Protect the entire network with Untangle
Network Administration - We all know that protecting your computer from malicious software like viruses, trojans, spyware is actually protecting your files and data. However, with the appearance of a series of devices that can store data participating in the network, it is difficult to prevent malicious software from entering the entire network. Now applying safety protections to a wide area network is extremely necessary and will allow you to protect mobile devices as well as add a second layer of protection to his computers.
There are many ways to allow you to enforce security for such a wide area network. In this tutorial we will introduce you to the Untangle platform, which is a platform you can install on a dedicated computer or run as a virtual machine (VM). It is also set to work as a network router or firewall, in addition to giving you more interesting additional features. As shown in Figure 1, the platform's feature is a user-friendly GUI, allowing users to easily configure and manage all components.
Untangle offers an open source distribution called the Lite Package (which we will cover in this article), in addition to a premium distribution starting at $ 50 per month for about 10 users.
Discover Untangle Lite
This is the most general overview of the components included in the open source version of Untangle:
Firewall: Like most preferred routers, the open source version of Untangle also allows filtering traffic based on IP address, protocol, port. In addition, it can also perform NAT, which means you can attach Untangle directly to the Internet modem.
Intrusion Prevention: Use open source intrusion detection system Snort, which helps you detect and prevent thousands of different attack attempts.
Attack Blocker: Basically a smart firewall, capable of analyzing traffic to block specific hosts that are thought to be risky. Help prevent Denial-of-Service (DoS) denial of service attacks or other attacks from the Internet.
Phish Blocker: Based on ClamAV, it allows to detect and help you manage fake emails or scams to try to trick you into logging into an online account as well as to reveal personal information.
Protocol Control: Allows you to specify the protocol or port to be logged or locked with time-based policies. It even allows you to detect and prevent applications from performing port jumping.
Virus Blocker: Using an open source virus scanner, ClamAV, allows to actively scan web (http), email (SMTP, POP & IMAP) traffic and file transfer traffic (FTP), block malware detected before they reach your computer. It even lets you scan compressed and archived files. Signs of the virus will automatically be updated with the latest known threats.
Spyware Blocker: Also use ClamAV, protect against spyware with a variety of different methods: Lock URL, cookie lock, ActiveX key, . You can temporarily allow a blocked site or include it in the Black or white list permanently. You also have additional controls on cookies and ActiveX blocking.
Web Filter: Allows you to lock by website categories, some URLs and some file types. Recording and reporting will help you check traffic, the list of clients going through will allow you to eliminate certain computers during the filtering process.
Spam Blocker: With the help of the SpamAssasin open source filter, it allows the use of some spam detection and management techniques, providing users with a list of travels and personal glasses.
Captive Portal: Allows you to ask users to view or log into a certain website before being allowed to access the Internet, which is very beneficial in ensuring that users accept certain conditions when using Wi-points Public Fi. Users can customize the web site that requires this access and many support, RADIUS, and Active Directory authentication. Time policies can restrict access and exception lists can exclude certain computers.
OpenVPN: Allows remote, secure access to your network from the Internet. It even helps you distribute client software and encryption keys.
Reports: Provides you with detailed information and reports for each user, all of which can be exported and emailed automatically.
Hardware requirements
Like other router and firewall platforms, Untangle can be preinstalled on the server or you can install the software on your computer or server yourself. When installing yourself, you need to comply with the following minimum requirements:
- 1 GHz Intel-based processor (32 or 64 bit)
- 512 MB RAM
- 20 GB hard drive
- 2 Ethernet cards (3 if you want to create a DMZ)
- Ethernet switch or wireless access point (for distributing access)
At least during the installation process, you need to have a bootable CD or DVD, monitor, keyboard and mouse. To create an installation disc, you need a blank CD or DVD and need access to a computer with a CD or DVD burner.
Warning: Untangle installation will delete all data on the hard drive.
Deployment options
There are two ways to deploy Untangle. The Router method provides NAT, which means you will attach the Untangle computer directly to the modem. The Transparent Bridge method will turn off the NAT function, which means you will connect the Untangle computer to the router plugged into the modem. It is impossible to say which method is safer or better than the other but the method requires less hardware than the Router method.
It should be noted that no matter which method you deploy, your Internet traffic must go through the Untangle computer. An Ethernet port of the Untangle computer name will play the role of Internet / WAN input. Another Ethernet port will play an output role for the local LAN. So you need to have an Ethernet switch to connect to multiple computers or wireless access points to provide Wi-Fi connectivity.
Install Untangle
Download and burn the ISO image file to a blank CD or DVD. Make sure you use either the Router method or the Transparent Bridge for the Untangle computer. Then insert the image disc into the desired computer, reboot, and then follow the installation order. When the installation is complete, your computer will be restarted. Then click Launch Client, go to Setup Wizard and select Lite Package.
If you need other help, you can consult the Wiki.
When the basic functions of the Internet and the network work, you can start configuring security features.
Timely update security software on computers
Although Untangle provides quite secure protection, it does not support malware scanners for HTTPS traffic, like other wide area network solutions. So you always need to install and update Internet security software on all desktops and laptops. However, because there are two layers of protection, you can choose to use a free antivirus software, such as AVG or AVAST. In addition, you should make the most of the firewall that comes with Windows.
You should read it
- 10 free security downloads
- Instructions for removing the fake Win 7 Anti-Spyware 2011 software
- Distinguish viruses, trojans, worms and rootkits
- Some free security software tools
- Free Internet security for small businesses
- 10 steps to protect your PC before connecting to the Internet
- Network security challenges in 2014
- 7 mistakes make Internet security at risk
May be interested
- Protecting the network through web content filteringin this tutorial we will show you some network data filtering options to protect home or small business networks by blocking content for adults only.
- Why is Facebook account hacked? This is how to prevent that!security on facebook is always a problem that many people worry about. do you know how to protect your facebook account safely? check out the following 8 tips of network administrator to protect your facebook account as much as possible.
- Network security and the need to knowwhile network and internet technologies offer many new growth and competitive opportunities for small and medium enterprises (smbs) it is also a time when it raises the need to protect computer systems against threats.
- What is Protect Battery on Samsung phones? Should I use it?all smartphones have lithium-ion batteries with a defined lifespan, measured by the number of full charge/discharge cycles the battery can go through before it begins to degrade. the average lifespan of a typical li-ion battery is about 300 to 500 charging cycles, or about two to three years.
- Some tips for system administratorsadministrator of a computer network is a very important task. tipsmake.com this time will introduce you some simple network management tips, how to protect your computer network and instructions on fixing some basic errors, management tools, processing tips
- Protect computer network with Bastion host (fortress server) in just 3 stepsdo you have computers on your local network that need to be accessed from outside? using the bastion host - as the gatekeeper - the gatekeeper for your network can be a good solution.
- Security in difficult economic timeswhen new servers or computers are allowed to be invested, security is another cost that causes you a headache. however, what if you can protect your network with your network computer without spending much money?
- Most cyber attacks focused on these 3 TCP ports onlysmall and medium-sized businesses can fully protect themselves from most cyber attacks by increasing defenses against ports that are most often targeted by malicious actors.
- Secure Mac network servicessetting up centralized servers allows you to take advantage of groups, policies and other traditional methods to protect file access on the network.
- How to set the password for the hard drive from BIOS / UEFIa solution to ensure data privacy is to encrypt the entire drive. another simple solution is to protect the drive with a password.