Gadgetman: Untangle Review

Like many users I am concerned with protecting my home network from the threats that exist out on the Internet, and with multiple PC’s managing this threat can be a time consuming task. The traditional approach, for home users, has been to install anti-virus (and anti-malware and anti-spyware and anti-spam etc etc) onto each PC, however this soon becomes unmanageable and a pain in the arse to keep up to date.

One solution is to have a central gateway on the network that all traffic passes through and gets scanned, cleaned and quarantined as necessary. Network appliances have existing for years that perform these functions, but they have been aimed more towards business and corporate users who can wear the large up front and ongoing subscription costs.

However one day I came across a product that seemed able to offer a solution to all these problems, and best of all was free! Untangle is a Linux based distribution that ties together several products to create a single point of threat management for all kinds of networks, including home users. All you need is a spare PC (and it doesn’t have to be a modern PC) with 2 network cards, install it between your Internet connection and your network, install the software and your away!

The services offered by Untangle include: web filter, spam blocker, phish blocker, protocol control, virus blocker, spyware blocker, attack blocker, reporting, firewall, VPN, routing & QOS, quite a lot for a free product.

Out of the box Untangle supports two modes, Router and Transparent Bridge. I choose Transparent Bridge as it seemed to best fit a home environment where I already had an ADSL2+ router with a built in firewall, as most homes would. Installation was easy and the software worked on the three different machines I tried with no problems. You do need a bit of networking knowledge, particularly about your own LAN’s configuration such as IP addresses etc, but nothing too detailed.

I connected one Ethernet card to the ADSL2+ router and the other to my Gigabit Ethernet switch, meaning all traffic from the Internet is routed through this box. One of my worries was performance as all tariff is scanned, however even on an old Pentium 3 there was no noticeable delay, and the Untangle forums are full of reports of people experiencing great performance.

Once running there is not much management to do. I did have to add www.miniclip.com to the allowed web list as it didn’t like that. I did a quick check for accessing p0rn sites and it blocked them all, which is great when you have kids in the house. All my email is scanned and any possible spam either marked or quarantined. There are daily and weekly reports available that presents information from each service, including top users and sites visited (so you can see who is using all of your bandwidth cap!).

Overall I have found this to be an excellent product and one that unfortunately seems to be almost a perquisite for any house with more a one PC. Being a central machine it doesn’t matter if you run Windows or OSX or Linux as there are no changes to the client machines. I have had this running now for 2 weeks solid on a old Shuttle machine and have no complaints at all. I know all machines and their users are protected from the harms on the net, my only gripe would be downloading my POP3 mail is a bit slower as it has to get processed by the spam checker.