Untangle - Professional-Grade Security Solutions.Untangle Firewall

Your First Line of Defense

Firewalls Firewalls draw the line that separates internal and external networks. Untangle's Firewall filters traffic based on IP address, protocol and port, which enables administrators to:
  • Designate which systems and services (HTTP, FTP, etc.) are publicly available
  • Run as a transparent bridge to complement pre-existing firewalls
  • Control inbound and/or outbound access to specifics IPs and ports

Untangle Firewall Overview:

The Firewall is the most basic security element to hide your network from the outside and control all external access points (also known as ports). It lets you block unwanted activity and protect your network.

You can build a list of rules that meets your unique needs—control traffic by protocol, source address or port, destination address or port, and set default actions.

Firewall evaluates traffic traveling across your network by applying your rules until a block/pass verdict is reached or a default action is taken.

  • Open source and free under the GNU General Public License (GPL)
  • Easily blocks sessions based on simple rules
  • Rules can be based on a variety of attributes

Free download!

Technical Specifications:

Firewall can both monitor and block traffic sessions based on simple, yet flexible rules. The Firewall enables you to control traffic by:

  • Protocol
  • Source address or port
  • Destination address or port

You can build your own list of rules, and dictate how the Firewall must respond.

What It Does

Provides traditional firewall functionality

How It Does It

Uses Untangle proprietary technology for rules-based logging or blocking of network traffic

Controls

  • Default action can be globally set to "block" or "pass"
  • Custom logging, blocking or passing rules can be created by:
    • protocol
    • direction
    • source address
    • destination address
    • source port
    • destination port
  • Rule matching order can be customized

Screenshots:

Firewall FAQs:

Why doesn't the Untangle Server's Firewall have rules enabled by default?

  • When the Untangle Server is your router, it is performing NAT. NAT protects you from most threats.
  • When the Untangle Server is a bridge, the Untangle Server is already behind a firewall. A firewall protects you from most threats.
Can I have a firewall and still use NetMeeting?

Yes. However, on the Untangle Server, you need to pass specific protocols and open specific ports as outlined in Firewall. A Microsoft article, How to Establish NetMeeting Connections Through a Firewall, explains which protocols to pass and which ports to open.

How do I identify unsecure ports?

There are free programs on the Internet that identify unsecure ports. To learn about one, go to Protecting Your Network by Securing Ports.

We currently have a firewall, which lets us do port mapping. I don't see that feature in your Firewall. Will you be adding it, or is there an alternative?

Port mapping (redirection) is a feature of the Router.

I want to lock-down my network but for a few exceptions. What is the best way to do this?

You can set the default behavior to block, as discussed in Firewall. Then, create a few rules to pass.

How can I block outbound SMTP?

Often administrators would like to block all outbound port 25 except from the mail server. To do so first you must remove the outbound port 25 policy rule so that outbound port 25 traffic goes through the rack in question. Then you need to create a rule to block all port 25 traffic with Destination Interface External then you need to create a rule just above that passes outbound port 25 traffic where the client is your email server. Beware, this means that mail coming from your mail server now goes through the rack and may be scanned by Spam Blocker, Phish Blocker, etc. Alternatively, You can add a rule in firewall blocking all port 25 traffic and then add a policy manager rule sending all outbound port 25 traffic from the email server to ">No Rack."

Should I use pre-NAT or post-NAT addresses in firewall rules?

Firewall rules always match on the address which has more information. In other words if the entire internal network is being NATd from 192.168.*.* to 1.2.3.4, Firewall will match on the 192.168.*.* for traffic to and from this network. At the session layer this works out to be pre-NAT on source address and post-NAT on destination address.

Hardware Requirements:

  • The Untangle Server requires a dedicated PC installed at the gateway to your network.
  • Your hardware does not need an operating system - the Untangle Server installs its own operating system.
  • The Untangle Server software completely erases any content or data that may exist on your PC hard drive.

Sizing Guidance

Recommended Configurations (New Hardware)

When purchasing new hardware, spending a couple of extra dollars to meet the following recommended configurations provides the best value.

Resource Up to 50 Users Up to 100 Users Up to 300 Users
Intel/AMD-compatible Processor Pentium 4 equivalent or greater Dual Core Dual Core
Memory 1 GB 1 GB 2 GB
Hard Drive 80 GB 80 GB 80 GB
NIC's 2 (3 for DMZ) 2 (3 for DMZ) 2 (3 for DMZ)

Verified Configurations (Trials, Refurbished or Repurposed Hardware)

These are the lowest verified hardware configurations that provide reliable — albeit sometimes slower — performance in production. However, it may be possible for organizations with lower than average network traffic or organizations that do not wish to use all of the modules to run Untangle on smaller systems.

Resource Up to 50 Users Up to 100 Users Up to 300 Users
Intel/AMD-compatible Processor 800 MHz 1.2 GHz 1.6 GHz
Memory 512 MB 1 GB 2 GB
Hard Drive 20 GB 30 GB 40 GB
NIC's 2 (3 for DMZ) 2 (3 for DMZ) 2 (3 for DMZ)