Results 1 to 6 of 6
  1. #1
    Untangler
    Join Date
    Apr 2008
    Posts
    73

    Default Untangle and OpenDNS Review

    Untangle and Open DNS review:

    What is Untangle? ( www.untangle.com )
    It is a free open source project, which allows you to create and load a CD which completely configures and dedicates a PC (it is its own operating system)
    The user interface is very simple and straightforward. A gui of an equipment rack with various appliances is shown. The following functions are available: (This is the free package, other functions can be paid for))
    Spam Blocker
    Phish Blocker
    Spyware Blocker
    Web Filter
    Virus Blocker
    Intrusion Prevention
    Protocol Control
    Attack Blocker
    Reports
    DNS server (not on rack)
    Firewall (which I am not using)
    OpenVPN(which I am not using)


    I have been using Untangle for a few weeks now to filter web access of around 15 users. Installation was extremely easy, plugging the Untangle box IN and OUT Ethernet jacks between the existing firewall and the users, then turning off the existing firewall webfilter function (Netscreen 5GT). I could have left the Netscreen webfilter on, but it did something along with the Untangle filter to limit the data throughput to 1mbit/sec. With the Netscreen filter turned off the throughput is around 4mbit/sec (close to the DSL speed).

    No glitches have been noted. The spam filter was grabbing real messages, even in lowest mode, but this may be because mail has already been filtered with a very good Barracuda box. I changed it from Quar to Tag and left it alone. Other filters are working without problems.

    Untangle is an excellent example of good software and great user interface.

    Note: Untangle is picky about the exact hardware that it will work on. Ok with most IDE motherboards, most SATA, but not many Raid or Server Raid setups (yet!). Certain networks cards do not get along.

    Hardware: P4 3ghz, 1gb ram, 40gb HD
    Untangle version 5.2

    What is OpenDNS: ( www.opendns.com )
    A replacement for often slow and unreliable internet provider DNS servers.

    You can just plug in the dns numbers (208.067.222.222 , 208.067.220.220) on the users desktop and be done, or you can register (free!) so that they recognize your ip adr. When registered you can check off a couple dozen categories such as Porn, games, etc. to block. This works well and is elegantly designed. Individual domains can also be white or blacklisted.

    I set my users desktop primary DNS to point to the Untangle DNS server (secondary to OpenDNS), and have the Untangle DNS server also pointed to Open DNS. Since they work from 2 different databases, the coverage is enhanced. I found the Untangle blocking to be very good and Open DNS (by itself) to be maybe 80% effective.
    gr

  2. #2
    Master Untangler
    Join Date
    Apr 2008
    Posts
    106

    Default

    We have our users primary DNS pointing to our internal DNS/AD Server and have their gateway set as the Untgangle Gateway, and have the OpenDNS IPs set on both the internal DNS/AD as the domain forwarder and the Untangle Gateway as the primary and secondary DNS.

  3. #3
    Master Untangler GhostyDog's Avatar
    Join Date
    Jul 2007
    Posts
    154

    Default

    Untangle and OpenDNS is a very solid solution I'm using the same here

  4. #4
    Untangler
    Join Date
    Apr 2008
    Location
    Bama
    Posts
    63

    Default Untangle on Server Boxes

    FYI:
    We run our untangle server on a Dell PowerEdge R200 in RAID 1 configuration.

    The untangle install worked right out of the box.
    Runs a dual core Xeon, and has 4GB of memory.

    Just a setup that seemed to work for me, you may want to do something similar, as you need some level of redundancy. The only down side is that the Untangle box doesn't know its own #*@ from a hole in the ground when it comes to RAID discs failing, so you have to check that on your own. Not a very big deal, just have to stay up to date a little, or configure the BMC to report raid errors to you when they happen, instead of relying on the box itself.

  5. #5
    Untangler
    Join Date
    Jan 2008
    Posts
    61

    Default

    Good Day

    I use the OpenDNS as well , in conjunction with the UT box, I have found on occasion that the Internet and Mail can be extremely slow, if I change the DNS it speeds up..after a few hours I change the DNS back to the OpenDNS and it works again..

  6. #6
    Untangle Ninja YeOldeStonecat's Avatar
    Join Date
    Aug 2007
    Posts
    1,549

    Default

    Quote Originally Posted by JGrubbs View Post
    We have our users primary DNS pointing to our internal DNS/AD Server and have their gateway set as the Untgangle Gateway, and have the OpenDNS IPs set on both the internal DNS/AD as the domain forwarder and the Untangle Gateway as the primary and secondary DNS.
    Same here for most of my clients...actually...all clients that have a DC. Naturally the workstations must use the IP of the Dc as their DNS, but I set the DNS servers forwarding to OpenDNS.

    Benefits of OpenDNS...is some cases their servers are faster than the ISPs, in other cases, they're slower than the ISPs.

    BUT..the benefit is, filtering out of known malware sites. It's an added layer of protection for my clients against malware. And of course an optional added benefit of content filtering.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2