$HOME_NET Defined where?

[dmorris]

As I said, HOME_NET is automatically calculated as your home net based on your network settings.
This is ideal as it updates continuously as your network changes even in cases of DHCP and VPN users.

Sorry for the misinformation jcoffin provided above.
I change it from invalid to wontfix. Thanks for the feedback.

[bigcheeze]

Dirk - Any chance you'd be willing to discuss this? It's really a show stopper for me, because in an actual production environment it's very much not ideal.

[dmorris]

Sure, but I suspect its a misalignment of goals more than a technical discussion, but I'm open to hearing why it isn't ideal in your case.

http://wiki.untangle.com/index.php/W...ified_settings
http://wiki.untangle.com/index.php/W...munity_Support

Based on your previous [inflamatory] posts here I'm guessing Untangle isn't right for you. Sorry but this is meant to be an honest assessment, not a "get lost."

Untangle does not in any way prevent you from running other IPS systems and/or snort on your network.

[sky-knight]

It should also be pointed out that the nature of the way Untangle works, actually makes it a poor IDS platform. It works, but not as well as a dedicated device would.

[bigcheeze]

Sure, but I suspect its a misalignment of goals more than a technical discussion, but I'm open to hearing why it isn't ideal in your case.

http://wiki.untangle.com/index.php/W...ified_settings
http://wiki.untangle.com/index.php/W...munity_Support

Based on your previous [inflamatory] posts here I'm guessing Untangle isn't right for you. Sorry but this is meant to be an honest assessment, not a "get lost."

Untangle does not in any way prevent you from running other IPS systems and/or snort on your network.

First - I'm not sure what inflammatory post your eluding to, as nothing I have said is inflammatory.


As to the "Why Untangle Sucks". Truthfully it doesn't. It doesn't, I've been in this business for dam near 20 yrs now, and have worked on pretty much every major security product (Cisco, Juniper, Sidewinder, Checkpoint, Sonicwall and others), in both the large Enterprise, Government, and even SOHO spaces. I've seen a ton of crap, and untangle isn't. While it's not perfect, nothing is. But honestly, I like it.

I also agree, that we're not talking technical, but "goals". You are just seeing this product as nothing more than Internet -> Protected Network. Which is not the only way it can be used, far from it honestly. And I do get the whole "simple" approach, but much of what Untangle does isn't simple, and isn't for the simpleton.

As sky-knight inluded, there are better uses if you need a full blown IDS/IPS but some simple tweaking of the way Untangle uses snort could make it more useful and powerful. For example, because we all know IDS uses a fair amount of horse power -specially if you have lot of rules; and IPS uses even a bit more.

Let's use this as an example:


If I were to define my internal network as $HOME_NET then it would look at the DMZ & the Internet as $EXTERNAL_NET. Therefore it wouldn't have to worry about processing the rules to the DMZ from the Internet, saving that horse power AND it would protect my internal network which is what I'd be most worried about.

This is of course 1 simple way it's useful, and honestly I don't see how it's a major change for you guys (it has to be defined anyways), can lead to more flexibility in the product.

And sky-knight I 100% agree, a dedicated box even running SNORT on a dedicated box with something like barnyard is much higher end than ANY UTM device.

OK, I'm done with this conversation now unless you want to talk more about it. I've given my and I'll be done. I just don't think you should purposely limit Untangle, as it really has some pretty darn good potential in the SOHO/Medium Business markets.

[dmorris]

If I were to define my internal network as $HOME_NET then it would look at the DMZ & the Internet as $EXTERNAL_NET. Therefore it wouldn't have to worry about processing the rules to the DMZ from the Internet, saving that horse power AND it would protect my internal network which is what I'd be most worried about.

http://wiki.untangle.com/index.php/Policy_Manager