Results 1 to 5 of 5
  1. #1
    Join Date
    Jun 2018

    Default Age old question

    Hi all,

    I am still relatively new at UTM and I know this is just a matter of preference.

    I am considering untangle and opnsense/pfsense.

    What makes untangle better than opnsense or untangle, besides the rich UI.

    I would love to hear some thoughts.

    Thank you

  2. #2
    Master Untangler
    Join Date
    May 2008


    Look at the features you want and choose accordingly. Since you are running vm's try them all. You cold even put one behind the other and look at the reports to see what was missed by the other. I have had pfsense in front of untangle to have dns over tls.

    Get creative.

  3. #3
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    York, NE


    I like to think of it this way, assuming a basic understanding of the OSI model:

    pfSense is a layer-3 native firewall with a few layer-7 features.

    Untangle is a layer-7 native firewall, which means it's also kinda awesome at layer 3 by default.

    The trick is understanding that operating at layer 7 does have a performance issue. We see people on the forums occasionally who complain about Untangle performance because they turned on EVERYTHING and don't understand the implications of all that layer 7 unwrapping/re-wrapping.

    So if you want those nice layer 7 features, like web filter, session viewer, virus blocker, etc, Untangle is a great choice. If you're only looking for basic firewall service, and are comfortable with networking terminology such that pfSense doesn't scare you, then pfSense might be your better option.

    One addition to this is pfSense does have options for doing layer 7 web filtering. It's worth mentioning the service Untangle uses blows them away.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 14.1.1 to protect 500Mbits for ~400 residential college students and associated staff and faculty

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Phoenix, AZ


    PFSense vs Untangle is apples vs oranges.

    PFSense is a superior layer 2 and layer 3 platform.
    Untangle is a superior layer 7 platform.

    PFSense is a firewall with upgrade options that make it pretend it's a UTM.
    Untangle is a fully featured, and well tested UTM with some firewall features.

    I use both products, they have different niches. PFSense is fading however, because I can use all sorts of different gear from different vendors that can do all that it does, better, more cheaply, and more consistently. But if I need a virtual firewall on layer 2 in a virtual fabric somewhere, it's my goto. A truly invisible bridge to work in some ACLs without segmenting the network... it's amazing here.

    Untangle is Untangle, the only time it loses is when someone wants a full stack implementation. Even then I sorely miss it because UNtnagle's logging and reports are second to none. The visibility it provides is critical, and losing it feels like my left arm has been lopped off.

    *Edit* I need to amend my statement, now that Untangle is incorporating dynamic routing support, PFSense is no longer a superior layer 3 platform in terms of features. However, Untangle is heavier than PFSense so if all you need is layer 3, PFSense will do the job with far fewer resources.
    Last edited by sky-knight; 08-08-2018 at 12:42 PM.
    f1assistance likes this.
    Rob Sandling, BS:SWE, MCP
    Phone: 866-794-8879 x201

  5. #5
    Master Untangler
    Join Date
    May 2010
    Texas, USA


    Good summaries.

    If you need only L2/L3 I would go with pfSense - it's free, easy to configure, and fast.

    If you need application level inspection (L7) then Untangle is much better at it, has a better interface, and better logging and reporting - but isn't free.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

SEO by vBSEO 3.6.0 PL2