Hi all.
I've been working towards a transition from pfSense to Untangle. However, after reading this (https://forums.untangle.com/installa...-question.html) I'm concerned that the Untangle license mechanism creates serious risk on a network. I'm a SOHO user who paid the $50 and I'm happy to do so. However, I really, really think you guys should strongly consider using a different mechanism.
As I understand it, any IP which goes through Untangle is considered an "active" device. If that is true, then as an attacker, I know that I only have to generate whatever number of requests (spoofing IP addresses on each one, which as you know is trivial) causes Untangle to think it's over its limit to effectively disable Untangle and open the outbound door, so to speak. This might not be a big concern for many SOHO environments where they let LAN -> ANY, but in a serious environment (or one run by someone who is security conscious ;-) this is a very big concern. Extrusion detection and prevention is equally important to Intrusion detection.
IMHO, this is a very big risk in moving to Untangle, and one that might prevent me from doing so. I may be paranoid, but I don't consider it overly so.
Thoughts?