Results 1 to 5 of 5

Thread: Untangle Rocks

  1. #1
    Untangler
    Join Date
    Feb 2008
    Posts
    80

    Default Untangle Rocks

    In the spirit of CNET, I wanted to do a product review rating it based on its components and other criteria. So here it goes.

    If you are a network administrator or even someone remotely familiar with computer networking, you've probably at least heard of a firewall. John and I recently outgrew his Firebox X50 Edge, and needed something more robust with lots of features. We didn't have much a budget (like $0), so we turned to cheap-as-free firewalls.

    Most free firewalls are Linux based operating systems that integrate many open source projects into a single product. I tested a number of products, and after much despair stumbled upon Untangle. Untangle is a powerful, robust, feature-rich open source firewall that would give many proprietary firewalls a run for their money. John and I have been using it now for a while now, and after testing it, I figured it was time for a review.

    Untangle has many features. We didn't use all of them, so I only reviewed the products we did use.

    Web Filter **** (4/5)
    The Web Filter application is a great product, I must say. After installing, John and I Firefox and attempted to surf sites we knew it would block, and it successfully blocked most sites. It is really unrealistic to expect a content filter to stop everything, but it was certainly good enough. It is certainly comparable to the competing product from WatchGuard or SonicWall. The only draw back is the number of configurable categories. The Web Blocker only had about half the number of categories that WatchGuard and SonicWall products do, but it makes up for it in price.

    Spam Blocker ***** (5/5)
    I haven't seen anything get past it yet, but then again, I'm not running an email server either or POP3 client. The comparable WatchGuard product nails well over 85% of spam with few false positive. John uses Outlook for email, so he could probably vouch for its reliability. I am going to have give it a 5 based on other reviews.

    Virus Blocker ***** (5/5)
    I haven't seen anything get passed it yet. It scans HTTP and FTP downloads for viruses in real time. Although it nails viruses before the enter the network, it shouldn't replace desktop virus protection. The virus blocker works well, so it's 5 for 5.

    Phish Blocker ***** (5/5)
    Like the spam blocker, nothing has got passed it yet. It seems to shut down things before they even get to the client computer.

    Intrusion Prevention *****(5/5)
    Like the previous items, nothing has gotten passed this guy yet either. Yet another solid product. Surprised?

    Attack Blocker * (1/5)
    Good idea, but it doesn't perform well. If someone is port scanning the Untangle Firewall, they will get back numerous open ports. We prefer anonymity, so we shut this guy off. It's a known problem, so maybe they will have it fixed in the next release.

    Firewall ***** (5/5)
    The Firewall Application provides protection at the transport layer. It controls all inbound and outbound traffic much like any firewall should, and what it doesn't block is scanned and filtered by the other applications. Firewalls either work or they don't, so its either all or nothing. This one works, so it gets a 5.

    Protocol Control ***** (5/5)
    This guy provides protection at the application layer, and it stops certain application protocols from accessing or entering the network even if the traffic is allowed on the server. For example, Skype and HTTP both TCP on port 80, so the firewall would let both through indiscriminately, yet the protocol control has the ability to shut down Skype while letting HTTP traffic flow. Like the firewall, it works or it doesn't. It works, so it gets a 5.

    Router ***** (5/5)
    Untangle acts like any NAT Internet gateway should. It also serves as a DHCP server and DNS forwarder. It works, therefore gets a 5.

    Untangle Reports ****** (6/5)
    This is probably my favorite feature of Untangle-no nonsense, professional looking, accessible, easy-to-read, and informative reports. I can't tell you how many times I've had to set up Log Server to catch logs using SNMP and other crap like that, then take the logs and interpret them, writing all my own reports. Untangle does it all for you. This feature is nonexistent in SonicWall and WatchGuard products. I give it a 6/5 for these reasons.

    Easy of Use ***** (5/5)
    This guy is a PIECE-OF-CAKE compared to other firewall products I've worked with. I really couldn't believe how easy it was to install and configure it. If I was a Net Administrator, I would fear for my job if this guy catches on. You still have to know something about networking to set this guy up, but you don't have to be a guru.

    Hardware Requirements **** (4/5)
    This guy requires some beef to run. John and I installed this guy on a 3.2 GHz Pentium 4 with 768 Megs of RAM. The major difference between this product and other similar products is that this guy doesn't require an extra computer or management console to store databases such as virus signature, logs, and other things--they are built right into the server. Pound for pound though, it still seemed a little steep compared to other firewalls of comparable performance.

    The Final Score: 55 out of a possible 60. If you are looking for a easy-to-us, inexpensive, powerful firewall, consider Untangle.

    Good Job Untangle Team. Thanks for a Great Product!

  2. #2
    Untangle Ninja gotkimchi's Avatar
    Join Date
    Jan 2007
    Location
    Bay Area
    Posts
    2,106

    Default

    First of all, welcome to the forums. Great review. Thanks for your honest opinion and assessment. I think you were spot on. We will improve with our 5.1. Also, more things to come like dual WAN, QoS, possible VOIP, backup, NAC, email server, directory, pretty much endless. There are many great open source projects, and with the great community, we all will reap in the rewards.
    to be understood, you must first understand. :)
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself. If you need Untangle support please call or email support@untangle.com

  3. #3
    mdh
    mdh is offline
    Untangle Ninja mdh's Avatar
    Join Date
    Aug 2007
    Posts
    4,752

    Default

    blaize,

    Welcome to the forums! Not being one to look a gift horse in the mouth, I'll limit my comment to one item...Attack Blocker. If someone is port scanning, they will THINK they are getting numerous open ports. That's the nature of the Attack Blocker. While they are doing their thing, the Attack Blocker is doing the same...profiling that user. The ports aren't really open. That is documented in many threads here. Beyond that, thanks for a great review!

  4. #4
    Untangler
    Join Date
    Feb 2008
    Posts
    80

    Default

    Quote Originally Posted by mdh View Post
    blaize,

    Welcome to the forums! Not being one to look a gift horse in the mouth, I'll limit my comment to one item...Attack Blocker. If someone is port scanning, they will THINK they are getting numerous open ports. That's the nature of the Attack Blocker. While they are doing their thing, the Attack Blocker is doing the same...profiling that user. The ports aren't really open. That is documented in many threads here. Beyond that, thanks for a great review!
    Like I wrote, we preffer anonymity over, and would rather not been seen than have folks known that we are actually there. Thanks for clarification though.

  5. #5
    Master Untangler Lee Sharp's Avatar
    Join Date
    Feb 2008
    Location
    Houston, TX
    Posts
    391

    Default

    In my business, bad information is worse then no information. I have spent days tracing a problem only to find out it was documented incorrectly... So I prefer the "bad" information the attack blocker provides. However, a real toggle for it would be nice. So would fail2ban...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2