Page 3 of 5 FirstFirst 12345 LastLast
Results 21 to 30 of 41
  1. #21
    Banned
    Join Date
    Nov 2014
    Posts
    192

    Default

    Quote Originally Posted by dmorris View Post
    Ah yes that makes sense. Thanks for figuring that out.

    Yes it does.
    I'm not sure what is public, so I will let tneary with Total Defense respond.
    1) If there is an issue with WFW Service, it will give the program a lot of errors. You may want to notify people of this, and perhaps give an option to 'enable' the service.

    2) Uninstaller isn't clean. It leaves 13 directories, and 1200 or so files.

    Otherwise, hopefully someone can answer my engine questions. Specifically, I'd like to know the technologies behind it other than Bit Defenders database. I can tell the reputation system is extremely good already.

  2. #22
    Banned
    Join Date
    Nov 2014
    Posts
    192

    Default

    I'm an IT Engineer, and Malware Analyst, and MSP controller for the 4th rated MSP in the world by the way. (We monitor 33,000 deployed systems)

    I just dumped 20 Zero-Day Malware (Released less than an hour ago) through the reputation aspect of TDU and it's very potent in this respect. I'd like to know the technology behind it. In my opinion the best way to conqueur blended, and emerging threats in the endpoint market is with DNA/Fingerprinting, and/or Reputation Systems. Signatures can't keep up. So anytime a new reputation/DNA/Fingerprint product arrives, I perk up FAST.

  3. #23
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    Great!

    I sent an email and asked for those answers.

    I see you already reposted on wilder security.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #24
    Banned
    Join Date
    Nov 2014
    Posts
    192

    Default

    I did post over there, to attract attention.

    However, CA has a bad reputation in the AV field. If I was your business advisor, I would recommend re-launching the product when beta is over as "Untangle Endpoint AV" or something. Untangle has a very good reputation, CA not so much ...

  5. #25
    Banned
    Join Date
    Nov 2014
    Posts
    192

    Default

    Some updates;

    1) Reputation aspect is good. Not stunning. But good. As good as Trend 2015, slightly behind Norton.
    2) Web Protection is poor. No malware domains were blocked in my testing. So I would really beef this aspect up.
    3) Unbury some advanced settings. Maybe a pulldown to enable 'advanced' interface? Perhaps a small 'advanced' button on the front interface page to access some of the advanced stuff faster.
    4) PUP/PUA detection seems good. Not stunning. Perhaps enhance this aspect with a PUP/PUA signature database, or tweak the reputation aspects higher to catch more of them.
    5) Allow REMOVAL of 'Allow' button for 'suspicious' programs. This is crucial - I don't want my kids running suspicious stuff, and having a giant 'allow' button on the notification is a major problem.
    6) Version beta says 9, also copyright 2014.

    Also, I would highly recommend having a notification on ALL downloads. Not just threats, such as "Application is Clean" quickly popup. Similar to how Norton 2015 does it, so at least you know it's working - not just when a threat is detected. I'd make this optional of course, but many of us like notifications and 'assurances'. ;-)
    Last edited by Mayahana; 01-20-2015 at 08:49 PM.

  6. #26
    Banned
    Join Date
    Nov 2014
    Posts
    192

    Default

    Another issue;

    If you try to uninstall the program with Outlook running it crashes outlook, rather than attempting to close outlook prior to removal of the anti-spam add-on.. You may want to terminate the outlook process first, or at least ask people to terminate it.

  7. #27
    Newbie
    Join Date
    Jan 2015
    Posts
    9

    Default

    Quote Originally Posted by Mayahana View Post
    I solved the error. I have Windows Firewall Disabled, and this program appears to function as an adjunct/booster to WFW. So once I enabled the service it was back to working fine.

    This is listed as having 'multiple' scanning engines for malware, which Engines?

    Also, can I get a list of what technologies it uses? Such as what databases for Phishing, and Reputation?

    Also, does it offer any sort of cloud scanning, either in realtime, or on-demand?

    Thanks

    There is a local scanning engine that is BD and the cloud defense scanner uses the VET engine (TD engine) with some additional TD proprietary automation and research integrated into it.

    We use several RBLs and also leverage feeds from all the major players in the industry. Due to contractual NDAs we cannot disclose this publicly.

    The cloud defense scanner is used currently for on-demand scans in addition to any local scanning that occurs during the on-demand phase.

  8. #28
    Banned
    Join Date
    Nov 2014
    Posts
    192

    Default

    So basically a licensed BD product with some additional technologies. VET, the old CA engine, some RB databases.

    It's actually a pretty light product. So far other than the bugs I listed, I'd recommend; (if you care, hehe)

    1) I'd ditch the 'Ultimate' version the way it is. The interfaces of the other stuff don't match the main product anyway, and people are getting tired of bundled suites with things like optimizers. I'd actually have only 2 versions - Security and Security+ or something.
    2) Perhaps consider stronger web protection, a malware website database. I found it didn't block any actual malware websites.
    3) More options - I don't think having a giant 'allow' button on questionable programs is a good idea. I'd have a small fast tooltip for 'passed' items on download, that's a preference.

    Otherwise, so far I think it has a lot of potential.

  9. #29
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,968

    Default

    Quote Originally Posted by Mayahana View Post
    2) Perhaps consider stronger web protection, a malware website database. I found it didn't block any actual malware websites.
    I get the impression they view this as a product you'd use in addition to NGFW, such that blocking the malware web sites would happen within NGFW, rather than at the endpoint.

    I think it would really cool if they added a feature to NGFW to communicate with a TD agent in the local network for handling that aspect.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 16.5.2 to protect a 1Gbps fiber link for ~450 residential college students and associated staff and faculty

  10. #30
    Newbie
    Join Date
    Jan 2015
    Posts
    9

    Default

    Quote Originally Posted by Mayahana View Post
    So basically a licensed BD product with some additional technologies. VET, the old CA engine, some RB databases.

    It's actually a pretty light product. So far other than the bugs I listed, I'd recommend; (if you care, hehe)

    1) I'd ditch the 'Ultimate' version the way it is. The interfaces of the other stuff don't match the main product anyway, and people are getting tired of bundled suites with things like optimizers. I'd actually have only 2 versions - Security and Security+ or something.
    2) Perhaps consider stronger web protection, a malware website database. I found it didn't block any actual malware websites.
    3) More options - I don't think having a giant 'allow' button on questionable programs is a good idea. I'd have a small fast tooltip for 'passed' items on download, that's a preference.

    Otherwise, so far I think it has a lot of potential.

    I have captured your recommendations and feedback for roadmap planning. Solid feedback and much appreciated.

    It would be great if you could send an email to beta@totaldefense.com and as the development guys would like to reach out to you directly on the error you received where network protection wasn't enabled as it may be something that was fixed with an update that is being pushed out today.

    thanks again

Page 3 of 5 FirstFirst 12345 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2