New! NG Firewall v12.2

Introducing Web Monitor and Email Reports

NG Firewall version 12.2 is the most recent release. This release includes customizable, template-driven reports that can be emailed on a schedule. Additionally, v12.2 introduces a new app, Web Monitor. Web Monitor allows administrators to categorize websites visited in real-time—free of charge. An overview of the major features in v12.2 is listed below.

We have a variety of version 12.2 video resources to help you with understanding the updated administrative interface and new features. You can find all the version 12.2 video resources here.


Email Report Templates: The Full Power of NG Firewall Reports via Email

Reports has an new templating system that allows administrators to build a custom overview of all their favorite reports to be sent via a scheduled email. The template can include any report entry, including custom ones––text or graphical!

The charts and reports are visually identical to the online (web) report experience. Each report entry in the template is rendered and embedded in an email and sent to the users configured to receive that report. Templates can be scheduled, daily or weekly. Custom templates and custom report entries can give very tailored experience.

The default template will send summary information and a few charts for each app. Administrators can configure a more detailed report for power users. Alternatively, custom templates can be created with very specific information for interested users. For example, get a simple report with a specific individual’s top visited web sites and web violations sent to a supervisor.


Universal Plug-N-Play Support

UPnP (Universal Plug-n-Play) network protocols are now supported. Administrators can now enable UPnP under Config > Network > Advanced > UPnP. A grid is available to show the current UPnP forwards. Additionally, there are Access Control Rules enabling the administrator to allow UPnP for certain hosts and/or ports.


Web Filter

Web Filter now supports rules. Just like other apps, rules in Web Filter give you the ability to do more advanced configurations. Rules enable you to set up very specific precedence and actions based on conditions. This provides for things like allowing a certain user to a specific site without using a separate policy, or blocking certain areas within a site that is allowed but whose category is blocked. Rules also allow for some new conditions like blocking based on file size and other actions that were not previously possible.

The mime-type and file-type tabs have been moved to the rules. On upgrade, your existing blocked mime-type and file-types will be converted to rules.


Web Monitor

Web Monitor is a new free app! Web Monitor is for tracking and analyzing web behavior. Web Monitor works jut like Web Filter, but only only provides visibility—not control.

Web Monitor has 140 categories and 500 million sites categorized. As sites are visited, they are dynamically categorized using cloud-based lookups for real-time categorization. Additionally, Web Monitor categorizes HTTPS traffic using SNI and/or any certificate information.

Web Monitor has the best web categorization and analytics available and is perfect for organizations that just need to monitor, not control, web activity.


Web Filter Lite

Web Filter Lite is now deprecated. On upgrade, Web Filter Lite will still be installed for those currently using it; however, it will not be available for install on new deployments. We recommend removing Web Filter Lite and installing Web Monitor.

In the next major version (v13) Web Filter Lite will be dropped.

Why? Web Filter Lite has two major limitations.

  1. The category database is unmaintained and only approximately 1 million sites. Effectively this means it the entire web gets categorized as “Uncategorized.”
  2. It does not handle HTTPS/SSL at all. As most of the web shifts to HTTPS, Web Filter Lite handles little modern web traffic.

We believe that Web Monitor provides a better experience for users who cannot or choose not to purchase Web Filter. Web Monitor provides the same visibility into web traffic that Web Filter does. For organizations that do not wish to block or otherwise control web traffic, Web Monitor should suffice.


Other Updates

  • A new & more polished registration screen
  • The OpenVPN windows distro has been upgraded to 2.3.13 (by WebFool)
  • Public Address settings have been moved to the network settings
  • The Shield has been moved to layer-3 for much better performance
  • The default Captive Portal page is now fully responsive
  • Virus Blocker and Virus Blocker Lite now have settings to enabled/disable cloud lookups
  • Added local_address and remote_address to sessions and session_minutes table for simpler queries
  • “Hostname” is sessions and session_minute is now the hostname of the local_address regardless of session direction
  • PPPoE fixes for ARM and VLAN installations
  • Added support for more VRRP aliases
  • The default admin login text on the login page can now be configured
  • The date format and number format can now be configured manually
  • Fix IPsec on ASUS/ARM
  • Many more fixes!


Previous Release: v12.1

Administrative Interface

  • The interface has been updated to simplify and modernize the user experience, enabling access via PCs, tablets and phones.
  • New charts and graphs are now faster, look better and have increased functionality.
  • Dashboard configuration makes adding widgets and reports simple.
  • Setup wizards are now responsive and can be used on a phone or tablet.
  • Reports navigation has been updated to make it completely responsive, and also making navigation on PCs more user-friendly.




In addition to the user interface enhancements, NG Firewall version 12.1 provides new geolocation capabilities for all traffic. NG Firewall’s Integrated Rules EngineTM can utilize geolocation data to allow network administrators to create and apply rules based on client or server latitude and longitude or country. This enables network administrators to quickly triangulate where a threat is originating and create an appropriate policy response. Geolocation data is also available in NG Firewall’s reports and widgets.

  • You can now filter traffic based on its location. All sessions’ IPs run through a geolocation lookup and are attached to the session.
  • Create rules using geolocation data and create reports to find out when and where data is flowing.



Other Updates

  • Event-based Reporting. Event lists are now a type of Report entry. Network administrators can more easily create custom event list reports, allowing them to keep tabs on specific users, domains, sites, policies and more.
  • Performance. NG Firewall now performs a “dynamic bypass” function for UDP such that if all layer-7 applications “release” interest in the session, the data will be passed at layer 3, greatly boosting performance.
  • SSL Certificate Management. Management of client SSL certificates required for SSL Inspector has been further streamlined.
  • Google & Facebook Authentication. NG Firewall’s Directory Connector application now offers experimental support for authenticating users against their Google or Facebook accounts. This provides a flexible alternative for simplifying Captive Portal deployments.
  • On-demand VPN. IPsec VPN now supports IKEv2, allowing admins with iOS devices to force on-demand VPN with certification-based authentication.



Pricing & Availability

Untangle NG Firewall version 12.2 is available as a free download. Current Untangle customers will be able to upgrade seamlessly at no charge.

Major Release

Version 12 is the latest major release. It included the administrative interface redesign, introduced the 360° Dashboard and Untangle Cloud. To find a complete list of the changes in v12, visit the changelog.

Check out the video below to get a quick overview of the changes in version 12.0.

We have variety of v12 video resources to assist you in understanding the new features. You can view them all here.
Click here to see the full list of webinars.
More Info