sky-knight
11-19-2008, 03:57 PM
Upon request in another thread I decided to create this one to outline my experience with eSoft and their Instagate product.
The eSoft's flaghip product is the Instagate. The Instagate was originally an IBM product (Threatwall) and is as far as I know one of the first UTM appliances to ever be built.
I had 5 or 6 customers I inherited back in 2004 who owned these things. I was working as a field technician for a local support company and was called in every so often to deal with IT issues. About a month in we found out that IBM was spinning off the company to shut it down. It was losing money hand over fist, and I could see why because back then all I had were issues from the basic router... much less the other features it boasted.
Then eSoft was formed, changed the product name to Instagate, and since reused the threatwall name on another product. All of the customers got complimentary replacements for the old threatwalls with new equivalent Instagates. At this point we were all rather excited about it as eSoft had energy and vitality that we simply didn't expect after they went independent.
The following year was one of massive improvements to the product. However, despite the gains, all but one of my customers ditched the product for one reason or another. That final customer I don't do work for currently, but I hear they still have the unit in service.
Their technology is very similar to Untangle in that they are Linux driven. However, unlike Untangle, eSoft prevents you from seeing these underpinnings directly. This lack of perspective coupled with deficient technical support left me in the lurch on several occasions when the box simply didn't work as advertised. And we were forced on many occasions to just deal with the downtime until an eSoft guy got a clue and fixed it. The issues were wide reaching and basic... from the unit not routing traffic properly to firewall rules not applying when expected, to the internal mail or web services inexplicably going offline... and don't get me started on the proxy and it's constant desire to prevent windows stations from getting updates...
Now, while this was going on I knew of a few SSH bugs floating around that were causing some issues on the Linux front and known to lockup badly configured units. I put a BSD based firewall of my own design in front of the Instagate and sure enough that was causing our lockups. With my new external audit of traffic I was able to prove that not only did the firewall leak, but phoned home frequently. Neither condition was being admitted at the time by eSoft employees. So for the following 6 months I built a custom security appliance to harden the security appliance? Moronic I know.. but again this one customer refused to let go of the thing. In that time I learned enough about the internal workings of the corporation and product to know that NO ONE should EVER have one on their network. I did however have a rather powerful custom firewall device I used successfully in several places to deal with odd issues so the experience was valuable.
This custom firewall appliance was a bridged driven unit that ran OpenBSD. This unit is where I get my experience with open source OS's and thier related support of bridges in general. And, incidentally, why I think Untangle is crazy to not only support his operational model, but encourage it... It is also why I believe strongly that Untangle as a product will eventually have to be a completely customized Linux derivative and can never be a package on top of a generic Linux OS. There is just too much kernel in the way... but I digress.
After proving to eSoft on several occasions their product simply didn't work I was finally funneled to a higher level tech support guru who actually had a clue. With his admissions to how the product operated, AND detailed understanding of network technology I was able to finally get the eSoft product functioning perfectly, with my custom device in front locking it down farther than was possible out of the box. The end result was a very happy customer that simply never went down. At least, when the proxy was working. No matter what I did then, the proxy would lock up every 3 to 4 days and require us to reset the box.
Fast forward two years and I find Untangle. Ostensibly, the same product. Except Untangle operates with an open model, gives access to the OS under the hood, and has a corporate culture that actually cares about the small customer. Even the open source package in Untangle is more developed than anything I ever played with in the eSoft unit. And, because you can get into the Linux core and run your own diagnostic commands. I have the ability to audit for myself the products function and verify that my firewall rules, for example, indeed work.
If there is one part of the eSoft product I was happy with... it was the content and spam filters. Both worked well in terms of detection. The web filter specifically had many more categories of control than is available in our current web filter. And, the feature comparison on the Untangle web site is a fair gauge of the differences. False positives were low, detection was high, and the porn filter was strong enough to get me branded as a Bible Thumping Bigot. ;)
So I look forward to the impending release of Untangle 6.0 and it's ability to use eSoft technology with a mixture of joy and sadness. eSoft as a company does not support the ideals that bring this community together, however, the web filter technology, assuming Untangle is careful, will be a valuable addition to the list of growing upgrades.
The eSoft's flaghip product is the Instagate. The Instagate was originally an IBM product (Threatwall) and is as far as I know one of the first UTM appliances to ever be built.
I had 5 or 6 customers I inherited back in 2004 who owned these things. I was working as a field technician for a local support company and was called in every so often to deal with IT issues. About a month in we found out that IBM was spinning off the company to shut it down. It was losing money hand over fist, and I could see why because back then all I had were issues from the basic router... much less the other features it boasted.
Then eSoft was formed, changed the product name to Instagate, and since reused the threatwall name on another product. All of the customers got complimentary replacements for the old threatwalls with new equivalent Instagates. At this point we were all rather excited about it as eSoft had energy and vitality that we simply didn't expect after they went independent.
The following year was one of massive improvements to the product. However, despite the gains, all but one of my customers ditched the product for one reason or another. That final customer I don't do work for currently, but I hear they still have the unit in service.
Their technology is very similar to Untangle in that they are Linux driven. However, unlike Untangle, eSoft prevents you from seeing these underpinnings directly. This lack of perspective coupled with deficient technical support left me in the lurch on several occasions when the box simply didn't work as advertised. And we were forced on many occasions to just deal with the downtime until an eSoft guy got a clue and fixed it. The issues were wide reaching and basic... from the unit not routing traffic properly to firewall rules not applying when expected, to the internal mail or web services inexplicably going offline... and don't get me started on the proxy and it's constant desire to prevent windows stations from getting updates...
Now, while this was going on I knew of a few SSH bugs floating around that were causing some issues on the Linux front and known to lockup badly configured units. I put a BSD based firewall of my own design in front of the Instagate and sure enough that was causing our lockups. With my new external audit of traffic I was able to prove that not only did the firewall leak, but phoned home frequently. Neither condition was being admitted at the time by eSoft employees. So for the following 6 months I built a custom security appliance to harden the security appliance? Moronic I know.. but again this one customer refused to let go of the thing. In that time I learned enough about the internal workings of the corporation and product to know that NO ONE should EVER have one on their network. I did however have a rather powerful custom firewall device I used successfully in several places to deal with odd issues so the experience was valuable.
This custom firewall appliance was a bridged driven unit that ran OpenBSD. This unit is where I get my experience with open source OS's and thier related support of bridges in general. And, incidentally, why I think Untangle is crazy to not only support his operational model, but encourage it... It is also why I believe strongly that Untangle as a product will eventually have to be a completely customized Linux derivative and can never be a package on top of a generic Linux OS. There is just too much kernel in the way... but I digress.
After proving to eSoft on several occasions their product simply didn't work I was finally funneled to a higher level tech support guru who actually had a clue. With his admissions to how the product operated, AND detailed understanding of network technology I was able to finally get the eSoft product functioning perfectly, with my custom device in front locking it down farther than was possible out of the box. The end result was a very happy customer that simply never went down. At least, when the proxy was working. No matter what I did then, the proxy would lock up every 3 to 4 days and require us to reset the box.
Fast forward two years and I find Untangle. Ostensibly, the same product. Except Untangle operates with an open model, gives access to the OS under the hood, and has a corporate culture that actually cares about the small customer. Even the open source package in Untangle is more developed than anything I ever played with in the eSoft unit. And, because you can get into the Linux core and run your own diagnostic commands. I have the ability to audit for myself the products function and verify that my firewall rules, for example, indeed work.
If there is one part of the eSoft product I was happy with... it was the content and spam filters. Both worked well in terms of detection. The web filter specifically had many more categories of control than is available in our current web filter. And, the feature comparison on the Untangle web site is a fair gauge of the differences. False positives were low, detection was high, and the porn filter was strong enough to get me branded as a Bible Thumping Bigot. ;)
So I look forward to the impending release of Untangle 6.0 and it's ability to use eSoft technology with a mixture of joy and sadness. eSoft as a company does not support the ideals that bring this community together, however, the web filter technology, assuming Untangle is careful, will be a valuable addition to the list of growing upgrades.