Page 9 of 10 FirstFirst ... 78910 LastLast
Results 81 to 90 of 99
  1. #81
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    686

    Default

    Quote Originally Posted by sky-knight View Post
    ScoutIQ means cloud lookup which means... nope... VB is pulling from the cloud to get data.

    You're correct that zVelo is providing all the data for Web Filter, however HOW they get that data is quite crazy and intense. They're pulling data from every available source to build that list. It's such a wide net that I have a hard time really describing to you how far it reaches. Every single end point that queries it provides data... They have scanners doing some... they have people stuffing in others... they leech information from other lists they've bought into or spying on...

    If a site ends up on any list anywhere... zVelo is going to know about it, and FAST.

    As for your last bullet point, if the content control guys don't know where a virus is, the virus blocking guys don't know where it is either. Content blocks happen first, then we get a definition update.

    Content control *is* your best AV today.
    I wanted to reply to this when it was first posted, but have been busy. Today I ran into a situation that makes a great case for this conversation. IDK where VT gets their data. I'm sure they're very good. But I've been disappointed multiple times. Fall of 2015 I had a customer who wanted me to block all remote access websites, protocols, etc. I did this via Untangle App Control and also had SSL Inspector running (and HTTPS mechanisms enabled in the Web Filter). I also blocked the relative category in the Web Filter. I then went to google.com & searched for remote access software/websites. I clicked on all links in the first 2 pages and followed all. Several of these pages were lists of remote access software with links to the respective vendors, websites, etc. I had a lot that were not blocked by the Untangle Web filter, and was very deflated by that, as I have had a lot of confidence in the accuracy of the Untangle web filter and have pitched it to all customers of varying sizes and IT security levels.

    I don't know why Zvelo didn't have these sites categorized as remote access, as that's clearly what they are, and I performance a straightforward search in google that took me to them. If a simple google search leads a user to these websites for the given category, I would think a sophisticated multi-faceted system like Zvelo would.

    Here's that list from that same customer's Untangle today. I haven't checked these sites since to see if this has changed. I may have submitted requested for all of these to be recategorized. I don't remember.

    remote_access_sites.png

    Today I just came across another *current* example.
    This malware is detected by 57 A/V products in VirusTotal:
    https://www.virustotal.com/en/file/4...a209/analysis/

    The VT analysis says it goes out to grab (among other things) a file at nnjzt.com (which I won't link to here for security purposes, but you can see it in the VT report).

    This URL isn't detected as bad by zvelo as shown here:
    zvelo_false_negative.png

    But it is by some reputable other URL filters shown in VT here:
    https://www.virustotal.com/#/url/edb...689e/detection

    VT happens to say the file itself is clean:
    https://www.virustotal.com/#/file/9b...8f0a/detection
    (maybe true, maybe not).

    But no doubt the file is pulled down by an malicious backdoor/trojan and I think it would make most sense to block it out of caution.

    The bottom-line point I'm making here is that although Zvelo may be very good, it is far from perfect (obviously nothing is perfect). I wouldn't rely on it any more than one should given a standard multi-vendor multi-layer defense in depth security policy.

    I haven't used any competing products enough to make a fair comparison. Personally I think it is a good product, and as such, it continues to be my web filter of choice.

    But you'll never hear me praising it (especially among technical colleagues) as something amazing. There is a lot of competition in the URL filtering marketplace and I think the demands of the industry and user base are extremely high, thus that I am not inclined to turn a blind eye to some of the falters I've seen with it. However, between Untangle, Zvelo themselves and the industry as a whole I do believe it is a good product that is generally on par with its industry. If ever I come to learn otherwise, my opinion will change. But until then, I choose to use it.

  2. #82
    Untangle Ninja
    Join Date
    Jan 2011
    Posts
    1,325

    Default

    you had to manually categorize splashtop.com and join.me as remote access sites? those aren't exactly obscure

  3. #83
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    686

    Default

    Quote Originally Posted by johnsonx42 View Post
    you had to manually categorize splashtop.com and join.me as remote access sites? those aren't exactly obscure
    Yes I did. And I agree some of these are very common tools known for remote access purposes, and seems they definitely should have been classified accordingly.

    Some of the sites in the above list are now correctly identified as Remote Access, but others still are not. Just google zoho remote access, and you'll see remote access is one of their core features, included *unattended* access. But zvelo still doesn't list it as remote access after over 2 years since I first discovered that.
    Last edited by dmor; 01-09-2018 at 10:30 AM. Reason: More context

  4. #84
    Master Untangler
    Join Date
    Apr 2017
    Location
    California
    Posts
    103

    Default

    Very not happy about changes. Woke up this morning to my home network cutting off devices due to license changes that were not pre notified. I have a license that is valid through april and still they change my count over night killing it. Called support with no answers as they know of the change but not why the count changes. Previous home install was allowed 50 devices now it is down to 15. I have a house of teens and computers, 15 is not what i paid for!

  5. #85
    Untangler
    Join Date
    Apr 2008
    Posts
    44

    Default

    Quote Originally Posted by De_Lemon View Post
    Very not happy about changes. Woke up this morning to my home network cutting off devices due to license changes that were not pre notified. I have a license that is valid through april and still they change my count over night killing it. Called support with no answers as they know of the change but not why the count changes. Previous home install was allowed 50 devices now it is down to 15. I have a house of teens and computers, 15 is not what i paid for!
    Same thing happened to me. I got booted down to 15 devices. I usually have 33 active. 1/2 of my network doesn't work now. No IP camera, weather devices, TV, Bose radios, computers etc.

  6. #86

  7. #87
    Untangler
    Join Date
    Apr 2008
    Posts
    44

    Default

    Quote Originally Posted by Sam Graf View Post
    Thanks!

  8. #88
    Untanglit Akubra's Avatar
    Join Date
    Nov 2016
    Posts
    20

    Default

    Quote Originally Posted by xscapee1 View Post
    Thanks!
    Could you share the time it took to solve this problem? I have the same problem. Just wondering: have I missed a message or has Untangle changed the limit without notice?

  9. #89
    Master Untangler
    Join Date
    Mar 2017
    Posts
    189

    Default

    Quote Originally Posted by Vaskery View Post
    We need more info about it since since we are doing this research.
    More info about what, to keep up with what research? It may be I don't speak english but I did not understand.

    If you're talking about the system Untangle is using to discriminate cheaters from legit home users, I don't think you need it: if you're using at home, don't sweat it

    Please forgive me if I didn't understand.

  10. #90
    Untangler
    Join Date
    Aug 2014
    Posts
    47

    Default

    Wow, I noticed this only now XD

    Happy that my old license won't be affected, losing the branding manager would've actually made the installation look less home... considering it's Destiny themed!

    All in all I believe that the changes are fair as I do not _need_ the branding manager, it's just cool and I don't care HOW the AV works as long as it does. If I had to get a license now, the new home pro would still be a wonderful deal.

    Slightly unrelated, how is the whole SSL inspector "not worth it"? That and bandwidth manager are the biggest pull in favor of a paid license instead of the free one

Page 9 of 10 FirstFirst ... 78910 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2