helping you stay protected in the digital age

The latest public release of Untangle Firewall, version 6.0.2, has made its way to the Intertubes shelves for all to download. In keeping with our original Untangle review, I thought it was a good time to review the latest and, in my humble opinion, greatest hardware firewall on the market.
Like Blaize’s previous review, I’m only going to rank the features that I am using and then I’ll list the brand new hardware that I purchased to run Untangle 6.0.2. The new version I have been running since Friday, Jan 16, 2008, so this review is one day old since the time of install.

——————–Untangle In Review——————–

Firewall Installation (5/5)
The installation of Untangle Firewall dedicated server was extremely easy. I’m the first to admit I know very little of Linux, or any Linux distribution, so for me to install Untangle without a hitch says a lot. If you need a CD/DVD burning program then check out Nero Burning ROM, which I used to burn the .ISO image. The only negative aspect about the installation using the .ISO image is the lack of RAID support. Untangle does recognize my RAID card but it won’t recognize the drives in the RAID array; Untangle only sees the drives as individual drives and not a RAID array. Asides from that, the installation was super easy.
See this page for the hardware requirements.

Module Installation (2/5)
The module installation (individual components that make up the firewall) I had some difficulty with. When I attempted to install a package (such as web blocker or protocol control) a new window popped up in the Untangle control panel. I had to navigate around on the Untangle site (in a pop-up window in the Untangle control panel) to locate the module that I wanted to install. On top of that, once I selected the “download” link, the window did not disappear and I received the message “download started, click here to restart the download” and I could not remove the window. Not quite sure why the great folks at Untangle changed the way end-users download modules but I personally don’t like the “new” way of module downloads.

Settings Restoration (1/5)
I honestly didn’t know what to do when I restored my settings from a backup that I made using Untangle Firewall 5.0.3. Untangle 6.0.2 just freaked out and didn’t work. I installed 6.0.2 twice and restored the settings, twice, leaving the firewall hung upon boot the first time and the second time the individual settings within the modules were so skewed I couldn’t navigate around to edit policies (policies were misaligned in the GUI, text didn’t display). I also made a new backup of the my previous settings to throw out the possibility of a corrupted backup but I still got the same results. Keep this in mind restore settings from a previous version. I would like to know if anybody else experiences this problem…

Spam Blocker (5/5)

Untangle’s Spam Blocker has caught %100 of all spam messages attempting to enter my network. I turned on my Microsoft Outlook and downloaded all of my 2000+ e-mails from my Gmail account (including the spam messages) to try the Spam Blocker out. So far, Untangle has caught all of the spam messages.

Phish Blocker (5/5)

The Phish Blocker has scanned 9,179 messages and so far everything has checked out well.

Spyware Blocker (5/5)

The Spyware Blocker has scanned 15,070 pages, catching 307 messages (%100).

Web Filter (4/5)

The Web Filter has scanned 9,761 pages, catching 17. HOWEVER when I first installed the web filter on version 6.0.2 it wasn’t catching ANYTHING. Playboy, zend2.com, and other blocked pages in the web filter settings were getting through for about 3 hours after the install, then the nasty pages started to get blocked.

Virus Blocker (5/5)

The Virus Blocker has scanned 442 pages and successfully passed all 442. I haven’t had a chance to download any “test” viruses to see if the Virus Blocker would catch it but if history of this product mean anything than the Virus Blocker is another good product.

Intrusion Prevention (5/5)

Intrusion Prevention has scanned 19,969 sessions successfully passing all sessions. So far it seems to be working well.

Protocol Control (5/5)

Protocol Control has scanned 15,224 sessions successfully blocking and logging 37 sessions. I fired up my Utorrent application and proceeded to seed DJ GT v Project C and protocol control made sure that didn’t happen.

Firewall (6/5)

Since this is my review I can give 6 out of 5 stars if I want to. The firewall module is by far the easiest module to work with based on my previous firewall experience with other paid products (both hardware and software). My default set of rules are to block ALL and only allow those ports that I know need access in or out of the network.

Untangle Reports (5/5)

Untangle has developed the most professional looking reports I’ve ever seen. I also don’t have to jump through loops to get it to work as I did with other products.

——————–Hardware——————–

When Blaize first reviewed Untangle firewall we we’re running Untangle 5.0.3 on a custom built P4 platform with a 40gb hard drive and 768mb of RAM. That was over a year ago. Recently I got my hands on an HTPC case and decided it was time to consolidate space and re-build the firewall on more stable hardware.

Before I go into details on the hardware I’m using, keep in mind that as of this posting this hardware is not on Untangle’s hardware compatibility list. I plan on submitting these specs to them and advising them on my success but as of right now these specs are undocumented. Untangle’s hardware compatibility list can be found at http://wiki.untangle.com/index.php/Hardware_Compatibility_List.

Case
The case is an NMedia HTPC 300 (black). Nmedia no longer manufactures this case, however they do sell newer models of this style HTPC case.
http://www.nmediapc.com/htpc300.htm

Motherboard
The motherboard is a Foxconn model 45GMX Micro ATX Intel Motherboard. I purchased it brand new from Newegg.com for $44.99 and the next day Newegg went out of stock on this motherboard. Hopefully Newegg will re-stock this mobo because it is very nice.
http://www.newegg.com/Product/Product.aspx?Item=N82E16813186139

CPU
The CPU is an Intel Celeron D model 325J running at 2.53GHz with a 256k cache and a 533 front side bus. I went with the Celeron D over the Pentium D for three reasons. My network is drastically smaller than what it used to be. No longer am I supporting 15-30 PCs so a CPU with a smaller cache is sufficient for my needs. I didn’t need the additional heat of a Pentium D running in the small HTPC case. The Celeron D idles at a steady 35.1 degrees Celcius (95.18 degress Fahrenheit). The price of a Pentium D was more than I really intended on spending for this upgrade and I snagged the Celeron D for a cool $21.95 on Ebay.
http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=290286124113

CPU Cooler
Not an item that would need to be Untangle certified, the CPU cooler is still an integral part of the hardware firewall. Granted any CPU cooler designed for socket 775 processors would work, I went with the SYBA CL-CNL-EOLE802 92mm Hydro. I picked this up for $12.95 over at Newegg.
http://www.newegg.com/Product/Product.aspx?Item=N82E16835199011

RAM
Of course you’ll always need RAM and I used to find myself saying “I wish I had more RAM.” This time I wouldn’t short-sell myself and I picked up a 2gb stick of Rendition (manufactured by Crucial). It is DDR2 SDRAM 667 (PC2 5300) for desktops. For $18.99 and the reviews, I think this RAM will do well in this setup. Once again from Newegg.com
http://www.newegg.com/Product/Product.aspx?Item=N82E16820148236

NIC (Network Interface Card)
I slapped in an el-cheapo D-link NIC card that I had lying around until I could get the two brand new Rosewill NIC cards in (thanks UPS, always delivering on time). I would review the D-Link card as it does work fine, but I’ll save the review for the Rosewill RC-402 10/100Mbps PCI LAN Card. I actually searched Newegg.com for “Untangle” and came across somebody else that purchased these NIC cards for their Untangle setup, so I assume that these would work with my setup as well. I picked up two at $6.99 a piece.
http://www.newegg.com/Product/Product.aspx?Item=N82E16833166004

HDD (Hard Disk Drive)
I had two Seagate Barracuda SATA 7200 RPM model ST3320620AS 320GB hard drives laying around collecting dust so I put them to good use in my firewall. I wanted to go RAID 1 with em but Untangle wouldn’t recognize my RAID array and detected both disks as individual disks. I purchased these from Newegg.com a while back and it looks like Newegg no longer carries this model. Check out the 500gb models, they are dropping in price quickly.
http://www.newegg.com/Product/Product.aspx?Item=N82E16822148140

~ by johndball on January 17, 2009.