Untangle's Multi-Functional Firewall Software
Most reviews are based on trying a product and running it through hypothetical situations to see how it performs. In the case of my Untangle review, I had an emergency for which I needed a Web filter ASAP. I'm the technology director for a K–12 school district in Michigan, and our proprietary Web filter quit working. In order to meet federal requirements for Internet filtering, I had to have a working Web filter, and I had to have it before the next morning—thus, my full-blown, production-level review of the Untangle product. Hopefully, my all-night installation and configuration marathon is beneficial to you.
At its core, Untangle is a Linux distribution designed to filter and manage network traffic. It can act as a transparent bridge functioning between a router and network, or it can work in router mode, both filtering and routing at the same time. I tested Untangle in transparent bridge mode, but if used as a router, it supports load balancing from multiple WAN links (for additional cost).
Untangle is a free product that offers premium commercial options. Although it's obvious the company wants to sell those premium products, the free features are surprisingly robust. (See the sidebar for a comparison of free features vs. commercial add-ons.) For my test, I activated most of the free features and started a 14-day trial of the premium Web filter.
Free Features vs. Commercial Add-ons
Web Filter Lite
Kaspersky Virus Blocker
Commtouch Spam Booster
Installation is done similarly to any other Linux distribution. The steps were very simple and mostly automatic. My server was a standard rackmount Dell machine, and all hardware was detected and configured correctly. After initial installation, all configuration is done via Web browser. Interestingly, the Untangle server installs the X Window System and a browser, so configuration can be done directly on the server. I found it more convenient, however, to configure it remotely.
When you first log in to the configuration page, you're presented with a graphical representation of an empty server rack. As you add services, they visually fill this “rack” on your screen (Figure 1). Each service is represented as a service on the virtual rack and can be turned on or off by clicking on a virtual power button. I'll admit it seemed a bit silly at first glance, but after a while, I found it rather logical and easy to use. (It also made it easy to turn services off, which was required as my production day started. More on that later.)
The configuration pages for most services are similar in design. Figure 2 shows the configuration window for the Spyware Blocker module. Although I wish many of the modules had more configuration options available, Untangle provides a decent set of configurations with a very sensible default setting for most features. The biggest frustration I had with Untangle was its extremely limited authentication integration. Although the server apparently will authenticate against a Microsoft Active Directory, I don't have AD in my network. The only other authentication option is to use a Radius server, which quite frankly I haven't had on my network since we hosted dial-up networking. The inability to communicate via LDAP or Open Directory forced me to use Untangled in anonymous mode. That was fine for my emergency situation, but it would be a major hurdle for permanent adoption in my network.
|Free Today: September Issue of Linux Journal (Retail value: $5.99)||Sep 27, 2016|
|nginx||Sep 27, 2016|
|Epiq Solutions' Sidekiq M.2||Sep 26, 2016|
|Nativ Disc||Sep 23, 2016|
|Android Browser Security--What You Haven't Been Told||Sep 22, 2016|
|The Many Paths to a Solution||Sep 21, 2016|
- Android Browser Security--What You Haven't Been Told
- Readers' Choice Awards 2013
- Epiq Solutions' Sidekiq M.2
- Nativ Disc
- The Many Paths to a Solution
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- Synopsys' Coverity
- Returning Values from Bash Functions
- Securing the Programmer
Pick up any e-commerce web or mobile app today, and you’ll be holding a mashup of interconnected applications and services from a variety of different providers. For instance, when you connect to Amazon’s e-commerce app, cookies, tags and pixels that are monitored by solutions like Exact Target, BazaarVoice, Bing, Shopzilla, Liveramp and Google Tag Manager track every action you take. You’re presented with special offers and coupons based on your viewing and buying patterns. If you find something you want for your birthday, a third party manages your wish list, which you can share through multiple social- media outlets or email to a friend. When you select something to buy, you find yourself presented with similar items as kind suggestions. And when you finally check out, you’re offered the ability to pay with promo codes, gifts cards, PayPal or a variety of credit cards.Get the Guide