Untangle Web Filter

Untangle Web Filter Overview:

Control Web Content at the Gateway

Untangle offers free and powerful Web Filtering that enables administrators to enforce network usage policies and monitor user behavior. Zero client installation and category block lists make it easier for administrators to:

• Protect the network from malware on the web
• Block time-wasting sites like MySpace
• Conserve bandwidth by blocking audio/video downloads
• Leverage community URL categorization with the URL Submission tool

According to an industry study, at least 90 percent of large enterprises and 50 percent of small companies in the United States now monitor and filter their employees’ Internet access.

The primary reasons companies use Internet filtering and monitoring are to block inappropriate content (44%), control productivity (32%) and preserve network bandwidth (23%).

Now you can easily monitor, set and enforce your own web usage policy with our Web Filter application—without the hassles of outsourcing it. Whether you want to use our blocklists or set your own policies for hosts, domains and files types, you can block access to inappropriate sites. Reporting enables you to view a big picture of the kind of Web browsing behavior occurring on your network.

Key Features:

• Open source & free under the GNU General Public License (GPL)
• Pass, Block, and Logging options for all categories, such as gambling, webmail, shopping, and pornography
• Community URL Submission tool
• Categories update automatically
• Add your own URLs and file types to block, log, or pass
• No proxy settings required
• Local database ensures fast web browsing
• Set time and user based policies (e.g. allow shopping during lunch and outside business hours)
• Reporting and event logs help monitor web browsing behavior

Technical Specifications:

Web Content Control blocks user access to specific Internet websites. The application leverages a commercial blacklist service, URLBlacklist.com, which organizes websites by 50+ categories or subjects. These categories include pornography, gambling, and job search, for example. Web Content Control enables you to choose among these categories to define web content control policies in your workplace. Also, Web Content Control uses custom URL blocklists for hosts, domains, and file types to block additional content. 

If Web Content Control blocks web content that your company deems useful, you can use pass lists to override Web Content Control's blacklist.

What It Does:

Transparently scans HTTP traffic in order to log or block specific activity

How It Does It:

Untangle scanning engine paired with category list from URLbalcklist.com and configurable pass and block lists, with custom tuning and updates from Untangle

Controls:

• General blocking and logging of ALL HTTP traffic (Web ON/OFF)
• Block Lists
  • Category block list: can be configured to pass, pass and log, or block and log by category
  • URL block list: can be used add specific URLs to block and/or log
  • MIME Type & File Extension  block lists: can be customized to block specific MIMEs or extensions
• Pass Lists
  • URL pass list: can used to allow specific URLs to pass, even if they appear on the category list
  • Client pass list: can be used to pass all HTTP traffic for specific IP addresses

Screenshots:

 

 

Web Filter FAQs:

How does Web Filter work?

Untangle Web Filter transparently scans HTTP traffic in order to block or log specific activity. Websites can be blocked or logged based on content category (porn, gambling, social networking, etc.), specific url (MySpace, YouTube, ESPN, etc.), MIME Type or File Types (.exe, .mp3, .avi, etc..)

Can I install Untangle on a single computer to use as Parental Control software?

No. You cannot install Untangle on a single computer to use as Parental Control software. Installing Untangle will wipe out your existing operating system and all files on your hard drive. It can only be used as a Gateway to implement Parental Control or Web Filtering on connected client computer(s).

Can I unblock websites that are appropriate for my business but are listed in inappropriate content categories?

Yes, any website can be placed on a “Pass List” by URL to override blocklisting when it is also in a content category “Block List.” This is particularly useful in industries like healthcare where legitimate medical or drug-related research could require access to sites that have been miscategorized in category block lists (usually pornography or drug content).

Why do category or URL-based blocks/unblocks not go into effect immediately?

Whenever the status of a block changes, there are associated delays before the change is visible.

My users complained that they cannot connect to somesite.com, and it keeps showing up in my Event Log as blocked. How can I stop somesite.com from being blocked?

You can add a rule to the Pass List for somesite.com.

Why am I not getting all of the content for a web site on my Pass List?

It's common for a web site to display links, banners and content from other web sites as part of their web pages. There are two easy methods to re-integrate the content while maintaining your access controls.

METHOD #1 (preferred)

1. Access the Web Content Control Event Log, and either Refresh the list or set it to Auto-Refresh.
2. In your browser, access the web site that has missing content -or- the page on that web site that is missing content.
3. Check the Web Content Control Event Log again, and refresh if necessary. Web sites whose content is missing will be shown at the top of the list.
4. Access the Web Content Control Pass List, and add the URL(s) that appeared in the event log. Remember to click Save.
5. Access the web site (or the specific page) again. The content should now be present.

METHOD #2

1. In your browser, access the web site that has missing content -or- the page on that web site that is missing content.
2. Right-click in your browser and select View Source in Internet Explorer or View Page Source in Firefox. PLEASE NOTE that the source of the web page may be very lengthy and/or difficult to read. ALSO, embedded Java, Flash, Shockwave may pull content from elsewhere and those sites will not be available to be listed as part of the page source.
3. Access the Web Content Control Pass List, and add URL(s) that appeared in page source. Remember to click Save.
4. Access the web site (or the specific page) again. The content will hopefully be present.

Can I grant privileged access to some users while still blocking sites for everyone else?

Yes, individual policies can be created for adminstrators, executives or any other user that requires unique Internet access to complete their job.

We run a hotel, where employees are not permitted to browse to inappropriate content yet guests using a public Internet terminal are not restricted. How can we handle this situation?

Configure the web filter policies as you would for employees. Then, create a pass list to exempt guests.

Can I create time based policies to let user access personal sites during lunch?

Yes, policies can be created to allow access to blocked sites such as webmail or social networking during break or off-peak network usage hours.

Can Untangle Web Filter help me block video and music file formats?

Yes, Untangle Web Filter can block numerous types of file format including audio and video files such as mp3, wmf, wav, avi, mpg and mov.

Can Untangle Web Filter help me protect my network from potentially malicious file types like executables?

Yes, Untangle Web Filter can block numerous file types including executables such as exe, ocx, bin, dll, cab, bin, and com.

Why block both MIME Type and File Types?

In an ideal world, both pieces of information would always be present for every web request. However, some sites use incorrect content types or extensions. Also, the behavior of operating systems (Windows vs. Mac) is different when given only file extension or content type. To be safe, both lists should be used.

Does Untangle Web Filter block IM, peer-2-peer, or gaming protocols like World of Warcraft?

Untangle Web Filter does not block protocols that can “hop ports.” However, Protocol Control, another module that runs the Untangle platform, does block “port hopping” traffic and comes preconfigured with dozens of signatures that block popular IM clients, games like World Warcraft and peer-2-peer applications like BitTorrent.

What Kind of Reporting Does Untangle Offer?

Untangle Web Filter provides network and user based reporting. The reports show high level trends like peak network usage hours and also drill-down into user level incidents for activity monitoring.

Does Untangle Use Blocklists?

Yes, Untangle uses Urlblacklist.com. However, we have found that false positives make these blocklists insufficient on their own. Thus, we manually inspect all blocklists before updating Untangle content categories.

Can I block all web sites except certain ones?

Yes, simply block all categories (including "Uncategorized"). Then add whatever sites you'd like to pass to the pass list. Beware that the complex nature of the web and the fact that many applications communicate over http can make this approach difficult.

Hardware Requirements:

• The Untangle Server requires a dedicated PC installed at the gateway to your network.
• Your hardware does not need an operating system - the Untangle Server installs its own operating system.
• The Untangle Server software completely erases any content or data that may exist on your PC hard drive.

Sizing Guidance

Recommended Configurations (New Hardware)

When purchasing new hardware, spending a couple of extra dollars to meet the following recommended configurations provides the best value.

Verified Configurations (Trials, Refurbished or Repurposed Hardware)

These are the lowest verified hardware configurations that provide reliable — albeit sometimes slower — performance in production. However, it may be possible for organizations with lower than average network traffic or organizations that do not wish to use all of the modules to run Untangle on smaller systems.