Vicenarian
Active Member
- Reaction score
- 19
So, for a small business, which of these products do you prefer/recommend? Thanks.
For a small business: Untangle vs. Smoothwall Express vs. Others
- Thread starter Vicenarian
- Start date
YeOldeStonecat
Well-Known Member
- Reaction score
- 6,960
- Location
- Englewood Florida
I'm doing pretty much all UTM appliances at the edge for my clients now. With the malware out there now (rogues/fake alerts)...having a UTM at the edge providing one or two additional antivirus scanners plus an anti spyware module....to compliment the desktop antivirus...really helps cut down on malware issues.
So out of the ones you mentioned in the topic...Untangle is the only UTM. And Untangle happens to be the UTM I use the most. Although also have used Astaro, and Endian.
Of the none-UTM ones...I've frequently used PFSense...but have played with IPFire, IPCop, Smoothie, m0n0wall, ClearOS, ebox, comixwall...and some others I'm forgetting.
So out of the ones you mentioned in the topic...Untangle is the only UTM. And Untangle happens to be the UTM I use the most. Although also have used Astaro, and Endian.
Of the none-UTM ones...I've frequently used PFSense...but have played with IPFire, IPCop, Smoothie, m0n0wall, ClearOS, ebox, comixwall...and some others I'm forgetting.
Vicenarian
Active Member
- Reaction score
- 19
Thanks for your comments.
Do you find the free version of Untangle sufficient to handle the needs of a small business (3-10 users, or so)? I think the free version uses ClamAV signatures, which (from what I've heard) aren't that great. Does the paid version use a better AV? Like you mentioned, the main reason I'm thinking of implementing something like Untangle is to filter out malware/dangerous websites.
Edit: I did try playing with a virtualized version of Untangle today (vbox), with an XP machine attached inline on the network (Internal Networking), and it did block the websites I wanted it to. I tried downloading the EICAR test file a few times, and it blocked that. Didn't really try with any real malware though.
YeOldeStonecat
Well-Known Member
- Reaction score
- 6,960
- Location
- Englewood Florida
The free versions of *nix firewall distros out there....any of them that offer antivirus scanning use ClamAV for their scanner. The paid versions will offer a better product.
ClamAV is not very good at stopping todays web based threats, however Untangle has a Spyware Blocker module that leverages a bunch of other technologies (users signatures, blocks for known keystroke loggers, URL blacklist to malware distribution sites, blocks known bad active-x, blocks for additional malware related sites. It's included in the "Lite" (free) bundle.
The paid for bundles of Untangle use Authentium as their Pro antivirus add-on. They used to use Kaspersky but a few months ago switched to Authentium.
I have quite a few clients on the Lite version of Untangle, as well as many clients on various paid bundles...often Education/Gov't/Non-profit Premium bundle.
I find that the free version cuts back on malware calls quite well. I have noticed that....if someone does happen to get something on their system, it barely gets installed...meaning, it's very easy to clean up. It's like the initial stub download gets on their desktop, but as I'm sure you're aware...most of the rogues today turn around once they get a foothold on the system and download a big payload..and it seems Untangle blocks that big payload from coming down to deeply infect the system . (reading how the Spyware Blocker module works..this makes sense).
If they want to do any reporting...you'll want a paid bundle so you get the directory connector (to match user accounts to reports instead of workstation IP addresses).
If you want to do any spam filtering for Exchange...get a paid version, so you can get the CommTouch Spam booster module....it's quite good, rivals effectiveness of big names like Postini or Barracuda.
The stability and performance of your Untangle install will depend on the quality of hardware you install it on. On the super cheap, I've done very well using business grade desktop computers like Dell Optiplex or HP/Compaq Deskpro DC series. Intel processors, Intel chipset motherboards, Intel or 3COM or Broadcom network cards. Take an old P4 h/t that is being retired, slap in a decent second network card, a gig or two of RAM, and a new hard drive...you have a pretty good little unit for cheap (you probably had a spare NIC and memory around..so really only paid for a HD).
Don't cheap out with AMD based units and budget motherboards with cheap chipsets and realtek NICs....those are the units you'll see people complaining about in Untangles forums....needing to reboot all the time or complaining about other issues.
Pentium D or c2d or i3 system if you have the budget.
Actually one of the dual core Atom D510 or D525 SuperMicro units also, with Intel NICs....like the one I linked in the hot deals forum at Newegg...they work well too for typical networks of the size you're talking about..even up to 20 users or so with typical internet needs. If heavy e-mail volume and VoIP traffic...you'll want a beefier system.
ClamAV is not very good at stopping todays web based threats, however Untangle has a Spyware Blocker module that leverages a bunch of other technologies (users signatures, blocks for known keystroke loggers, URL blacklist to malware distribution sites, blocks known bad active-x, blocks for additional malware related sites. It's included in the "Lite" (free) bundle.
The paid for bundles of Untangle use Authentium as their Pro antivirus add-on. They used to use Kaspersky but a few months ago switched to Authentium.
I have quite a few clients on the Lite version of Untangle, as well as many clients on various paid bundles...often Education/Gov't/Non-profit Premium bundle.
I find that the free version cuts back on malware calls quite well. I have noticed that....if someone does happen to get something on their system, it barely gets installed...meaning, it's very easy to clean up. It's like the initial stub download gets on their desktop, but as I'm sure you're aware...most of the rogues today turn around once they get a foothold on the system and download a big payload..and it seems Untangle blocks that big payload from coming down to deeply infect the system . (reading how the Spyware Blocker module works..this makes sense).
If they want to do any reporting...you'll want a paid bundle so you get the directory connector (to match user accounts to reports instead of workstation IP addresses).
If you want to do any spam filtering for Exchange...get a paid version, so you can get the CommTouch Spam booster module....it's quite good, rivals effectiveness of big names like Postini or Barracuda.
The stability and performance of your Untangle install will depend on the quality of hardware you install it on. On the super cheap, I've done very well using business grade desktop computers like Dell Optiplex or HP/Compaq Deskpro DC series. Intel processors, Intel chipset motherboards, Intel or 3COM or Broadcom network cards. Take an old P4 h/t that is being retired, slap in a decent second network card, a gig or two of RAM, and a new hard drive...you have a pretty good little unit for cheap (you probably had a spare NIC and memory around..so really only paid for a HD).
Don't cheap out with AMD based units and budget motherboards with cheap chipsets and realtek NICs....those are the units you'll see people complaining about in Untangles forums....needing to reboot all the time or complaining about other issues.
Pentium D or c2d or i3 system if you have the budget.
Actually one of the dual core Atom D510 or D525 SuperMicro units also, with Intel NICs....like the one I linked in the hot deals forum at Newegg...they work well too for typical networks of the size you're talking about..even up to 20 users or so with typical internet needs. If heavy e-mail volume and VoIP traffic...you'll want a beefier system.
Vicenarian
Active Member
- Reaction score
- 19
Thanks for the detailed info YeOldeStoneCat! Very much appreciated. Positive rep for you.
I'll be setting up an actual Untangle server to play with sometime soon. I have an old PC with a Pentium D that I can use.
I'll be setting up an actual Untangle server to play with sometime soon. I have an old PC with a Pentium D that I can use.
YeOldeStonecat
Well-Known Member
- Reaction score
- 6,960
- Location
- Englewood Florida
I'll look forward to your questions and comments as you play with it. Glad to help if you have any further questions.
Vicenarian
Active Member
- Reaction score
- 19
Similar threads
