IT Policies optimize

DIY: Install the web-based security appliance Untangle

By in DIY IT Guy, July 14, 2011, 6:52 AM PST

Network security doesn't have to require purchasing costly hardware from SonicWALL or Cisco. Instead, give the Debian-based appliance Untangle a try and see if it fits your needs.

If you're worried that your company's rather meager security budget won't allow you to procure an effective solution, check out the Debian-based Untangle, which offers a free security appliance. It's easy to install, easy to manage, and pretty impressive on the security front.

The company that makes Untangle offers more than just free solutions -- you get everything from Free to Education Premium Packages (ranging from $0.00 to $100.00/mo). Take a look at the comparison matrix to see what package might best suit your needs.

Since this is a DIY column, I will focus on the Free package. This solution is downloaded as an ISO image, so you will need to be able to burn the ISO onto a disk that can be used as the installer for Untangle. The system requirements are fairly low:

  • 1-50 users: Standard PC hardware P4 or higher/RAM: 512 MB/HD: 20 GB
  • 51-100 users: CPU: Dual Core/RAM: 2 GB/HD: 80 GB
  • 101-150 users: CPU: 2+ Cores/RAM: 2 GB/HD: 80 GB
  • 151-500 users: CPU: 4 Cores/RAM: >= 2 GB/HD: 80 GB
  • 501-1500 users: CPU: >= 4 Cores/RAM: 4 GB/HD: 80 GB
  • 1500+ users: CPU: > 4 Cores/RAM: >= 4 GB/HD: 80 GB
  • Two network cards

Installing Untangle

Once you have the hardware ready and the ISO burned, put the CD into the disc drive and fire up the machine. The installation process is extremely simple -- there is very little interaction other than the click of a few buttons. After the installation completes, the system will reboot and eventually wind up opening a web browser where the rest of the installation is completed.

The one tricky installation issue is the choice between setting up Untangle in either Transparent Bridge or Router mode (Figure A). This will depend upon your network setup and your needs. Figure A

Even if you opt to install in Router mode, you can disable DHCP if you have DHCP being handed out by another piece of hardware. (Click the image to enlarge.)

Downloading applications

After the installation, it's time to start downloading applications into your server. Depending upon when you download the ISO image, there may be upgrades that must be downloaded and installed prior to installing applications.

From the Menu bar (Figure B), click the Launch Client button and then enter the credentials for administrator authentication, which are set up during installation. Once authenticated, it is time to start installing applications. Figure B

Controlling the appliance is done from this easy-to-use Menu bar that is the only interface to the Untangle appliance (allowing you to open the client interface). (Click the image to enlarge.)

Installing applications

When everything is upgraded and you are logged on to the client, you select the application to install from the left pane. You can also allow Untangle to walk you through the process of installing applications (Figure C) for specific tasks, or you can go with the recommended installation. Any way you choose, you'll will wind up with a very powerful appliance that will serve your network security needs well. Figure C

If you prefer, you can close the wizard out and install the tools you need manually. (Click the image to enlarge.)

About Jack Wallen

Jack Wallen is an award-winning writer for Techrepublic and Linux.com. As an avid promoter/user of the Linux OS, Jack tries to convert as many users to open source as possible. His current favorite flavor of Linux is Bodhi Linux (a melding of Ubuntu ...

6 comments
  Livefyre
Newest | Oldest
chrisbedford
chrisbedford

1. Don't waste time trying to "burn" the iso to a flash disk for install - it won't work. The installer gets to the point where it has loaded the install environment and then asks where the source is - FTP or CD? If you say CD it tries the physical hardware and then comes back with "sorry, Bud - not found". Burn it to disk and be done with it. 2. I installed in "transparent" bridge mode (the two networks I tested it in both have a ClearOS firewall) and it worked OK, as long as users inside the network only did regular web surfing. SMTP and POP3 traffic were also fine, both to and from the Exchange server. However FTP uploads would intermittently fail, and some downloads (I never bothered to establish if the downloads were using HTTP or FTP) simply would not work. In both cases, as soon as I removed the Untangle box, everything transferred just fine afterwards. I haven't gotten around to trying Untangle in router mode, since I am more than happy with ClearOS as a firewall / server and was only looking for the traffic reporting that Untangle does. One day Clear will have a reporting module that rivals Untangles and then it will truly rock!

Spitfire_Sysop
Spitfire_Sysop

You can block traffic via the firewall settings and in the protocol control section. You may have to allow traffic in multiple ways to actually get it to go through. The protocol control is deep packet inspection that can block certain traffic even if it is going through an allowed port. For example if a virus is trying to communicate IRC through port 80(which would pass through a normal firewall) Untangle will notice that it is not web traffic and block it. I recommend going through all the racks you have installed and making sure you don't have conflicting rules. You can add and remove the rack modules completely if you don't want this sort of functionality but I find it very helpful.

BlueCollarGeek
BlueCollarGeek like.author.displayName 1 Like

I have used Untangle (open source free version) through several versions. Nearly a year ago when my company's subscription was up for one of the more expensive "name brand" UTM devices, I choose to implement Untangle with the premium package (wanted the AD connector, Policy Manager, and enhanced filtering) - which was still about 25% of the cost of our prior solution's cost annually. What blew me away was how knowledgeable and friendly their support is. Tony and Hartley absolutely rock! They have made the implementation and some significant network changes (due to a sale of a portion of the company) a breeze to work through. I am using it for two distinct networks with separate requirements (filtering, etc) on each network, plus VPN and integration with AD. This software rocks - and yes - I agree they could lose the gui as the web interface serves all purposes, but the fact that it is there is not a deal breaker for me. The service I have received from Untangle has made it amongst the best money I have ever spent.

Spitfire_Sysop
Spitfire_Sysop

The forums are amazing. There is this wizard Dirk Morris who answers all questions with helpful answers in a timely fashion. He must be on there all day. He's the only forum geek on the internet I know by name.

Alpha_Dog
Alpha_Dog

I like untangle, since it is an excellent training tool, but for a SoHo production environment but there are better tools. My only major problem with Untangle is that it has a GUI, which ties up resources painting pretty pictures that no one will see. If folks are looking for a free Open Source firewall appliance, I recommend Endian. Their free version is found at http://www.endian.com/en/community/overview/ With no GUI and a powerful web administration page, which has a much lighter footprint than Untangle.

Spitfire_Sysop
Spitfire_Sysop

I have used Untangle for a few different clients. It is powerful, free and mostly open source. It is also a great learning platform if you are interesting in making a security testing lab.

Conversation powered by LiveFyre
Add your Comment

Editor's Picks

The dark side of BYOD

Tips for saving on software costs

Troubleshooting tips for your storage and SAN environment

Tablet apps for enterprise social networks

IT Buying Cycle

Learn more