Untangle's Multi-Functional Firewall Software

Most reviews are based on trying a product and running it through hypothetical situations to see how it performs. In the case of my Untangle review, I had an emergency for which I needed a Web filter ASAP. I'm the technology director for a K–12 school district in Michigan, and our proprietary Web filter quit working. In order to meet federal requirements for Internet filtering, I had to have a working Web filter, and I had to have it before the next morning—thus, my full-blown, production-level review of the Untangle product. Hopefully, my all-night installation and configuration marathon is beneficial to you.

At its core, Untangle is a Linux distribution designed to filter and manage network traffic. It can act as a transparent bridge functioning between a router and network, or it can work in router mode, both filtering and routing at the same time. I tested Untangle in transparent bridge mode, but if used as a router, it supports load balancing from multiple WAN links (for additional cost).

Untangle is a free product that offers premium commercial options. Although it's obvious the company wants to sell those premium products, the free features are surprisingly robust. (See the sidebar for a comparison of free features vs. commercial add-ons.) For my test, I activated most of the free features and started a 14-day trial of the premium Web filter.

Installation is done similarly to any other Linux distribution. The steps were very simple and mostly automatic. My server was a standard rackmount Dell machine, and all hardware was detected and configured correctly. After initial installation, all configuration is done via Web browser. Interestingly, the Untangle server installs the X Window System and a browser, so configuration can be done directly on the server. I found it more convenient, however, to configure it remotely.

When you first log in to the configuration page, you're presented with a graphical representation of an empty server rack. As you add services, they visually fill this “rack” on your screen (Figure 1). Each service is represented as a service on the virtual rack and can be turned on or off by clicking on a virtual power button. I'll admit it seemed a bit silly at first glance, but after a while, I found it rather logical and easy to use. (It also made it easy to turn services off, which was required as my production day started. More on that later.)

Figure 1. Adding services fills a “rack” on your screen.

The configuration pages for most services are similar in design. Figure 2 shows the configuration window for the Spyware Blocker module. Although I wish many of the modules had more configuration options available, Untangle provides a decent set of configurations with a very sensible default setting for most features. The biggest frustration I had with Untangle was its extremely limited authentication integration. Although the server apparently will authenticate against a Microsoft Active Directory, I don't have AD in my network. The only other authentication option is to use a Radius server, which quite frankly I haven't had on my network since we hosted dial-up networking. The inability to communicate via LDAP or Open Directory forced me to use Untangled in anonymous mode. That was fine for my emergency situation, but it would be a major hurdle for permanent adoption in my network.

Figure 2. Configuration Window for the Spyware Blocker Module