I have been using Untangle Firewall Since 2008, I have installed and implemented this for various clients and till today I didn’t get any complain. Today in 2021, I I thought to share my experience with you all. So that you can also take the benefit from Open Source best in class Next Generation Firewall.
Read this blog till end, so that you can get it implemented without researching further.
So let us begin.
Untangle Firewall is a Next Generation Firewall. It is an opensource Unified Threat Management System. Though it has various paid application where you need to buy the subscription. But you have limited IT Resource and less budget, you can still opt for the Free Apps.
Generally, it is very complex to ensure that every device on your network is adequately protected, but Untangle Firewall simplifies network security with a Modular Software Platform which is best fit, flexible and scalable for any size of Organization.
Whether you want to gain visibility to network traffic, or want to do content filtering for thread protection. WebUI helps you to do all of this in easy steps.
You might need to connect multiple Sites using VPN or you want users to access Corporate network through secured tunnel, Untangle Firewall has all that.
Untangle NG Firewall is an enterprise-grade network security platform.
Using Untangle Firewall you can protect your network, filter the content using various applications and then by prioritizing the traffic and by enable Quality of Service (Qos) you can maximize the performance of your network.
So how can we implment Untangle Firewall,
Untangle Firewall Appliance
Depending upon the Size of Network, Number of Devices or the number of applications that you want to use, you need to have the hardware. Though you can buy the hardware from Untangle, but we will be using our existing hardware which is not being used.
List of hardware is available in the link below;
Let us say you have an OLD PC, with 2GB RAM and at least 60GB Hard Disk and you have maximum 50 Nodes on network. So you are all set to Install this.
But I will be Installing this to my Custom Hardware that I have build specially for my clients.
It is branded as Safegate and it is Available from The Integrated Connection LLC, Oman
I can arrange to ship preinstalled Hardware and if you want to me to configure I can do that as well. So you can send me email for details;
Email : firstname.lastname@example.org
So Let us begin the Installation process;
Untangle Firewall Installation
First you create a free account on Untangle (https://untangle.com/CMD)
Then you login and Download the latest ISO File.
Burn File to USB Stick or DVD.
It is a Guided Installation, so Simply you need to Installation.
After finishing the Installation, remove the Media and Reboot the System. It will boot from the hard disk and you will see the Logo of Untangle. Let us boot Until you see the Desktop Screen.
Full Tutorial is Available Here Please
Untangle Firewall – Basic Setup
You can access the Web User Interface Using by launching the Client from Graphical User Interface.
Where you can configure the basic settings in easy steps;
- Chose Language
- Set Admin Password and Email
- Chose Type of Organization and Time Zone
- Configure (WAN and LAN Interface) and Enable DHCP
- Once Network Address is configured now Untangle Firwall is ready to be configured.
Untangle Firewall – Command Center
Once Untangle is ready after Network address you need to connect to the command center. You have to enter the credentials to connect your Untangle Firewall to the Command Center. It will help you to download app and then Manage your Untangle Firewall Using Command Center.
Untangle Firewall Configuration
As untangle firewall is configured now, so you can access the server using Web User Interface, of your PC browser.
Untangle Firewall Applications
Though a complete tutorial I will help you to Install and Configure Untangle Firewall Completely.
We will use all free applications to Connect, Protect, Filter, Perform and Manage our Network.
Let us see what applications we will use in Untangle Firewall and what are the benefits of these.
Are you concerned about connecting Guests to your network, or connecting branches to corporate network. Or you have staff working remotely or working from home?
Untangle NG Firewall has free apps to help you to answer above questions.
Having Network Security Policy is essential for the organizations to ensure that employees are aware of their responsibility when using corporate network. Captive portal helps you to enforce Employees to read the Policy and then Connect to the Network.
Similarly Guest can also be given access to the Internet, once they read and agree policy.
Secure Remote access is easy with Untangle Firewall. OpenVPN can be configured to provide access to internal network to remote users and sites.
Tunnel VPN is another easiest way to create a secure connection between internal network and remote network. But I will recommend to use only one OpenVPN app. I have been Using Open VPN and I am quite satisfied.
Untangle as a Gateway is a single solution that save our money by talking malware, hacking attempts, phising and other threats before they reach to the users. For this purpose following FREE applications are used;
As far as network security is concerned it is essential to draw a line between Internal and External Networks. Having firewall is essential where we can use filters based on IP Addresses, Protocols and Ports. Firewall applications helps the network administration to which systems and services to be enabled locally and publically. Where inbound and outbound access can be controlled easily.
Intrusion Prevention blocks hacking attempts before they reach internal servers and desktops. Untangle’s pre-configured signature-based IPS makes it easier for administrators to provide 24/7 network protection from hackers.
There are thousands of signature which are updated automatically for variety of attacks that helps in detection of attacks, including heuristic signatures of port scans that and blocks most suspicious requests and you can also monitor it effectively.
Email and website spoofing is now a days very sophisticated, and it is impossible to recognize that. So phish blocker protects users from phishing emails and fraudulent pharming websites. Latest signatures are automatically updated.
As Users at cooperate network are connected to Internet. Therefore, Network Security Professionals are always concerned to control what users can access, install and use from Internet. Be it on PC or Smart Phone. Filtering feature helps us to control rogue application, encrypted web request, malware distribution point, drive-by malvertising attempt, and rash of spam, so let us see what applications can be used to achieve this goal.
Some of the banner ads are link to scam and malware. Though Ad Blocker we can easily block such ads at gateway without installing any plugin at browser. We can also create customer rules and exceptions.
Application Control (Lite)
It is signature based layer 7 filtering application that helps blocking messaging, gaming and various other application, this is the best way to control the network bandwidth. Exceptions are always that, that you can add, but don’t forget to block peer to peer applications.
Spam Blocker (Lite)
Spam can be blocked at gateway before it reaches the users. There is no need to do installation at client end. Various opensource built in spam filtering tools and techniques will block the Spam. Each user can access their own quarantine and spam folder without bothering IT Staff.
Web Categorization and analytics is crucial. This application has billions of URLs classified from millions of domains in various languages. We can monitor the web traffic, but this applicaion can’t control (filter) the web traffic. For that paid application is required.
Who’s doing what and when on your network. You can see this all using the Reports.
Detailed view of Traffic on the Network can be see in reports, the reports are database driver can can be drilled down to any aspect of traffic. These reports are fully dynamic, interactive and customizable.
If you want to monitor the traffic on the network on Realtime, you can use Dashboard where you can add common widgets and can also use custom widgets using various filters.
You can also Install Untangle as Virtual Appliance. I have installed it on Various platforms and PROXMOX is also one of them which is Opensource