Page 3 of 3 FirstFirst 123
Results 21 to 29 of 29
  1. #21
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,289

    Default

    Quote Originally Posted by sky-knight View Post
    General egress port blocking is for the birds, and people that like to be bald.
    HAY! I resemble that remark.

    That depends on the environment.

    For Operations Technology and Internet of Things (OT / IoT); I know exactly what ports are used, (Or I'll find out ;)
    And everything else can be blocked. No browsers involved.

  2. #22
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,799

    Default

    Quote Originally Posted by Jim.Alles View Post
    HAY! I resemble that remark.

    That depends on the environment.

    For Operations Technology and Internet of Things (OT / IoT); I know exactly what ports are used, (Or I'll find out
    And everything else can be blocked. No browsers involved.
    Yeah I suppose if you had a dedicated IoT segment a general block would be fine... just as I'm sure you're aware doing that anywhere users actually live just creates so many hard to troubleshoot broken things... so many broken things...

    I'm not at the point where I'm isolating that far yet, but now that I've got a full Unifi stack here at home behind my NFR I probably should.
    Jim.Alles likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #23
    Untangler
    Join Date
    Feb 2016
    Posts
    38

    Default

    But doesn't this app also do some encrypted traffic analysis? The following paragraph is listed in the description of the app from Untangle.

    Securing Encrypted Internet Activity
    In a response to combat the increasing threats from cybercriminals, the internet is becoming more and more encrypted. When information is encrypted over the Internet, text and valuable information is scrambled into an unreadable format. This cipher text helps to protect confidential information being transmitted through the Internet. Traditional security solutions cannot unscramble the encrypted information, making it a hotspot for hackers to hide malware or other malicious code without being noticed. The Threat Prevention app can make an assessment anyway, even when data is encrypted and block any harmful file or transmission before it gets to the gateway.


    Cisco has a product that claims to do this called, not coincidentally, ETA. https://www.cisco.com/c/en/us/soluti...urity/eta.html

    I tried using SSL Inspector, and realized in the wonderful world of applications each using their own certificates, it's a losing battle. That's why I'm all the more interested in the Threat Prevention app. Being able to recognize malicious patterns in encrypted traffic could be a huge benefit to security, while still protecting privacy.

  4. #24
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,799

    Default

    No... it doesn't. Threat Prevention is nothing more than a reputation check against the IP addresses or URLs involved in the network session.

    Threat Prevention is not Cisco's ETA, not even close.

    Threat Prevention doesn't care about SSL, it just cares about the addresses doing the talking.
    Last edited by sky-knight; 05-18-2020 at 02:05 PM.
    f1assistance likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #25
    Untangler
    Join Date
    Feb 2016
    Posts
    38

    Default

    Thanks for the clarification SK.

    By the way, you mentioned running a full UniFi stack. I recently went from a 75 meg connection to 700 meg. I had to start using my Untangle for QoS as the UniFi version "Smart Queues" currently puts such a huge load on the Unifi USG CPU that it kills the throughput. About 80 meg for the USG, and approx. 250 meg for the USG-Pro. No info on the Dream Machine yet. Thought I'd mention it if it saves you some headache.

    If you don't mind me asking, do you intend to run the Untangle bridged behind the UniFi router, or are you using Untangle as the router? I'm guessing bridged since you said full stack. Just wondering your reasoning one way or the other, since I have to make a similar decision.

  6. #26
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,799

    Default

    I don't use or recommend any of Ubiquity's routing products. Untangle is at the edge, with a DNS record for the unifi controller, so all the Unifi stuff behind Untangle can find home, and stand up and work.

    When I say full stack, I mean switches and WAPs.

    P.S. I don't expect much from their so called "Dream Machine" or its larger brother "Deam Machine Pro".

    They're junk... and utterly incapable of doing the jobs they've been specified to do, unless you go with a low bandwidth circumstance. As you've already discovered...
    Last edited by sky-knight; 05-18-2020 at 04:31 PM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #27
    Untangler IHateShuttle's Avatar
    Join Date
    Jul 2009
    Location
    Left Coast
    Posts
    73

    Default

    I might want to buy just this module too.

  8. #28
    Newbie
    Join Date
    Feb 2012
    Posts
    6

    Default

    I would be interested in buying this module as well.

  9. #29
    Newbie
    Join Date
    Jul 2020
    Location
    Montreal
    Posts
    1

    Default

    i would certainly buy this modules for like 25$ a years on top of the 50$ a year for the homepro license...

Page 3 of 3 FirstFirst 123

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2