Untangle Firewall Review

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
tom here from lauren systems we're going to talk about untangle and i want to get a couple things out of the way up front one we are a reseller of untangle and i bring that up just because i like to be as upfront as possible about any biases i may have with this video this video is not paid for endorsed and given this was not given to me by entangle so my affiliation with them is only as a reseller and solution provider with their product they have no pre-release of this particular video why would you use untangle well because untangle is a pretty complete system and that's one of the reasons we like it as a solution and why it's something we offer and i've done videos on it before it's been a little while and i wanted to do some updated ones because the latest version of untangle has a lot of great features inside of it also it's the one stop shop that's probably the most affordable solution i have seen and quality and good all at the same time that offers a one single pane of glass that lets you do web filtering that lets you do threat monitoring that lets you have really good deep packet inspection that has the option of doing installed ssl certificates but doesn't need them to do the basics of web filtering and it has licensing that's very reasonably priced for both businesses and home users and i see the home users because that's a separate video i'm going to be doing with this box where i dive deep into just the home edition because well their home pricing is really great solution for people trying to filter and figure out where their kids are going and maybe shouldn't be going at home so before we dive into all that let's first if you'd like to learn more about me or my company head over to lawrences.com if you'd like to hire a short project there's a hires button right at the top if you'd like to help keep this channel sponsor free and thank you to everyone who already has there is a join button here for youtube and a patreon page your support is greatly appreciated if you're looking for deals or discounts on products and services we offer on this channel check out the affiliate links down below they're in the description of all of our videos including a link to our shirt store we have a wide variety of shirts that we sell and new designs come out well randomly so check back frequently and finally our forums forums.laurensystems.com is where you can have a more in-depth discussion about this video and other tech topics you've seen on this channel now back to our content now just before we get to pricing let's start with version comparison between the free and paid version so yes they do have a free version and it does come with quite a few features it does come with the in-depth reporting and things like that but it's not a very complete version so it'll route and it'll do firewall and if you buy a license one and later don't pay the license for it it can defer back to being the free version you just lose those extra bells and whistles and they have a comparison by application here as you run down the list here you'll see all the different features you get for free versus the ones you get on the paid version so you can start off by testing this for free and it's free forever not kind of sort of free it's a free product and it is built on a series of open source products but like i said if you really want those fancier features such as the web monitoring or the application control you're going to have to pay for those are the way that is the way this works now the good news is if we open up both of these right here where it says application control and application control light you're probably going well those are cool words but what do they actually mean in terms of what the difference is well for each of these they have a breakdown of what the differences are then you go to live demo same thing breakdown of what the application light can do and you have a live demo please note i didn't log in i didn't give them my email address so you can anonymously wander over to their website and get an idea of how these systems work without even loading this anywhere that's something i really like about entangle they give you a lot of information up front to help make a decision and i'll give you an example here so if we go over here and we look at things like facebook and maybe we want to filter out farmville and some of the other facebook applications that showed up in here we want to block those it's pretty easy with the full version of application the lite version well not so much they have some policy information some category information you can put in but obviously not near as in depth so they give you kind of an idea and they break down down further than it goes on the scope of this particular video of what each of the differences are when there's a light version of these now things that are kind of interesting that they do include is open vpn captive portal and tunnel vpn in the free version uh the tunnel vpn i've done a video on which a link below which is allows you to create a tunnel and create some policy routes so you can route things specifically over a vpn to let's say a privacy oriented vpn provider nice feature they have this built in and nice that you get this for free it's something i've recommended to home users before they're looking for a really easy way to get that set up now policy management usually something more business or business oriented and directory connector where you can connect attract directory and create tagged policies and features now i'll also mention if you're an i.t provider or manage service rider like we are and you want to do this to resell to your clients yes this does have an entire dashboard all these can be tied into so you can have visibility into all of your clients networks through a single dashboard and by the way that dashboard does not give them automatic login for untangled to log in it just proxies the connection to the web interface so you can get into it so it's pretty cool the way they have that set up and works rather well is something we used and put clients into the dashboard now let's get right to the pricing and i'm not going to do the usual bs i see with so many of these companies of just call me for pricing and that's usually what it says call right no untingle decided to put the pricing up front which is actually one of the things that i like them about a company so you can make a decision that you are never paying that much or you're okay with paying that much before you ever had to deal with some sales person or put your name on a mailing list um that you will never be able to get off of sometimes it feels like uh they don't harass you um you don't have to you know contact a partner distributor or even untangle to get the pricing you go decide which one you want the versions one you can buy it on an appliance like i have sitting next to me here or you can just buy the software so you can download it and load it on your own hardware or virtualize it in a supported hypervisor but we have the complete is what we're going to talk about but they do offer some granular licensing i'm not going to dive into it it's probably best just to buy it in my opinion in the complete version but make your own decision on that and make that part easy example pricing and let's talk about how the licensing works so let's say we have 25 devices we want license and we're going to buy it on it now let's say a five-year plan no problem we don't need any of these extras the few upsells and in a five-year plan that's going to cost 2100 now for the software and it's going to be licensed for five years but you're probably thinking how do you figure out what devices are on there what about all the phones and printers and more random ip things that companies end up having on their network what about the refrigerator and toaster doesn't that need to be you know licensed in there on those devices and yes you have to decide whether or not you want them to be part of the untangle web filtering and all those back over to the paid features that come in here whether or not you want those applied to these licensed features so if you want the application filtering to apply to your ip enabled toaster and refrigerator and other devices on the network or your guest network as well then you need to decide if you have to buy a license for that the way untangle handles the licensing is if we have a office with let's say 25 workstations that we know we want to cover with untangle we can buy the 25 license and then take all their phones and their toasters and their printers and create a bypass network that says now they'll apply those rules to these networks and they have that over in the untangle faq and note bypass devices are not counted bypass rules can be added for devices that do not need untangle scanning and services printers etc but will require some internet access so i'll just a clarification on how they handle that and i i think it's nice that they have their rather in-depth faq patient let you break those things down now of course next question is what does untangle look like and how does it actually work so i have my home that i set up on tangle and i want to do this as a demo where i can share a lot of information and show some active data i can't share my clients data and we don't use untingle directly at my office here but we do use it when we need all these filtering capabilities and this is what the dashboard looks like and we're going to say in the last three hours uh which we can change just to one hour ago three hours ago and start drilling down on the dashboard and go all right what's going on in tom's network at home how many hosts are there maximum active known devices etc and what are all these things going on what is the living room doing living room is actually a chromecast and if you notice the pie on this matches really closely to the pie over here that's not coincidence that's because my wife's home today watching netflix it is her day off and so if we filter for netflix we can see just how much netflix traffic was being used pretty quickly and this is that dpi and drill down information that you can start getting on the system now let's go ahead and close this and we're going to go back over here to reports and let's look at some of the reporting of the dpi you get in here i know that's what a lot of people really like is going i want to know where everyone's going on my network and untangle gives you some easy tools for doing that so i went over here to bandwidth control top applications by total bytes and we have some udp some ssl traffic hey and there's that netflix traffic somewhere in here or some youtube traffic for me watching youtube this morning some google traffic uh facebook was in here and you know we watch at least a few things on facebook and you know flipping through things so it lets you drill down and then from here we can start pivoting around and adding filters to determine what was using netflix and how much netflix they were using what devices were connected to these things this is stuff that you can get on there and of course the next question is well great i have all this information but how do i filter it well that's where i mentioned that it's a great web filtering system we'll go over here to the web filter and we can look at the categories search terms site lookups so let's look up a site and see what category my company falls into cool my company is in the computer and internet information apparently and it doesn't appear to be blocked so i could always suggest a different category i could add a block for my own website if i want to or any particular websites and you then start concreting rules now the rule creation is really slick inside of untangled and it's kind of universally applied everywhere it's essentially kind of like a bunch of if then conditions so is the protocol the username the hostname the client mac address server mac vendor um etc etc and you go through these and start building different policies on there so web filter well filter content type and the reason for this is you may want to filter out social media at your company but then you remembered you have a team of marketing people that kind of need access to social media to get things done so you'll create policies that say these people can access social media the rest of the team cannot or filter it based on that you just create these rules now the rule creation across the board is whether you're creating firewall rules or any type of rules it's pretty much the same and i kind of like the common interface they have and because it's essentially a series of like if-then conditions uh you can start building those policies out and one of the conditions that's really slick is being able to tag a client so you add a tag to it and then you can start tagging them that this policy applies to people i tagged this way tag them by mac address tag them by their host name so you can pick a different method out whatever methodology i should say works for you and then start building rules on there now let's go back over to the applications that are in this list um captive portal firewall threat prevention now if you're the home user i will admit you don't get the threat prevention which just does some threat prevention associated with untrustworthy ip addresses and websites based on a reputation but i'll also be the person who says the unpopular opinion that between intrusion detection systems and threat prevention systems neither one of them are incredibly great layers of security not this is not a dig at untangle this is a dig at the way the internet works here in 2020 they offer less and less protection because so much is encrypted these days so the more traffic that's encrypted the less these signatures are able to apply to the traffic that's coming through it's a layer of defense but endpoint is still going to be stronger i just bring it up that it's included in here but don't think that it's going to just check all the boxes and forego your need for some type of endpoint protection they also include an ad blocker in here and application and bandwidth control now the web filtering versus application control web filtering is just for web filtering application control gives you well a little bit more detail because you're talking about it's looking for and how the applications work so it's diving into things like zoom and this is different because zoom is a application on your computer not necessarily a website you're going to now these are part of what is the paid feeds that come in here because well zoom wasn't that popular not that long ago it's really popular here in 2020 but whatever may be next in terms of that type of application this is where this is constantly getting updated and then you can apply policies because maybe you have a policy in your office to not allow this or to flag this and they have a couple different options or maybe you have only certain users and those same rules apply by building conditions of how you want to block encrypted traffic block traffic to certain things or create these if-then conditions of how you want them to route now back over to the applications on here i will mention as well they do have the full ssl inspector so if you want to go through and install certificates on every computer to push them through ssl inspections so you can get a deeper dive into this you can do web filtering to an extent without it but as encrypted sni starts becoming more popular it's going to start causing problems again with application filtering and ssl inspection might be needed warning though ssl inspection requires you and i have a video i'll link to you on this to install the certificate in each device that you want to go through the sl inspector and it does break some other applications that don't like having ssl certificates added onto the system some banking apps now have problems with it get the weigh your options on that but i will admit at least it's built into untangle now the tunnel vpn i mentioned before is slick because you can now create these tunnels i have a tunnel created to private internet access and then you just create a rule set and i created clients tagged tunnel should route over here but they know what you're doing with this tunnel so they also have a checkbox you can do for bittorrent usage so you can say anything cl client tag bittorrent usage is probably something you want to send out over a tunnel i like that they're realistic and just had a role in there and for any of these applications you can hit view reports and bring it over to the reporting now let's jump over to the config the networking is configured all right here and the firewall rules as i said that common application interface that they have so if we look at like the filter rules block internal to lts let's roll back to look at the interfaces so i have an interface labeled external an interface labeled internal and a home network i just labeled lts with a vlan id of 1337 so i have a separate vlan where my network traffic is and the way it works is when you create a new network it's going to allow those networks to talk to each other so then you create filter rules so you can filter whether or not they can talk to each other and i put a block internal that being the name of the internal lan i could have called it land but it's named internal to lts and then i say if the source interface is internal and the destination is lts we should block that as a rule and here's how that rule actually looks and we once again have those same conditions client tag protocol so i could even tag clients that i want to allow access say hey if client is then blocked this once again you're creating a series of conditions very similar to like you know if then statements essentially to choose a perform action whether it's a block or pass at the end of all the matching rules on there and the only thing i will say for untangle when you first get started with it just below where i am you know it's right here at the bottom yeah that's a save button if you don't click that save button you end up with a little bit of confusion of why it won't let me edit this rule and why isn't it working that's common across entangle anytime you go to the applications or anything for the reporting or you change something you want to make sure you go in there and click the little save button for any settings that are changed now one last thing i'll cover in the apps though is the openvpn this question comes up a lot too of i want an easy tie-in with active directory and things like that that's where that directory connector comes in and when you're setting up the server you can have more than one openvpn server and you can then also tie it to different directories like right here's radius active directory or any other directory connector requires directory connector requires directory connector right here and then you configure these and now you can actually have your active directory users matching their passwords and everything and tying into untangle so i like the full integration has on that that's a quick overview of the untangle system i'm going to do a deeper dive with this box and the home user systems i know there's a lot of people asking about a good home filtering system and i think that 50 a year annually that they charge is pretty reasonable for home users that want the level of you know reporting and control that you get with untangle i think it's a good solution for businesses that also looking for firewalls that offer these filtering so they have a firewall solution that does this so my overall other than if you're looking for something absolutely free i really do like the untangle even the free version does give you quite a bit i think it's a solid firewall it is linux based so the hardware support is going to be broad if you want to load it on your own system i do like that there is no signup required to play with all their live demos if you just want to kind of you know get the look and feel for each feature that it has on there and you don't have to contact anyone for pricing so everything's up front if you want to kind of price it out of the solution but if you're looking for a solution provider yes we are a partner you can contact for it so full disclosure as i said in the beginning all right thanks and thank you for making it to the end of the video if you like this video please give it a thumbs up if you'd like to see more content from the channel hit the subscribe button and hit the bell icon if you like youtube to notify you when new videos come out if you'd like to hire us head over to launchsystems.com fill out our contact page and let us know what we can help you with and what projects you'd like us to work together on if you want to carry on the discussion head over to forums.laurensystems.com where we can carry on the discussion about this video other videos or other tech topics in general even suggestions for new videos they're accepted right there on our forums which are free also if you'd like to help the channel in other ways head over to our affiliate page we have a lot of great tech offers for you and once again thanks for watching and see you next time
Info
Channel: Lawrence Systems
Views: 32,658
Rating: 4.9167628 out of 5
Keywords: lawrencesystems, untangle firewall review, untangle, ng firewall, firewall, security, web filter, network security, firewall comparison, untangle firewall, next generation firewall comparison, firewall comparison 2020
Id: WYhOgQ8JyYI
Channel Id: undefined
Length: 19min 4sec (1144 seconds)
Published: Wed Sep 30 2020
Related Videos
Untangle 101: Untangle at Home
Untangle, Inc.
22K
Firewall Comparison: Untangle VS pfsense
Lawrence Systems
44K
Tutorial: pfsense and pfBlockerNG Version 3
Lawrence Systems
69K
How Tailscale Makes Managing Wireguard Easy
Lawrence Systems
17K
Lessons Learned From Cabling Project Gone Wrong...
Lawrence Systems
35K
VoiP DDoS Mitigation Explained With Ray Orsini from OITVoiP
Lawrence Systems
12K
Netgate SG-2100 pfsense Firewall Hardware Review
Lawrence Systems
89K
Firewall Comparison, Which Ones We Use and Why We Use Them: Untangle / pfsense / Ubiquiti
Lawrence Systems
514K
Testing UniFi Controller 6.0.22 With VLANS Over MESH & The Problems With UniFi Products
Lawrence Systems
55K
Firewall Comparison: Ubiquiti EdgeRouter / Ubiquiti UniFi USG / Untangle / pfsense
Lawrence Systems
100K
pfsense VS OPNSense
Lawrence Systems
77K
How To Migrate From TrueNAS CORE to TrueNAS SCALE
Lawrence Systems
9.6K
TrueNAS SCALE Beta vs TrueNAS CORE Performance Comparison
Lawrence Systems
9.4K
Turn an old PC into firewall router | untangle
AndreyTech
16K
Untangle Firewall Full Review and Tutorial 2021
syncbricks
1.2K
pfsense Firewall Setup and Features in Depth Version 2.4
Lawrence Systems
266K
Untangle Z4w WiFi Firewall Appliance Review
Lawrence Systems
14K
2021 Firewall Review, Feature Comparison and Recommendations
Lawrence Systems
53K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.