- NG Firewall
- Solutions by Industry
- Solutions by Issue
Untangle aims to help small businesses deal with the headaches associated with having a business connected to the internet. When we launched in 2005, large enterprises had been connected to the internet as part of their day-to-day business for years, but they had dedicated IT staff to help deal with the issues. Smaller organizations had also begun to critically rely on internet connectivity, but had no dedicated IT staff.
Untangle set out to solve that problem by offering a firewall solution aimed at the sub-enterprise market that pulled together great technology, then packaged and priced it in a way that small businesses could understand. Over the years, both the needs of businesses and the internet landscape evolved, and the firewall market evolved meet those connectivity needs.
In the early 2000s, firewalls started to incorporate smarter security, like antivirus and intrusion prevention. With the rise of spam, firewalls responded by adding email filtering. Meanwhile, the security threats also evolved: spyware became a new threat that had to be handled differently than viruses.
The needs of users also changed when employees began to use social networking and the internet extensively; firewalls had to respond with web filtering and monitoring to make sure employees did appropriate things at work and remained on task. Soon after, YouTube and streaming media became mainstream, so firewalls added smart bandwidth shaping to limit bandwidth abuse and make sure critical business applications got priority. Firewalls added application identification and control to help identify network traffic and enforce appropriate policies and bandwidth usage.
In recent years, employees have begun to work from home and use their own devices like smartphones and tablets. Firewall manufacturers responded with many VPN options and mobile device management. In just the last few years, most internet traffic has moved to SSL encryption, so firewalls also had to respond to handle SSL traffic intelligently so businesses could still enforce appropriate policies and protect their network.
The “firewall” sometimes now called a “next-gen firewall” or “UTM” (unified threat management) has been through a massive transformation. If you compared firewall solutions from the early 2000s until now it would be like comparing Model Ts to modern cars.
A completely different story unfolded during this time in the world of consumer Wi-Fi routers. In the early 2000s, many consumers had a single PC and maybe a laptop connected to a smaller router/modem or a small wireless device like the trusty Linksys WRT54G. The old linksys router was around 200Mhz and 16MB of RAM with 802.11b wireless. Home routers have massively increased in processing power since then. A modern router is at least 10x more powerful, with upwards of 1.4 Ghz and 512MB of RAM. Wireless performance has also exploded, with the addition of 802.11g then 802.11n and now 802.11ac.
As IoT (Internet of Things) came along, the number of devices in the home exploded. Consumers bought tablets and smartphones. TVs and receivers became internet-enabled. Regular devices like thermostats, speakers, and refrigerators all started connecting to the internet. Kids stopped watching TV and got on their own smartphones and tablets. What used to be a single PC and maybe a laptop connected to the internet became “the home network”, with dozens of devices talking to the internet.
During this time, unlike the firewall, the consumer router did not change very much. Despite massive improvements in hardware performance, the features and benefits of the consumer router didn’t evolve much beyond performance and range. Official firmware and aftermarket firmware distributions like DD-WRT, OpenWRT, and Tomato provide internet connectivity and basic routing—like port forwards, in some cases VPN, and some basic QoS. Unlike business firewalls, which went through massive changes to cope with the complexities of safely connecting a local network to the internet, consumer router firmware has been mostly stagnant.
Today, families have home networks of dozens of devices connected to the internet. But unlike businesses that use firewalls which have evolved to help deal with connecting a network to the internet, individuals at home have few options. Luckily, consumer router hardware is now so powerful that it is entirely capable of running a full enterprise firewall solution. This is where Untangle comes in.
Untangle now provides a firmware distribution that runs on consumer routers and provides all the same benefits of an enterprise firewall, but built for the needs of today’s digital home.
Before the “smartphone,” cellphone manufacturers competed in just a few ways. Size and price were two key factors. Cellphones continued to get smaller and smaller. Eventually, phones became so small, that it ceased to be an advantage to be any smaller. During this time, it was largely irrelevant what your cellphone could do, because all it was meant to do was make phone calls.
The smartphone changed everything. Suddenly, what your phone could do became a very big deal. The Blackberry was physically large, but perfect for business email users. The iPhone came along with a huge touch screen and could run any “app” in the app store. Android eventually came along and had their own store with millions of apps. Now phones are all big, and what really matters is what your phone can do.
We think the consumer router market is similarly poised for a shift in what consumers perceive as important. For the last 15 years, home routers have competed on price and performance. Modern routers are so powerful that their range and throughput abilities exceed even what power users need.
Given the explosion of devices in the home due to the IoT trend, the need to protect, control, and monitor what goes on in the home network will drive this “next generation” of routers. While major manufacturers continue to focus on making faster routers, new products like Amazon-funded Luma, Disney Circle, AVG Chime, Torch, and Bitdefender Box have emerged to fill this gap. However, each one of these smart routers provides only a partial solution.
Router hardware has evolved and improved over the years, but its firmware remains stuck in the dark ages when it comes to security, network traffic visibility and control. Recognizing the inherent limitations in popular commercial routers, Untangle set about making a radical new OS for home routers based on its popular, broadly installed and easy-to-use NG Firewall product. NG Firewall is now available to be flashed onto the Asus AC3100 RT-AC88U.
The biggest challenge facing home networks isn’t necessarily even security: it’s the lack of visibility into and control over the traffic. This is where Untangle can help. Unlike commercial firmware on today’s home Wi-Fi routers, Untangle NG Firewall logs traffic for rich, robust reporting into every facet of what’s happening online: sites the kids are visiting, neighbors jumping on the wireless network, and the newest IP-enabled gadget phoning home. NG Firewall allows users to create rules for managing access to websites, applications, and content based on criteria like device, user, time of day, day of week and more. Customers can see the effect of those rules through drill-down reports that can be monitored via the 360° Dashboard, a single pane of glass view into what’s happening on the network.
In November, 2015, the FCC issued a clarification to its SOFTWARE SECURITY REQUIREMENTS FOR U-NII DEVICES regulations. While the intention of the FCC was to restrict modifications that would take devices out of compliance, router manufacturers (notably TP-LINK) used the requirements as an excuse to lock down their routers so that alternative firmware could not be installed on routers distributed in the United States. This action shuts out open source firmware that extends router capabilities via improvements to range, network segmentation, security and more –– including Untangle’s. Grassroots action from organizations like the Electronic Frontier Foundation (EFF) and Save Wi-Fi to combat this outcome continue.
Untangle firmly believes that users have the right to modify the software on the hardware they purchase. As a downloadable, open source software firewall distribution, Untangle’s NG Firewall is predicated on the idea that hardware exists to deliver value from software, not the other way around. Untangle is committed to fighting for the users and their right to install the software of their choosing on the hardware (servers, routers, phones and more) they purchase.