Untangle Web Filter Lite
Control Web Content at the Gateway
Untangle Web Filter Lite Overview:
Control Web Content at the Gateway
Untangle's free web filter lite (internet filter) enables administrators to enforce network usage policies and monitor user behavior. Powerful features such as Zero client installation and category block lists make it easier for administrators to:
- Protect the network from malware on the web
- Block time-wasting sites like MySpace
- Conserve bandwidth by blocking audio/video downloads
- Leverage community URL categorization with the URL Submission tool
According to an industry study, at least 90 percent of large enterprises and 50 percent of small companies in the United States now monitor and filter their employees’ Internet access.
The primary reasons companies use Internet filtering and monitoring are to block inappropriate content (44%), control productivity (32%) and preserve network bandwidth (23%).
Now you can easily monitor, set and enforce your own web usage policy with our Web Filter application—without the hassles of outsourcing it. Whether you want to use our blocklists or set your own policies for hosts, domains and files types, you can block access to inappropriate sites. Reporting enables you to view a big picture of the kind of Web browsing behavior occurring on your network.
Key Features:
- Open source & free under the GNU General Public License (GPL)
- Pass, Block, and Logging options for all categories, such as gambling, webmail, shopping, and pornography
- Community URL Submission tool
- Categories update automatically
- Add your own URLs and file types to block, log, or pass
- No proxy settings required
- Local database ensures fast web browsing
- Set time and user based policies (e.g. allow shopping during lunch and outside business hours)
- Reporting and event logs help monitor web browsing behavior
Technical Specifications:
Web Content Control blocks user access to specific Internet websites. The application leverages a commercial blacklist service, URLBlacklist.com, which organizes websites by 50+ categories or subjects. These categories include pornography, gambling, and job search, for example. Web Content Control enables you to choose among these categories to define web content control policies in your workplace. Also, Web Content Control uses custom URL blocklists for hosts, domains, and file types to block additional content.
If Web Content Control blocks web content that your company deems useful, you can use pass lists to override Web Content Control's blacklist.
What It Does:
Transparently scans HTTP traffic in order to log or block specific activity
How It Does It:
Untangle scanning engine paired with category list from URLbalcklist.com and configurable pass and block lists, with custom tuning and updates from Untangle
Controls:
- General blocking and logging of ALL HTTP traffic (Web ON/OFF)
- Block Lists
- Category block list: can be configured to pass, pass and log, or block and log by category
- URL block list: can be used add specific URLs to block and/or log
- MIME Type & File Extension block lists: can be customized to block specific MIMEs or extensions
- Pass Lists
- URL pass list: can used to allow specific URLs to pass, even if they appear on the category list
- Client pass list: can be used to pass all HTTP traffic for specific IP addresses
Media:
 (Enlarge Image) Filtering Content by Category, URL & File Type |
 (Enlarge Image) URL Filtering |
 (Enlarge Image) MIME Type Filtering |
 (Enlarge Image) File Extension Filtering |
 (Enlarge Image) Option: Let Trusted Users Bypass Filters |
 (Enlarge Image) User Bypass Screen in the Browser |
 (Enlarge Image) Display Customized Reasons for Blocking URLs |
 (Enlarge Image) Web Filter Logging |
 (Enlarge Image) HTML Reporting: Network Overview |
 (Enlarge Image) PDF Reporting: User Policy Violations |
 (Enlarge Image) Installing Web Content Control |
 (Enlarge Image) Active Directory Integration |
Web Filter Lite FAQs:
How does Web Filter Lite work?
Can I install Untangle on a single computer to use as Parental Control software?Untangle Web Filter Lite transparently scans HTTP traffic in order to block or log specific activity. Websites can be blocked or logged based on content category (porn, gambling, social networking, etc.), specific url (MySpace, YouTube, ESPN, etc.), MIME Type or File Types (.exe, .mp3, .avi, etc..)
Can I unblock websites that are appropriate for my business but are listed in inappropriate content categories?No. You cannot install Untangle on a single computer to use as Parental Control software. Installing Untangle will wipe out your existing operating system and all files on your hard drive. It can only be used as a Gateway to implement Parental Control or Web Filtering on connected client computer(s).
Why do category or URL-based blocks/unblocks not go into effect immediately?Yes, any website can be placed on a “Pass List” by URL to override blocklisting when it is also in a content category “Block List.” This is particularly useful in industries like healthcare where legitimate medical or drug-related research could require access to sites that have been miscategorized in category block lists (usually pornography or drug content).
My users complained that they cannot connect to somesite.com, and it keeps showing up in my Event Log as blocked. How can I stop somesite.com from being blocked?Whenever the status of a block changes, there are associated delays before the change is visible.
Why am I not getting all of the content for a web site on my Pass List?You can add a rule to the Pass List for somesite.com.
Can I grant privileged access to some users while still blocking sites for everyone else?It's common for a web site to display links, banners and content from other web sites as part of their web pages. There are two easy methods to re-integrate the content while maintaining your access controls.
- METHOD #1 (preferred)
- Access the Web Content Control Event Log, and either Refresh the list or set it to Auto-Refresh.
- In your browser, access the web site that has missing content -or- the page on that web site that is missing content.
- Check the Web Content Control Event Log again, and refresh if necessary. Web sites whose content is missing will be shown at the top of the list.
- Access the Web Content Control Pass List, and add the URL(s) that appeared in the event log. Remember to click Save.
- Access the web site (or the specific page) again. The content should now be present.
- METHOD #2
- In your browser, access the web site that has missing content -or- the page on that web site that is missing content.
- Right-click in your browser and select View Source in Internet Explorer or View Page Source in Firefox. PLEASE NOTE that the source of the web page may be very lengthy and/or difficult to read. ALSO, embedded Java, Flash, Shockwave may pull content from elsewhere and those sites will not be available to be listed as part of the page source.
- Access the Web Content Control Pass List, and add URL(s) that appeared in page source. Remember to click Save.
- Access the web site (or the specific page) again. The content will hopefully be present.
We run a hotel, where employees are not permitted to browse to inappropriate content yet guests using a public Internet terminal are not restricted. How can we handle this situation?Yes, individual policies can be created for adminstrators, executives or any other user that requires unique Internet access to complete their job.
Can I create time based policies to let user access personal sites during lunch?Configure the web filter policies as you would for employees. Then, create a pass list to exempt guests.
Can Untangle Web Filter Lite help me block video and music file formats?Yes, policies can be created to allow access to blocked sites such as webmail or social networking during break or off-peak network usage hours.
Can Untangle Web Filter Lite help me protect my network from potentially malicious file types like executables?Yes, Untangle Web Filter Lite can block numerous types of file format including audio and video files such as mp3, wmf, wav, avi, mpg and mov.
Why block both MIME Type and File Types?Yes, Untangle Web Filter Lite can block numerous file types including executables such as exe, ocx, bin, dll, cab, bin, and com.
Does Untangle Web Filter Lite block IM, peer-2-peer, or gaming protocols like World of Warcraft?In an ideal world, both pieces of information would always be present for every web request. However, some sites use incorrect content types or extensions. Also, the behavior of operating systems (Windows vs. Mac) is different when given only file extension or content type. To be safe, both lists should be used.
What Kind of Reporting Does Untangle Offer?Untangle Web Filter Lite does not block protocols that can “hop ports.” However, Protocol Control, another module that runs the Untangle platform, does block “port hopping” traffic and comes preconfigured with dozens of signatures that block popular IM clients, games like World Warcraft and peer-2-peer applications like BitTorrent.
Does Untangle Use Blocklists?Untangle Web Filter Lite provides network and user based reporting. The reports show high level trends like peak network usage hours and also drill-down into user level incidents for activity monitoring.
Can I block all web sites except certain ones?Yes, Untangle uses Urlblacklist.com. However, we have found that false positives make these blocklists insufficient on their own. Thus, we manually inspect all blocklists before updating Untangle content categories.
Yes, simply block all categories (including "Uncategorized"). Then add whatever sites you'd like to pass to the pass list. Beware that the complex nature of the web and the fact that many applications communicate over http can make this approach difficult.
Hardware Requirements:
- The Untangle Server requires a dedicated PC installed at the gateway to your network.
- Your hardware does not need an operating system - the Untangle Server installs its own operating system.
- The Untangle Server software completely erases any content or data that may exist on your PC hard drive.
Sizing Guidance
Recommended Configurations (New Hardware)
When purchasing new hardware, spending a couple of extra dollars to meet the following recommended configurations provides the best value.
| Resource | Up to 50 Users | Up to 100 Users | Up to 300 Users |
| Intel/AMD-compatible Processor | Pentium 4 equivalent or greater | Dual Core | Dual Core |
| Memory | 1 GB | 1 GB | 2 GB |
| Hard Drive | 80 GB | 80 GB | 80 GB |
| NIC's | 2 (3 for DMZ) | 2 (3 for DMZ) | 2 (3 for DMZ) |
Verified Configurations (Trials, Refurbished or Repurposed Hardware)
These are the lowest verified hardware configurations that provide reliable — albeit sometimes slower — performance in production. However, it may be possible for organizations with lower than average network traffic or organizations that do not wish to use all of the modules to run Untangle on smaller systems.
| Resource | Up to 50 Users | Up to 100 Users | Up to 300 Users |
| Intel/AMD-compatible Processor | 800 MHz | 1.2 GHz | 1.6 GHz |
| Memory | 512 MB | 1 GB | 2 GB |
| Hard Drive | 20 GB | 30 GB | 40 GB |
| NIC's | 2 (3 for DMZ) | 2 (3 for DMZ) | 2 (3 for DMZ) |