NG Firewall Version 14.2

See What’s New

Untangle NG Firewall 14.2 includes significant enhancements to web security and content filtering, the ability to synchronize users with Azure Active Directory, and enhancements to intrusion detection and prevention.
 

Version 14.2 Highlights

Untangle NG Firewall 14.2 includes significant enhancements to web security and content filtering, the ability to synchronize users with Azure Active Directory, and enhancements to intrusion detection and prevention.

Visibility and Control for Educational and other Content-sensitive Environments

These capabilities provide network administrators in content-sensitive environments such as schools, libraries or social services to meet compliance requirements while safeguarding users.

  • Web Filter enables administrators to flag, block or alert based on search words on Google, YouTube, Ask, Bing, and Yahoo.
  • Enforcement of safe search for YouTube; YouTube usage can be locked down to show only content that meets the ‘safe search’ criteria.
  • Logging of YouTube searches performed on the network.
  • Enhanced malware detection with an even greater percentage of the internet categorized to block more attacks originating from web browsing.

Directory Connector: Azure Active Directory

Directory Connector has been updated to allow users to connect via Azure Active Directory. For those customers using Office365, they can now utilize their existing directory service with accounts, groups and policies already established. This saves customers time during deployment, general maintenance of user groups and policies, and when provisioning or off-boarding users.

Intrusion Prevention: Better Performance & Easier Customization

  • Intrusion Rule ID is now visible so IT admins can see which rule was responsible for a log/block action in reports.
  • UI performance updates for better user experience and faster load times.

Additional Enhancements

  • Ability to hide the network name of the wireless access point. This provides increased security from hackers and devices looking to join networks with malicious intentions.
  • Ability to set the time for Configuration Backup to be performed.

For a full list of changes in NG Firewall 14.2, please see the changelog.

Important Technical Notes on Upgrade

Untangle NG Firewall version 14.2 and above implements URL categorization powered by Webroot Brightcloud®. This replaces the same functionality provided by Zvelo in prior versions. You can find answers to common questions related to the upgrade in this article. By October 30, 2019, customers will need to have upgraded to at least 14.2.0 in order for categorization of web pages to work.

Pricing & Availability

Untangle NG Firewall version 14.2 is available as a free download. Current Untangle customers will be able to upgrade seamlessly at no charge.

Webinar

Register for the Community Webinar: NG Firewall Version 14.2 and zSeries Appliances here.

More Info

Webinar & Video Resources
Documentation
Forums


Previous Minor Release: Version 14.1

Easily Manage Remote NG Firewall Appliances with Zero Touch Provisioning

Zero touch provisioning enables easy access and configuration of NG Firewall appliances, without requiring physical access to the appliance. This is an ideal scenario for MSPs who need to install and manage appliances for their clients without having to visit each client site. The appliance simply needs to be connected to the internet and the serial number provided to the MSP or IT admin for remote access to be initiated via Command Center. From there, the MSP or IT admin can set up the appliance to fit the needs of that location. The admin can also set up a template so that the appliance is immediately configured based on the template once it is connected and synced to Command Center, reducing management overhead and resulting in cost savings.

Intrusion Prevention: More Powerful & Easier to Configure

The Intrusion Prevention application has been updated for better performance and easier maintenance. The IPS engine is now using Suricata, instead of Snort, for improved technical performance and management. The Intrusion Prevention app now has automatic configuration for simplified setup and basic default settings. IT admins can go further to add additional rules, if necessary.

Additional improvements include:

  • Signatures are updated on a daily basis
  • Reduce false positives with recommended actions
  • Rules based on available system memory, preserving performance

For a full list of changes in NG Firewall 14.1, please see the changelog.

Version 14.0

More Control, More Visibility and Lower Costs for SD-WAN

Untangle continues to address the growing concerns of distributed organizations challenged with securing their evolving network perimeters. With NG Firewall 14.0, Untangle provides enhanced support for SD-WAN networking scenarios that can help businesses with distributed, branch and remote offices leverage cost savings, fast and flexible deployment, and ensure a consistent security posture.

  • Tunnel VPN connections can bind to specific WANs, allowing configuration of multiple tunnels for multi-WAN sites and ensuring each tunnel is using the desired physical WAN connection.
  • Administrators can direct traffic to the most desirable WAN connection based on criteria like ports and protocols.
  • Tunnels can be set up without NAT so that the cloud firewall has full visibility into the network. This gives the ability to centralize policies across the whole network from the cloud firewall.

Business Continuity and Reliability with Wi-Fi Failover

Wireless interfaces can now be configured as client to a wireless access point. This allows NG Firewall to connect to an existing Wi-Fi network and act as a client, providing another option to WAN Balancer and WAN Failover to ensure business continuity and avoid interruption of service.

  • In a failover scenario, this configuration will ensure that NG Firewall can still inspect and safeguard all internet traffic with no interruption in service.
  • Since NG Firewall can be deployed into the network as a client, all network traffic can be protected even without having NG Firewall provide the main Wi-Fi connection.

Additional Enhancements

  • Various improvements to Reports and the Dashboard. Dashboard now supports conditions, allowing for easy drill-down by specific host, user or other criteria.
  • Dynamic WAN protocol support. NG Firewall now supports two networking protocols: OSPF and BGP. Understanding these protocols ensures that NG Firewall can always access up-to-date routing tables so that it can find IP addresses. Additionally, this release includes support for several new dynamic DNS providers.

Important Technical Notes

The Untangle distribution is now based on Debian 9 (stretch) and the 4.x kernel. This is a more modern O/S that includes systemd and a newer kernel with a wider array of hardware support and better performance.

On upgrade all systems will be moved to the new O/S and will install the new kernel. The old kernel will still be booted by default until the user manually selects the new kernel to avoid any possible hardware regressions. The system must reboot at the end of the upgrade process so that systemd can manage the system correctly.

Because upgrading to NG Firewall 14.0 requires a reboot, consideration should be made on the timing for the upgrade to ensure it is done at a time when an upgrade followed by a reboot is acceptable.

Command Center

  • Meets GDPR compliance, in conjunction with Untangle’s data privacy policy.
  • Supports master policy configurations. Administrators can now configure a master policy as an appliance image that can be deployed one-to-many, simplifying configuration and management for multi-site deployments and MSPs.

14.0 Changelog
Webinar & Video Resources
Press Release