Page 1 of 2 12 LastLast
Results 1 to 10 of 12
  1. #1
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    676

    Default Active hosts aren't active hosts if they're bypassed

    If I'm reading this post correctly:
    https://forums.untangle.com/installa...tml#post207376

    If I'm understanding this statement, it means that I can have a computer that is actively on the internet routed through Untangle NGFW. But if there is a bypass rule for all sessions created by this device (and assuming that no inbound sessions originate to the device), this would mean that despite the device being actively on the internet and actively routed through Untangle NGFW, Untangle will shows the device as NOT active. Correct?

    I realize this is getting into nomenclature territory. But I think you can appreciate how this could cause confusion. I would suggest you consider changing this terminology to make it more clear. How about "Actively Protected" devices? I know it's longer, but it would make more sense.

    Or perhaps 3 statuses:
    • Protected (actively going through the UVM)
    • Unprotected (active with routed activity, but no sessions having recently been through the UVM)
    • Inactive (no recent network activity)


    Thoughts?
    Last edited by dmor; 05-30-2017 at 12:27 PM. Reason: Readability

  2. #2
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    676

    Default

    Or:
    • Active
    • Not Entitled
    • Bypassed
    • Inactive



    This would be even more accurate.

  3. #3
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    676

    Default

    Would be great to see these by host, and not just by session. Would greatly help with better understanding of count of devices truly going through Untangle NGFW, based on the licensing status of each group.

  4. #4
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    676

    Default

    I actually think the last 4 statuses I mentioned would help IT staff upsell/justify more UTM licensing, because it would always be in front of our faces that some devices are not being protected by Untangle NGFW. Otherwise the current dashboard presentation makes it easy to forget about the bypassed and not-entitled devices.

  5. #5
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    Quote Originally Posted by dkmortensen View Post
    Or:
    • Active
    • Not Entitled
    • Bypassed
    • Inactive



    This would be even more accurate.
    Click on "Hosts" in the upper right and you can see all this.

    Except "Bypassed" - there is not such thing as a "Bypassed" Host. You can bypass sessions.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #6
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    676

    Default

    Quote Originally Posted by dmorris View Post
    Click on "Hosts" in the upper right and you can see all this.

    Except "Bypassed" - there is not such thing as a "Bypassed" Host. You can bypass sessions.
    Ok. So if they are listed in that "current hosts" tab, and show Inactive, it is safe to say they actively transmitting traffic, but just haven't recently transmitted anything through the UVM (meaning all their sessions have been bypassed)?

  7. #7
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    They may not be actively transmitting anything, or they may be but its bypassed.
    Either way, they aren't "active" because they aren't creating any scanned sessions recently.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  8. #8
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    676

    Default

    OK. Final question just to be clear: Will a host that is actively transmitting packets always appear in this screen even if all their sessions are bypassed? Thanks.

  9. #9
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    It is unlikely it would appear.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  10. #10
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    676

    Default

    Quote Originally Posted by dmorris View Post
    It is unlikely it would appear.
    Wow. Does that also mean that it is possible for devices which are permanently bypassed to never appear in the list of hosts?

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2