- NG Firewall
- Solutions by Industry
- Solutions by Issue
Version 13.2 includes a host of enhancements, with a focus on VPN (virtual private network) features and at-a-glance reporting capabilities in the responsive, 360º Dashboard.
New Dashboard widgets display an overview of network security policies and threat alerts providing IT administrators, MSPs and MSSPs with actionable information that enhances their security posture. NG Firewall works seamlessly with Untangle’s cloud-based, centralized management platform, Command Center, to reduce the complexity of securing both headquarters and distributed networks.
We have version 13.2 video resources to help you understand the key updates in this release. You can find all the version 13.2 video resources below.
All three VPN applications were updated in this release, enabling safe and secure network traffic connections from site-to-site or site-to-cloud. NG Firewall provides the industry’s most comprehensive support for VPNs, enabling distributed sites to optimize traffic routing, including via SD-WAN deployments.
Organizations utilizing the Captive Portal application to provide secure Wi-Fi to employees, customers or the public can now block SSL and HTTPS websites so users are not confronted with an error page.
Directory Connector now supports multiple Active Directory servers. Organizations with multiple organizational units can now fine-tunes their policies and enjoy enhanced synchronization when group changes are made.
Please see the Changelog for a full list of enhancements in v13.2.
Untangle NG Firewall version 13.2 is available as a free download. Current Untangle customers will be able to upgrade seamlessly at no charge.
Join us for the Community Webinar: Version 13.2 on January 30, 2018 at 10 AM PT. Register here.
NG Firewall version 13.1 includes a new app, Tunnel VPN, plus improvements to Captive Portal. This release focuses on expanding Untangle NG Firewall’s industry-leading connectivity and authentication capabilities to address the needs of distributed enterprises, branch offices, retailers, franchises and other organizations who rely on SD-WAN and secure Wi-Fi solutions.
Tunnel VPN is the easiest way to create a persistent, secure connection between your Untangle NG Firewall and a remote network. Tunnel VPN works seamlessly to accomplish a variety of networking scenarios, including:
Tunnel VPN is powered by a fully featured ruleset, enabling WAN optimizations to determine which traffic is sent through the tunnel and directed at any given interface, host, subnet, port or other criteria. Like other NG Firewall apps, Tunnel VPN uses Untangle’s innovative tagging feature to enable administrators to create advanced, dynamic scenarios based on any taggable event or activity.
Organizations that provide secure Wi-Fi to employees, customers or the public now have the ability to authenticate users via Google, Facebook, or Office 365 accounts directly with those services, enabling administrators to easily identify users without having to maintain separate directories, reducing administrative overhead, speeding login and providing opportunities for user-customized communications and access privileges.
The Application Control app has been updated to improve detection and include over 350 new applications, ranging from social applications like Facetime and Slack, to adult-content applications like Pornhub, Youporn and 4chan.
Beta support for running NG Firewall in AWS and Azure is now available.
Please see the Changelog for a full list of enhancements in v13.1.
NG Firewall version 13.0 is the latest major release. This release includes a new, responsive, and URL-routing administrative interface, as well as user tracking, tagging and trigger rules. In addition, v13 tackles bufferbloat, ensuring optimal bandwidth utilization.
Over the last several releases of NG Firewall, we’ve made drastic improvements to the usability and performance of our administrative user interface––all with the goal of making your job as network administrator easier.
With v13, we’ve further updated the UI to load, render and respond more quickly. Additionally, we’ve made a few key enhancements to make the UI behave more like a web application and less like an installed app. We’ve removed “modal” windows, and also now provide URL routing, allowing you to use the browser’s back button like you would expect. You can also share direct links to specific application pages with others, whether you wish to share a report or show another admin a specific configuration tab.
A few other changes include:
We hope you’ll be as excited as we are about these changes as we continue to streamline the user experience with the goal of providing you with the easiest, most powerful unified threat management solution on the planet.
Interactive internet applications like VOIP and gaming rely on performant networks. However, performance is dependent on each piece of networking equipment along the path that the traffic travels. Unfortunately, some equipment manufacturers trying to help solve the problem have actually made it worse by including overly large buffers (places to temporarily hold incoming or outgoing data).
In a nutshell, bufferbloat is simply poor latency caused by excess buffering in networking equipment. In situations where you have a fast local area network connected to a slower internet connection, the buffer will likely fill up quickly and users will begin to experience latency. For example, one user on the network might be uploading a file, filling up the buffer quickly, while another user attempts to make a VoIP call. While the VoIP call does not require as much bandwidth as the upload, the VoIP call will be impacted significantly by the latency due to the upload filling up the buffer.
Untangle now solves this problem by supporting a queueing algorithm that optimizes bandwidth and QoS to enforce a controlled delay. NG Firewall, if configured to do so, can act as the buffer. It will use the new queuing algorithm, QoS and bandwidth control to manage traffic so the VoIP call’s latency is reduced and, at the same time, ensure that the upload continues with minimal impact.
Untangle has added a “User” table to complement the other 3 major tables: Sessions, Hosts (IP addresses), and Devices (MAC addresses). Each of these tables house information on all the entities on the network. The User table stores the usernames that are connected to the network. This new addition enables quotas to be enforced via usernames and not just by device.
Tagging is a new feature that allows administrators to simply tag a host, device or user. Think of a tag as a label or metadata string associated with a host, device or user that can be used to quickly create policies based on entities that have a specific tag associated with them. In some ways, they work like hashtags on social media posts––they allow you to quickly find (and act on) users and their devices.
It’s easy and quick to create a tag and associate it to a policy. For example, by creating a “student” tag, an administrator can associate that tag to policies specifically designed for students (as opposed to teachers, staff or visitors). Tags can be applied manually by the administrator, or can be applied automatically based on conditions. In this example, a student logging in to the Wi-Fi captive portal could have that tagged BYOD device automatically associated to the student policy every time the student brings that device to campus.
Triggers are an administrator’s best friend. Triggers allow the admin to tag hosts, devices, and users when specific events occur. The admin can then create policies and rules to manage behavior. Similar to alert rules, trigger rules evaluate all events and can be configured to tag or untag entities based on the rules applied. For example, if a user visits a suspicious website, the administrator can set up a trigger to automatically tag that user as “suspicious activity”. The administrator can automatically have an alert triggered by any event with the “suspicious activity” tag. Once tags and triggers are configured, they proactively manage devices, hosts and users without intervention by the network administrator. Think of tags and triggers as IT superpowers!
The OpenVPN application now has an “Advanced” tab to allow administrators to override Untangle’s OpenVPN configuration. This provides advanced users the option to edit and customize their OpenVPN configuration to their liking, while still ensuring all traffic––remote or local––is filtered through Untangle. Note: The “Advanced” tab in OpenVPN is not supported by the Untangle support team. Please be sure to read the OpenVPN documentation.
Captive Portal can now use MAC addresses to track devices. Previously, Captive Portal could only track IP addresses, forcing users to reauthenticate when they disconnect and reconnect to the network throughout the day (like closing a laptop and reopening it). This new feature now tracks the device by its MAC address, ideal for small offices or branch offices that have a high turnover of users connecting to the network. For example, a company with a BYOD program has the same employees connecting each day. Instead of the employee having to reauthenticate every time they access the network, Captive Portal recognizes the device by its MAC address and applies the necessary policies.
Please see the Changelog for a full list of enhancements in v13.