- 27
- Nov
Many people should be glad to know that an open source, all in one security appliance exists named Untangle. Although this is not news, it is to me. And frankly, I would probably not have implemented a Watchguard if I had known otherwise. Untangle also offers a “professional” support package if you are not confident with open source solutions or just prefer to have someone backing you up.
Untangle seems to have tons of neat features, but keep in mind that these AIO security appliances WILL slow your connection unless you have some beefy equipment running the system.
Untangle has all of the features of most enterprise all in one security appliances including:
- Spam Blocker (SpamAssassin)
- Web Filter (Unknown with URLBlacklist.com
- Protocol Control (Netfilter)
- Anti Virus (ClamAV)
- Spyware Blocker (ClamAV)
- Phishing Blocker (ClamAV)
- Intrusion Prevention (Snort)
- Attack Blocker (Custom)
- Firewall (Custom)
- Remote Access Portal (Custom)
- VPN (Open VPN)
Now, to the fun part. Version is 5.0.3 at this time of writing.
WARNING: Lots of images below.
Installation from Untangle Live CD:
Untangle first boot from the Live CD installation.
Welcome screen for installation. I can see the graphic designer had some fun with the hardware unit. First warning
I think that is the shortest EULA I have ever seen in my life. Awesome.
Yes, please own my sda. Second warning.
Testing hardware.
Oops! I failed. I am running VMware, sorry Untangle. Luckily it lets us by anyway.
The results of my hardware failure.
Again, yes, please own my sda. Third warning.
YES PLEASE. Geez, they must take after Microsoft. Fourth and final warning about erasing my (virtual) hard drive. Ugh.
Installation finally. It acually didn’t take long at all. It also mentioned something about Knoppix. Interesting.
Yes, thanks. I will remove my CD (ISO).
Untangle First Boot and Configuration:
Untangle GRUB menu.
Boot screen GUI mode. You think they could have picked a more pleasing background than the fake, blue, brushed metal…
OMG permi what? That is cool. Didn’t know it was going to suck my packets.
Alt+F2. Lets just see what is going on here….
Nice, a configuration wizard. Thing thing will sell like hot cakes. Oh, wait. It’s free.
Oh no. Another password? I gotta get a book to write all these in.
Interface setup. DMZ, what are we in war here?
Hostname and IP setup. You can even use DSL over PPPoE.
This is a little eye candy you get when saving settings through the config wizard. Nice, if you like that sort of thing.
Awesome. Automatic bridge setup for easy install if you already have an Internet router in place.
Connectivity check.
Email settings to send reports and alerts. Nice.
Saving final configuration. It took 5 minutes longer because of the pretty eye candy.
We are finished. Lets check out the rest of the system.
Untangle System GUI and more:
Desktop of Untangle. I am wondering who in their right mind would enable a screen saver on a security appliance. Wouldn’t I want every possible resource to go toward system functions?
I HAD to see the terminal. Well it asked me to set a password when I opened it. Unfortunately, it was for root. I don’t know if you can see the text in the terminal, but whoami reveals this and also that the X server is taking up 3% percent of my memory. It does however ask me to reenter the password when I open the terminal. The exit button didn’t work as you normally use in the upper right hand corner, so I had to type exit.
Launching the Admin client.
Automatic Upgrade check after logging into the client.
Yes, I want the Open Source Package, thanks.
Firefox threw the download into the client as you can see on the left.
All my services seemed to install fine except for Router and OpenVPN, this is understandable since I am running this as a bridge. The interface seems a bit “kiddish” in design, but very functional none-the-less. There is two graphs per “rack module” — one for number of sessions and the other for KBps rate.
I am not going to go into all of the settings screens as this would take at least 50 more screen shots. There are tons of options for every service.
I ran Tenable Nessus against Untangle. I was shocked at first. Nessus stated that there were 531 ports open. But according to the Untangle Wiki, that is acually the attack blocker accepting packets on those ports.
Overall, I am really impressed with the design and features of Untangle. However, I cannot tell you if it acually worked because I am simply running a test in VMware. Hopefully, sometime in the near future I will get the opportunity to test it in a real environment. Until then, I hope you enjoyed the screen shots and maybe you will not buy a Watchguard this go around. ;)
Until then — rm -rf /:
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
Related Posts
Tags: Download, Firewall, IDS, Linux, Networking, Open source, Security, Untangle
December 6th, 2007 at 9:59 am
[...] Gate your network securely Filed under: Linux, Security — 0ddn1x @ 2007-12-06 14:59:39 +0000 http://www.hackosis.com/index.php/2007/11/27/all-in-one-security-gateway-untangle/ [...]
December 19th, 2007 at 12:22 pm
THIS IS IN FACT THE DOPEST FIREWALL ON EARTH. HAD IT SINCE START AND SO FAR NO PROBLEMS
June 26th, 2008 at 12:07 pm
[...] Un tuto de Shane himself, la révolte d’un Geek connait enfin sa 1ère floraison acidulée [...]