Alternatives to Untangle



  • Looking for alternatives to replace my existing Untangle install.

    Any downsides to moving to pfSense or OPNsense? Other suggestions?



  • What sort of WAN connection(s) are you supporting with it? Also, home or business?

    For a business, I'd stick to hardware firewalls. You can get ER-X for $55 that will support up to 500mbps, 5 gigabit ports. Makes it kinda silly to use a software firewall for much of anything anymore. If heading over 1gb speed on a connection, then I'd have to look at other solutions.

    For home or just tinkering, pfSense I've used and is ok, but has some interface quirks that make it not so fun to manage. If going for a software firewall, I'd rather use VyOS.



  • @travisdh1 Thanks for the feedback. Do the inexpensive hardware firewalls offer the same features as Untangle, pfSense, etc? Things like web filtering, openVPN, virus blocking, and so on.



  • @Danp said in Alternatives to Untangle:

    @travisdh1 Thanks for the feedback. Do the inexpensive hardware firewalls offer the same features as Untangle, pfSense, etc? Things like web filtering, openVPN, virus blocking, and so on.

    Those are UTM functions and do not belong on your firewall IMO. Stand up something behind your firewall for those and proxy if you want them. but honestly I hate those functions anymore. they do nothing but waste resources.



  • I like using Ubiquiti EdgeRouter. If you need more functionality out it on a VM behind the router.



  • @JaredBusch said in Alternatives to Untangle:

    @Danp said in Alternatives to Untangle:

    @travisdh1 Thanks for the feedback. Do the inexpensive hardware firewalls offer the same features as Untangle, pfSense, etc? Things like web filtering, openVPN, virus blocking, and so on.

    Those are UTM functions and do not belong on your firewall IMO. Stand up something behind your firewall for those and proxy if you want them. but honestly I hate those functions anymore. they do nothing but waste resources.

    I'm with Jared here. Keep those things off the firewall.



  • pfSense is fine but I find the build your own router thing to be silly outside of the home.



  • I'm with @JaredBusch and @scottalanmiller, those things don't belong on a corporate firewall as a general rule.



  • @scottalanmiller said in Alternatives to Untangle:

    pfSense is fine but I find the build your own router thing to be silly outside of the home.

    Does it really make sense in the home either though? $55 for an ER-X with VERY low power consumption. A PFSense box typically requires a whole PC and many times the power costs. Granted the PC itself is typically just a left over old machine, but it's still a cost.



  • @Dashrender said in Alternatives to Untangle:

    @scottalanmiller said in Alternatives to Untangle:

    pfSense is fine but I find the build your own router thing to be silly outside of the home.

    Does it really make sense in the home either though? $55 for an ER-X with VERY low power consumption. A PFSense box typically requires a whole PC and many times the power costs. Granted the PC itself is typically just a left over old machine, but it's still a cost.

    agreed.

    I liked the options that Untangled offered. But took the approach from @JaredBusch and @scottalanmiller and with with an ERL. Now there are times I still wish I could use Untangled,.. but there just are 'cheap' options for a build in a small form factor and multi-NICs...

    I am running an ERL and with some help from @JaredBusch have it running nicely. I need to get into the back end more and do some control... but for the most part, haven't touched it other than to update the vOS on it.



  • What to do with the Dell SC440 server that is currently being used? Scrap it?



  • @Danp said in Alternatives to Untangle:

    What to do with the Dell SC440 server that is currently being used? Scrap it?

    Use it for running the other features you were talking about, VPN, Intrusion Management, etc, or a lab/test environment. I don't know how old the SC440 is, so no idea if the power draw alone is making it not worth running yet or not.



  • @Danp said in Alternatives to Untangle:

    What to do with the Dell SC440 server that is currently being used? Scrap it?

    Definitely scrap it.