I would recommend getting 2FA with an SSL VPN type of setup without having to go through a lot of hoops. The solution's licensing count could be improved. With SonicWall, I can have as many devices connected as I want. Untangle charges too much money for the users to actually use it.
We have a minor issue when assigning IP addresses in the ARP tables. You should be able to go into the ARP tables, look at the IP address and say, "Nope, they need to be on this side on this IP address." The ability to set a DHP reservation from the ARP tables would be great. It's no big deal, but it would be nice to have.
On their low-end appliance, they could have more memory and the largest storage space. The low-end appliance comes with a too-small hard drive, and it could use a little extra room. It only comes with about 4 gigs or 8 gigs of memory, and the hardware space is only 40 gigs, which is really small. All my other complaints about it have all been fixed with the latest addition. There is not much more that I can see that they need to do at the moment.
I've heard other people saying that other firewalls have better detection rates, so better security. If they can improve the security of the device, I'm always for that, but at the moment, we've been happy with the service that we're getting out of them. It does have multi-factor authentication in some areas, but I would love to see a more widely implemented version of that on the devices themselves. It could use some improvement for Azure Active Directory Connections. It does exist, and it is available, but it needs work to be able to fully authenticate. I know there are some advanced features that other firewalls have that aren't present in Untangle, but we've never noticed any feature that we need but isn't there. I also know a lot of people have complained about the cost per device because they license by device counts. So, once you get over a certain number of devices, it is not really a cost-effective solution.
They do not offer 100% of the features that we need. The biggest challenge that we have with this solution is local support. The local support is a problem in our area.
They don't have any feature that allows you to drop the session. If you log in and you see your ARP table with many connections and you want to drop one for some reason or another, such as troubleshooting, or It's an employee that shouldn't be online and you want to remove them, you don't have the ability to click on a session and terminate it.
Founding Partner - Technology Director at VSN LATAM
Real User
2021-02-20T07:30:14Z
Feb 20, 2021
The common center facility that Untangle provides should be available on-premises. There are great corporations here in Mexico that like the Untangle solution, but they don't like the fact that the monitoring and access to the appliance are in the cloud. They request for the common center facility to be available and installed on-premises.
We seek the availability of the hardware in our region. The hardware-based firewall from Untangle is currently not available in our region. It should have threat protection on a real-time basis. This feature, available in Check Point and Sandstorm kind of scenario, is currently missing in Untangle NG Firewall.
At this stage, I think the SSL decryption option can be streamlined. I think decryption transparency could be improved because you basically click a button and then you set up one rule-set and that's about it. I've noticed there's a problem on some sites where it doesn't do the proper decryption. I actually had to go through the application control module, and logs to see what was happening, and why some sites could not function, before I could decipher that it was the SSL decryption that was blocking the sites. I would like to see more hands-on configuration in that respect.
Product Manager - Backup & Utilities at NovaStar Software & Consulting GmbH
Reseller
2019-08-29T08:53:00Z
Aug 29, 2019
The pricing is not as good as it was some time ago. They've since skipped offering a lot of individual features. In the future, Untangle should offer a web server feature. That's the only application Sophos gave us which Untangle doesn't have.
The hardware can be improved. Now, we're using hardware appliances. In terms of processing power, I think it can actually be improved further, because, in terms of the number of requests, especially if you are using web filtering, the number of requests that should be coming onto the appliance is quite large and it needs a bit more processing power. If the solution included a unified device tracker and management, that would be great. So that we could actually include other endpoints, like our laptops, or mobile devices. We need something to help in terms of mobile device management. I think it's one critical feature which is required by another interface because people are now bringing their own devices to the workplace to get services. I think MDM is quite critical to be included in that.
There quite a number of modules I've not used. For the web filter, I think they can do better especially on the free model. They have a free and a licensed model. If you use the free model, is not that effective. You have to use the commercial module for you to get effective results. Functionality wise, they should try to put more options on some of the modules like web filtering capability. I know it has the capability to block specific IPs but I have not seen the capability to block a specific range of IPs. For example, you want to block a range of between 50 and 100 of an IP, I haven't seen that capability. I believe there are more functionalities which they can improve and prevent for security and management of internet within a corporate environment. For example, I've seen firewalls where, let's say for example there's an infected machine within your network, they give you an alert or automatically block it from your network or mailing system. There're a number of functionalities missing in Untangle. It needs improvement but I believe every solution needs improvement.
Untangle NG Firewall is an open-source firewall and gateway security platform that helps keep networks safe while accessing the internet. It offers a free core firewall platform with paid add-ons, and a cloud-based management platform with a variety of deployment options for smaller teams. The solution also has a cloud-based management console for remote management that can either be deployed on premises or as SaaS, and virtualized or cloud-based. It also has flexible deployment options,...
I would recommend getting 2FA with an SSL VPN type of setup without having to go through a lot of hoops. The solution's licensing count could be improved. With SonicWall, I can have as many devices connected as I want. Untangle charges too much money for the users to actually use it.
The product needs to improve its mobile application.
The product must improve its reporting features.
Whenever there are a large number of endpoint VPN clients, connectivity becomes slow. This particular area needs improvement.
The product should improve reporting.
We have a minor issue when assigning IP addresses in the ARP tables. You should be able to go into the ARP tables, look at the IP address and say, "Nope, they need to be on this side on this IP address." The ability to set a DHP reservation from the ARP tables would be great. It's no big deal, but it would be nice to have.
On their low-end appliance, they could have more memory and the largest storage space. The low-end appliance comes with a too-small hard drive, and it could use a little extra room. It only comes with about 4 gigs or 8 gigs of memory, and the hardware space is only 40 gigs, which is really small. All my other complaints about it have all been fixed with the latest addition. There is not much more that I can see that they need to do at the moment.
I've heard other people saying that other firewalls have better detection rates, so better security. If they can improve the security of the device, I'm always for that, but at the moment, we've been happy with the service that we're getting out of them. It does have multi-factor authentication in some areas, but I would love to see a more widely implemented version of that on the devices themselves. It could use some improvement for Azure Active Directory Connections. It does exist, and it is available, but it needs work to be able to fully authenticate. I know there are some advanced features that other firewalls have that aren't present in Untangle, but we've never noticed any feature that we need but isn't there. I also know a lot of people have complained about the cost per device because they license by device counts. So, once you get over a certain number of devices, it is not really a cost-effective solution.
They do not offer 100% of the features that we need. The biggest challenge that we have with this solution is local support. The local support is a problem in our area.
They don't have any feature that allows you to drop the session. If you log in and you see your ARP table with many connections and you want to drop one for some reason or another, such as troubleshooting, or It's an employee that shouldn't be online and you want to remove them, you don't have the ability to click on a session and terminate it.
The common center facility that Untangle provides should be available on-premises. There are great corporations here in Mexico that like the Untangle solution, but they don't like the fact that the monitoring and access to the appliance are in the cloud. They request for the common center facility to be available and installed on-premises.
We seek the availability of the hardware in our region. The hardware-based firewall from Untangle is currently not available in our region. It should have threat protection on a real-time basis. This feature, available in Check Point and Sandstorm kind of scenario, is currently missing in Untangle NG Firewall.
The pricing should be reduced because it is expensive.
At this stage, I think the SSL decryption option can be streamlined. I think decryption transparency could be improved because you basically click a button and then you set up one rule-set and that's about it. I've noticed there's a problem on some sites where it doesn't do the proper decryption. I actually had to go through the application control module, and logs to see what was happening, and why some sites could not function, before I could decipher that it was the SSL decryption that was blocking the sites. I would like to see more hands-on configuration in that respect.
The web content filtering needs improvement.
The pricing is not as good as it was some time ago. They've since skipped offering a lot of individual features. In the future, Untangle should offer a web server feature. That's the only application Sophos gave us which Untangle doesn't have.
The hardware can be improved. Now, we're using hardware appliances. In terms of processing power, I think it can actually be improved further, because, in terms of the number of requests, especially if you are using web filtering, the number of requests that should be coming onto the appliance is quite large and it needs a bit more processing power. If the solution included a unified device tracker and management, that would be great. So that we could actually include other endpoints, like our laptops, or mobile devices. We need something to help in terms of mobile device management. I think it's one critical feature which is required by another interface because people are now bringing their own devices to the workplace to get services. I think MDM is quite critical to be included in that.
There quite a number of modules I've not used. For the web filter, I think they can do better especially on the free model. They have a free and a licensed model. If you use the free model, is not that effective. You have to use the commercial module for you to get effective results. Functionality wise, they should try to put more options on some of the modules like web filtering capability. I know it has the capability to block specific IPs but I have not seen the capability to block a specific range of IPs. For example, you want to block a range of between 50 and 100 of an IP, I haven't seen that capability. I believe there are more functionalities which they can improve and prevent for security and management of internet within a corporate environment. For example, I've seen firewalls where, let's say for example there's an infected machine within your network, they give you an alert or automatically block it from your network or mailing system. There're a number of functionalities missing in Untangle. It needs improvement but I believe every solution needs improvement.
It would be much easier if there was a mobile app.
The ability to setup a DDNS for each WAN independently would be a very handy feature.