Guardz + Keepit Bundle vs Barracuda (Australia 2026)

Barracuda built its name on email security appliances in the mid-2000s. The spam and phishing gateway business was genuinely strong, and plenty of Australian MSPs still run Barracuda email protection across their customer base. Over the past five years Barracuda has expanded into backup (Cloud-to-Cloud Backup for M365), XDR (Managed XDR), network security and — with the 2025 launch of BarracudaONE — a unified platform that ties these products under one MSP dashboard.

The strategy is the same one Acronis pursues: consolidate backup and security under one vendor, reduce tool sprawl, simplify the MSP invoice. Barracuda's version leans harder on email security heritage and softer on endpoint backup compared to Acronis. Thoma Bravo has owned Barracuda since 2018; the private-equity ownership means product investment decisions are not always visible from the outside.

The CRS Protect & Recover bundle takes the opposite approach — best-in-class for each layer rather than one vendor for everything. Guardz handles active detection, identity, endpoint and email security with 24/7 MDR. Keepit handles SaaS backup with vendor-independent immutable infrastructure. CRS handles the commercial relationship so the MSP deals with one counterparty.

Two real strengths.

Email security heritage. Barracuda has been protecting email for over twenty years. The email gateway, anti-phishing and account takeover detection are mature and well-understood by Australian MSPs. If an MSP already runs Barracuda email protection and the primary buying criterion is "keep the email security I trust and add backup and XDR from the same vendor," Barracuda is the path of least disruption.

Familiarity in the ANZ channel. Barracuda has an established Australian presence through Exclusive Networks and TD SYNNEX, a dedicated ANZ Country Manager hired in 2025, and a base of MSPs and resellers who have sold Barracuda for years. Procurement inertia is real — switching vendors costs time and political capital inside an MSP, and Barracuda's existing footprint means some partners will stay regardless of the comparison.

Four structural advantages for the CRS Protect & Recover bundle.

SaaS backup depth and independence. Keepit covers 16+ SaaS workloads on infrastructure that Keepit owns and operates end-to-end — not rented cloud storage behind an API. M365, Google Workspace, Salesforce, Dynamics 365, Azure DevOps, Power Platform, Intune, Public Folders, and more. Barracuda Cloud-to-Cloud Backup covers M365 and Entra ID competently, but Google Workspace coverage has user-reported gaps and Salesforce coverage is limited or absent. For MSPs whose customers run anything beyond M365, the coverage gap is material.

Purpose-built MSP security versus bolt-on XDR. Guardz was designed from day one for MSPs serving SMB customers — multi-tenant, lightweight, fast to deploy, with SentinelOne Complete EDR and Check Point Harmony email security embedded rather than bolted on. Barracuda Managed XDR is a newer addition built by assembling acquired capabilities. The Guardz MSP onboarding experience, ITDR depth and cross-surface MDR correlation are more tightly integrated.

Vendor trust. In June 2023, Barracuda disclosed CVE-2023-2868, a critical zero-day in its Email Security Gateway appliances that had been actively exploited since at least October 2022. The remediation advice was unprecedented: Barracuda told affected customers to physically replace their hardware rather than patch it. For MSPs whose customers care about vendor security posture, this incident still matters. Neither Guardz nor Keepit has had a comparable event.

Backup vendor independence. Keepit is structurally independent of Guardz — different companies, different infrastructure, different incident chains. If the security vendor has a bad day, the backup is unaffected. Barracuda's backup and security share a vendor and a commercial relationship. A single Barracuda incident could affect both layers simultaneously.

CVE-2023-2868 was not a routine patch-and-move-on vulnerability. Barracuda discovered that its Email Security Gateway appliances had been compromised via a remote command injection flaw, with evidence of active exploitation going back eight months. The attackers deployed persistent backdoors that survived firmware updates.

Barracuda's response was to tell customers to stop using the compromised appliances entirely and replace them with new hardware — an instruction that is almost unheard of in enterprise security. The incident was attributed to a suspected nation-state actor and affected organisations globally.

Three years on, the technical vulnerability is resolved. But the incident revealed something about Barracuda's appliance architecture and incident-response capability that MSPs should weigh when evaluating long-term vendor trust. Every vendor has vulnerabilities; not every vendor responds by telling customers to throw away hardware. Whether this is a disqualifier depends on the MSP's risk appetite, but it belongs in the conversation.

Barracuda prices per user or per mailbox on monthly subscription. Published list ranges sit around US$3-8/user/month for email security and US$5-10/user/month for backup. MSPs negotiate 15-30% below list depending on volume. BarracudaONE bundled pricing is quote-based and not publicly listed.

CRS bundle pricing for Guardz Ultimate plus Keepit is negotiated per partner based on volume and term. The combined per-user cost is competitive with a full Barracuda stack (Email Protection + Cloud-to-Cloud Backup + Managed XDR), and at higher volumes the CRS bundle typically lands lower. CRS will run an honest like-for-like cost comparison for any MSP evaluating the switch.

The harder pricing question is switching cost. An MSP with Barracuda email security across fifty customer tenants faces real migration effort. CRS scopes migration timelines honestly and does not pretend a Barracuda-to-Guardz cutover is zero-effort. The investment pays back through better detection depth, broader SaaS backup coverage and vendor independence.

Choose the CRS Protect & Recover bundle when:

• SaaS backup coverage beyond M365 matters — Google Workspace, Salesforce, Dynamics 365, Azure DevOps, Power Platform.
• Backup vendor independence from the security vendor is required for compliance or resilience.
• Purpose-built SMB MSP security with SentinelOne EDR and cross-surface MDR is the standard, not bolt-on XDR.
• The 2023 ESG appliance incident is a trust concern for your customers.
• CRS-distributed in AU, NZ, Fiji or PNG with bundled pricing on a single deal.
• White-label MSP delivery with fast tenant onboarding is a requirement.

Choose Barracuda when:

• The MSP already runs Barracuda email protection across customer tenants and switching cost is the deciding factor.
• The customer's SaaS estate is M365-only and broader workload backup is not required.
• Email security heritage and brand familiarity outweigh the depth advantages of Guardz.
• The MSP's existing distributor relationship (Exclusive Networks or TD SYNNEX) makes procurement simpler.
• The 2023 ESG incident has been evaluated and accepted as resolved.