Forcepoint Next Generation Firewall (NGFW) promises seamless and central management, whether physical, virtual or in the cloud. Administrators can deploy, monitor and update thousands of firewalls, VPNs and IPSs in minutes, all from a single console. The vendor says that the product reduces network operating expenses by as much as 50%. Advanced clustering for firewalls and networks eliminates downtime, and administrators can rapidly map business processes into strong, accurate controls to…
N/A
Untangle NG Firewall
Score 9.3 out of 10
N/A
Untangle NG Firewall is an open-source firewall and gateway security platform. It offers a free core firewall platform with paid add-ons, and a cloud-based management platform with a variety of deployment options for smaller teams.
If you are looking for a smaller network/security team, the ease and low complexity create an easy to manage environment. One engineer can easily manage 100 nodes/locations. If you are just starting to get security conscious and predict regular adjustments to policy, routing, and access, this is a very good system for making easy to understand and low impact changes on a regular basis without operations interruption.
Untangle is very strong in the "traditional" sense of security. That means an edge appliance that either works with an existing router or is the router itself (recommended). This approach has also been adapted well to cloud environments in order to protect virtual servers and VDI workstations. As mentioned earlier, many schools are using cloud-based filtering for their 1:1 solutions for their students. This is an area where Untangle is unable to serve. Some have used an instance of Untangle in the cloud with VPN to serve their remote needs, but it is not the same as solutions that are designed for cloud-based filtering of devices without VPN.
Easy to manage and make changes on - ACL's are done with ease.
Easy USB initial configuration - The easy initial setup of a new location and firewall saves massive time. Settings are automatically pushed to new nodes upon contact with the controller.
Low Complexity - This system does not have a lot of complexity requiring extra hours, training, or personnel to manage.
Web Filtering is strong, and can also do application fingerprinting to allow Facebook, but not Facebook games. Secondly, a separate partition called a "rack" can be set up to give one subnet or group of users different web filtering policies than another. For example, teachers would get more freedom to browse the web than students at a school.
Built-in SD-WAN connectivity as part of your license. IPSEC tunnel creation is also amazingly easy.
Will install on any x86 hardware created in the last 5-10 years. Ram and processor requirements per user are very low.
Reporting is phenomenal, however you can get death by details very easily.
Poor Reporting - It exists but even when calling in to support for assistance, they have no idea how to tackle customizing reports or searching for specific data.
The full suite can be expensive for business but will be powerful enough.
The full suite for home or small office isn't that bad of a price but may be out of reach for most home users but remember the basics are FREE so anyone can get started with it.
I would like to see it promoted for mid to large businesses as I think it can handle it.
NG Firewall was much more friendly in terms of layout and ease of use, the apps section is familiar to anyone and the config while in a sort of odd order is very clearly laid out. I also appreciate Untangle's endless educational videos and the support can't be beat. Overall it was more of a complete package
Efficiency/Productivity increase. The company moved from Cisco firewall and routing hardware to Forcepoint NGFW. It now takes fewer people and fewer hours to manage the new product. This has allowed the company to put the man-hours to use on other projects and tasks.
Long term viability. This has been a concern in the past when the company started as Stonegate, merged to become Stonesoft then got purchased by McAfee, then McAfee got purchased by Intel. However, with Forcepoint the product seems to have found a stable home.
Low complexity. The Web GUI based system for management has reduced the cost of personnel and training required. There is no longer a need for the company to have higher trained and higher salary cost employees to manage the system. Mid-level admins at lower salaries are capable of managing the GUI based system with ease.
The positive is the savings in time the IT department has recouped by not having to continuously clean and maintain end point computers. Not to mention helping end user use their time more wisely by not wasting time on non-work related web activities.
The only negative is complaints from end users about the restrictions.
