scanning for phishing test emails from Wizer's IP addresses. 

To set up exemption addresses to bypass ATP PDF Scanning:

  1. Log in to your Barracuda Email Security Gateway web interface.
  2. Select the ATP Settings tab.
  3. Please enter our IP address(es) and Subnet Mask(s).
    34.66.138.178
    34.121.251.163
    35.239.224.225
    104.197.155.117
    104.236.69.186
    142.93.178.213
  4. Click Add.
In regards to the “Intent Domain Policy” currently Barracuda only allows to whitelist domain names, however, it is an active feature request to allow IP addresses (No ETA from Barracuda).