Can I do this on untangle? Please help me..

[FixMaster]

Hi all,

I'm a newbie on networking setup, and pardon me if i post in wrong section.

Ok, I have several questions in mind, I already go through in this forum, but can't get a satisfied answer.

Please bear with me as I'm really newbie, because some question maybe look silly to you (an expert) but a genius question to me (a noob) .

1. Did untangle is same as squid? or its just the wrong thing to compare? I never install squid nor untangle. But as i see, the installation of untangle is more easy and more user friendly than squid. Or I need both of them on my network?

2. I take a look on this forum about bandwidth management, It seem it doesn't supported it right? My GM keep downloading things, watching video online, seems IT policy not worked against him (He also ask me to block this unnecessary thing on my network, but he still doing it. What a shame ) He even decline when i want to offer a new line (internet) just for him


So i must thinks other solution to block it, what I come in mind is this 2 things.

i) lets see I want to limit bandwidth to all user for 100MB of download, and after the user reach the 100mb (daily) and it will stop automatically. It can be done in untangle?

ii) If it can't be done, i want to make all user download / browse at the same speed, (not exactly the same speed, i mean it's already divide to all user) So not 1 user take all the bandwidth and using it.

3) Untangle can block extension? (exe, mp3, avi, 3gp, etc etc )

4) Can i monitoring a network in real times? means, if I caught who using the most bandwidth and I just terminated it.

Currently i don't have any firewall or proxy, so I want to use untangle to solve this problem. I will tell you a fact in my network

i) First of all, all user is admin right, so GPO not effects them.
ii) They love to downloading things, use any kind of software to take all the bandwidth
iii) The IT Policy is not worked against them, because they all the GM, Senior GM, Manager. If I give them a warning latter maybe they give me a resign latter

Please suggest me what I need to do.
Thanks in advance.

[sky-knight]

1.) Squid is a proxy server, Untangle is a UTM (Unified Thread Management) Server

This is a lot like trying to compare a car to a truck. Sure they are both four wheeled vehicles but which one to use to get from point A to B is greatly dependent on what you need to move around. Furthermore, Untangle is a conglomeration of multiple Open Source projects. Squid is a singular product.

2.) Untangle doesn't have bandwidth control, "yet" this feature is a major part of the version 8.0 that is in beta development. It should be release ready soon. It can at this point in time provide healthy content control features, which may be enough for your purpose.

i.) No, size based consumption control isn't supported. Nor do you really want it to be... this kind of control has a pile of unintended consequences that will likely bite you in the butt.

ii.) The attack blocker module ensures that network resources are spread among the users. It won't limit bandwidth perfectly evenly, but it does ensure that the limited network resources are spread out as evenly as possible. There are some exceptions, like heavy P2P use, this is being addressed in version 8.0 as well.

3.) Yes, the web filter as a mime type control option. Be careful, this also has some rather healthy negative impacts on a modern network. Use with care.

4.) Yes... and No, currently the only way to get this information is via a SSH connection and the use of the command line tools iftop, and jnettop. I believe there is something in 8.0 that will be useful in this regard.

i) This is normal for most SMB networks, and what Untangle was designed to protect.
ii) The AV module disables the HTTP resume feature by default. This was done to allow the AV modules to do their jobs fully. It nicely breaks just about every download manager from working. For the rest, there is the attack blocker.
iii) There is no technology solution to a human problem. The global economy isn't all that healthy, if people walk they do so at thier own risk. I know some areas of the world are doing ok... but this sort of attitude is dangerous to your organization as a whole. It needs addressed by HR, likely with the assistance of the business owner.

[FixMaster]

Hi Sky - Knight

Thank you for the explanation,

By the way, your answer lead me to another questions. I hoped you not bored with me =)

1) If I already install the 7 version of untangle, did i need to reinstall the product, if version 8 already release? Or It will update automatically? Or got some trick to install version 8 without losing my configuration?

2) The tools you mention iftop and jnettop, can running at untangle OS? or i have to setup another computer who running linux and run the iftop and jnettop?

3) If I want to install squid, which method i should follow?
Router > Squid > Untangle > Client
or
Router > Untangle > Squid > Client.

Or I can't running both of them in the same time because got side effect or something?

Anyway, I really thank to you because willing to answer my question just now.

You are the best Sky Knight.
Cheers

[sky-knight]

1.) Upgrades are part of the deal, there is an automatic updating system built in and the update will be pushed to your unit once it is authorized to receive it. Units are selected to receive upgrades in lots, to avoid over loading Untangle's update server. Most upgrades are done within 30 days of release.

2.) These tools operate on the Untangle console, within the terminal window. They are command line tools. They can be run via SSH from just about any remote OS.

3.) Running a proxy in conjunction with Untangle requires some creativity. Untangle is really designed to be the thing managing your network security.

Untangle cannot be a client of a proxy server, so placing it behind the proxy doesn't work very well. This configuration also breaks many of Untangle's features as the http streams will report connections to the proxy as opposed to the real internet servers.

Untangle can be placed in front of a proxy server, but this configuration removes Untangle's ability to see the clients. This makes reports more difficult to decypher, and makes the attack blocker almost useless.

[mozerd]

1.) Squid is a proxy server, Untangle is a UTM (Unified Thread Management) Server

I suspect that you meant to say Untangle is a UTM (Unified Threat Management) Server

[FixMaster]

Thank you sky-knight, =)

I'm looking forward to try this product, it has any tutorial about the installation? How about my client, I need configure setting at their computer to?

In my network almost all user using static IP, If i know the culprit who downloading things, can I doing something to stop it? By Ip address?

Can I block port for specific user or by Ip address? Instead blocking port for all user?

Love to use this product because of the good supported

Thanks in advance
Cheers

[dmorris]

2i) yes, in 8.0 with bandwidth control - its called quotas
just give each IP a quota of 100Mb and then define what happens after its exceeded

2ii) sorta. in 8.0 QoS does "fairness queueing" at the session level, but not at the IP level.

3) yes in web filter

4) yes with 8.0 bandwid control

[FixMaster]

Hi dmorris

Thanks for your concern, =)

approximately, which date it should be release 8.0 version?

[dmorris]

before the end of the year

[FixMaster]

Owh.. i see..

Now i'm downloading it.. after install and got any problem can I continue in this tread? Or I need to open another issues? (If I can't find one)