Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 26
  1. #11
    Master Untangler
    Join Date
    Jul 2008
    Posts
    212

    Default

    I'd like to see the Command Center have an option for self hosted. Also would like to see support for certbot/lets encrypt.

  2. #12
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,858

    Default

    I don't think a self hosted command center is in the cards. But I have a crazy idea to try that might make something close. I'm waiting on another project to tick off the appropriate boxes. (Note, this project is NOT a router, I'm not trying to replace Untangle)
    agit8or and tgr225 like this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #13
    Untangler
    Join Date
    May 2018
    Posts
    75

    Default

    Thanks for all the comments and feedback on our 16.3 beta so far. Apologies if we didn't get the feature you were waiting for in this release, but we appreciate all your early testing and feedback. Every piece of feedback is important to us.

    Some responses to comments in this thread
    - 2FA is for OpenVPN. Note, we have 2FA through Command Center and you can link your Command Center account with your Google or Microsoft accounts.
    - Self hosted Command Center (running your own Command Center) is not planned.
    - Regarding Lets Encrypt, we see that is a very popular request on feedback.untangle.com. Please continue to share your use cases there (for remote administration, or for VPN for example).

    We'll post back with a release candidate in a couple of weeks. Upgrades will be rolled out over time as we usually do for releases. If you want to get the upgrade soon after it's available, please send your appliance UID to support@untangle.com and ask to join the Early Upgrade list.
    Heather P
    Untangle Product Team

  4. #14
    Master Untangler
    Join Date
    Jul 2008
    Posts
    212

    Default

    Quote Originally Posted by hpaunet View Post
    - Self hosted Command Center (running your own Command Center) is not planned.
    Here's my issue. With our self hosted stuff, most is behind a VPN for security. Even the public facing stuff we host uses geolocation filtering. That's something Untangle can't do, due to how many customers need to access it. To us, it's a security risk, and one that we may need to re-evaluate if that doesnt change.

    Also any future support for certbot/lets encrypt?

  5. #15
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,858

    Default

    2FA to get to admin, when the admin is exposed to the LAN without 2FA... IS NOT BLOODY 2FA! 2FA on OpenVPN is a WASTE OF TIME. Though I suppose someone will think otherwise. (badly I might add)

    2FA the VPN when the bloody admin that controls the VPN isn't 2FA'd... ugh.... Yeah you can 2FA the Command Center, and that's good. But as long as a privilege account can access the local device without that 2FA... NOTHING is stopping a bot on an internal machine from wrecking the house.

    Blind leading the blind. This is 2021, do you need a flashlight or something over there? YES, this has been overlooked by literally EVERYONE ELSE too. But it doesn't make the situation any less inexcusable.

    This is exactly the sort of thing I need to SELL THIS MESS in 2021. Even at the premium prices we're charging.

    ALL ADMIN LOGINS MUST BE MFA! ALL OF THEM! This is nonnegotiable at the prices you charge.
    Last edited by sky-knight; 04-27-2021 at 01:50 PM.
    tgr225, atomicboy, sperman and 5 others like this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #16
    Master Untangler
    Join Date
    Jul 2008
    Posts
    212

    Default

    Imagine if command center got compromised. Just add it to the long list of companies.... That's the risk you are putting on all customers by not giving them the option to self host their own command center.

  7. #17
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,858

    Default

    Quote Originally Posted by agit8or View Post
    Imagine if command center got compromised. Just add it to the long list of companies.... That's the risk you are putting on all customers by not giving them the option to self host their own command center.
    They did that... it's called untick the command center box. Back that up with a NGinx server with VPNs to all your boxes and some reverse proxy links. It's not hard to build your own "single pane of glass".

    I'm working on something even better... but the fact that Untangle allows you to dis-enroll a device from the Command Center is all that I require.

    That is, assuming the local admin is properly 2FA protected...
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  8. #18
    Untangle Ninja
    Join Date
    May 2008
    Posts
    1,523

    Default

    Seems the cpu and memory use have gone down quite a bit.

  9. #19
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,858

    Default

    Quote Originally Posted by donhwyo View Post
    Seems the cpu and memory use have gone down quite a bit.
    That's been a steady drumbeat repeated over years, Untangle usually gets a bit lighter every release.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #20
    Master Untangler
    Join Date
    Oct 2013
    Posts
    237

    Default

    Quote Originally Posted by sky-knight View Post
    A button to dump reports data instead of forcing retention to the configured value?

    We have the means to say hey... dump everything beyond X days... I get that driving the nail with the wrecking ball is sometimes necessary, but this seems overly destructive.
    This.

    It'll be nice to have this granularity. The "nuke em" option, I agree, is overkill when all that's needed is to be able to manually purge entries beyond a certain time.

Page 2 of 3 FirstFirst 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2