Untangle's Multi-Functional Firewall Software

 in
Untangling your network with Untangle.

Most reviews are based on trying a product and running it through hypothetical situations to see how it performs. In the case of my Untangle review, I had an emergency for which I needed a Web filter ASAP. I'm the technology director for a K–12 school district in Michigan, and our proprietary Web filter quit working. In order to meet federal requirements for Internet filtering, I had to have a working Web filter, and I had to have it before the next morning—thus, my full-blown, production-level review of the Untangle product. Hopefully, my all-night installation and configuration marathon is beneficial to you.

The Swiss Army Network Knife

At its core, Untangle is a Linux distribution designed to filter and manage network traffic. It can act as a transparent bridge functioning between a router and network, or it can work in router mode, both filtering and routing at the same time. I tested Untangle in transparent bridge mode, but if used as a router, it supports load balancing from multiple WAN links (for additional cost).

Untangle is a free product that offers premium commercial options. Although it's obvious the company wants to sell those premium products, the free features are surprisingly robust. (See the sidebar for a comparison of free features vs. commercial add-ons.) For my test, I activated most of the free features and started a 14-day trial of the premium Web filter.

My Tango with Untangle

Installation is done similarly to any other Linux distribution. The steps were very simple and mostly automatic. My server was a standard rackmount Dell machine, and all hardware was detected and configured correctly. After initial installation, all configuration is done via Web browser. Interestingly, the Untangle server installs the X Window System and a browser, so configuration can be done directly on the server. I found it more convenient, however, to configure it remotely.

When you first log in to the configuration page, you're presented with a graphical representation of an empty server rack. As you add services, they visually fill this “rack” on your screen (Figure 1). Each service is represented as a service on the virtual rack and can be turned on or off by clicking on a virtual power button. I'll admit it seemed a bit silly at first glance, but after a while, I found it rather logical and easy to use. (It also made it easy to turn services off, which was required as my production day started. More on that later.)

Figure 1. Adding services fills a “rack” on your screen.

The configuration pages for most services are similar in design. Figure 2 shows the configuration window for the Spyware Blocker module. Although I wish many of the modules had more configuration options available, Untangle provides a decent set of configurations with a very sensible default setting for most features. The biggest frustration I had with Untangle was its extremely limited authentication integration. Although the server apparently will authenticate against a Microsoft Active Directory, I don't have AD in my network. The only other authentication option is to use a Radius server, which quite frankly I haven't had on my network since we hosted dial-up networking. The inability to communicate via LDAP or Open Directory forced me to use Untangled in anonymous mode. That was fine for my emergency situation, but it would be a major hurdle for permanent adoption in my network.

Figure 2. Configuration Window for the Spyware Blocker Module

______________________

Shawn Powers is an Associate Editor for Linux Journal. You might find him chatting on the IRC channel, or Twitter

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Block adult website

Best Gadget's picture

can i use this for block adul site in my network?

Blocking adult sites

jnihil's picture

If all you want to do is to block adult web sites, OpenDNS may be all you need instead of installing a UTM such as Untangle or Astaro (free).

thanks for sharing your

mma news's picture

thanks for sharing your review . This is really helpful for me .

Multi-Functional Firewall Software

jnihil's picture

I think the term commonly used is UTM.

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState