Still Untangle? UTM Unified Threat Management router firewall?

P

Pocatello

DC Moderator and [H]ard DCOTM x6
Staff member
Joined
Jun 15, 2005
Messages
6,703
I have been using https://www.untangle.com/ the Untangle home built free linux firewall solution for 10+ years, IIRC. My current untangle box has died and I want to build something new. This is for my home and I have a typical usage at home with kids gaming and streaming video.

Two big questions:

1) Should I stay with what I know and keep using Untangle?

2) I am getting Fiber to the home with synchronous 1gb up and down in the next few weeks. What UTM / Firewall can handle 1gb speeds?

I'm near a MicroCenter this week in Tustin, California, and I am ready to buy some computer parts to build a new UTM. What suggestions do you have for me? I was thinking of AMD Ryzen but I don't know which one to get.

If I stick with Untangle and want 1gb throughput what kind of CPU and memory should I be looking for? I would guess that hyper threading is not necessary, and 2x4gb= 8gb memory should be enough.

Your thoughts?
 
I'm using an Atom-based unit that has AEX-NI- the common appliances with the Celeron J1900, also Atom-based, lack this. Pros for using the appliance include being completely fanless, and the better ones give you options like mirroring system drives with ZFS and the like, if you're using pfSense for example instead.

I'm actually only using Untangle because I couldn't get Sophos XG to run on my appliance, and because pfSense/OPNSense did not support passive filtering as an IPS only, as they don't support filtering on a bridged interface, and beyond that setting up pfSense/OPNSense using a bridge seemed to be broken from an installation perspective. My Linux-fu is most certainly not up to the task of navigating that, and since none of these options (barring XG) are as slick and easy to set up and use as Untangle, I just went with that.

Note that I'm using a passive filtering bridge because I have an Edgerouter 4 doing edge firewalling, routing, and DHCP; the Untangle appliance is just doing IPS and QoS. In this configuration it should be able to support 1Gbps, but I haven't bothered to step up to those linespeeds as I can only get that for downloads with Spectrum cable.

Here is the appliance I'm using, which is basically a Chinese-sourced part that's sold by a US company in California.

Doing it again, I'd step up to an i5-based unit like the this one, which wasn't out when I ordered mine earlier this year, and I'd probably just get it of AliExpress. I'd put 8GB of RAM in it and put in same-sized Samsung 860 MSATA and 2.5" drives, one each*, and roll a pfSense build on a drive mirror. Or hell, roll ESXi, and virtualize pfSense and whatever else is needed; in my case, that'd be pi-hole, the Unifi controller, and Ubiquiti's UNMS software for the Edgerouter, all probably in a Ubuntu 18.04 LTSB Server instance alongside the router VM.

Not the cheapest solution but certainly performant, compact, low-power and silent.

*[do note that when I installed Untangle, there was no support for installing on a ZFS mirror, which is what I'd want to use the dual drives for on a different distro]
 
Can something like this box handle Untangle's UTM at gig speeds: https://www.amazon.com/Windows-Firewall-Qotom-Q370G4Y-I7-4610Y-Aluminium/dp/B078TFYZFB

Best Windows Firewall Qotom-Q370G4Y Intel Core I7-4610Y 4M Cache, Up to 2.9Ghz, 8Gb Ddr3 Ram, 64Gb Ssd, Fanless Aluminium Alloy, 4 LAN, Dc 12V, Windows Os Linux Pfsense
Click to expand...


I had assumed (wrongly) that I had to build my own server machine to run a fast Untangle. But these tiny little devices seem to run things fine... and they are cheaper than building my own box. How can that be?
 
As an Amazon Associate, HardForum may earn from qualifying purchases.
Pocatello said:
Can something like this box handle Untangle's UTM at gig speeds: https://www.amazon.com/Windows-Firewall-Qotom-Q370G4Y-I7-4610Y-Aluminium/dp/B078TFYZFB




I had assumed (wrongly) that I had to build my own server machine to run a fast Untangle. But these tiny little devices seem to run things fine... and they are cheaper than building my own box. How can that be?
Click to expand...

It should- and at least with Amazon, you can return it if it doesn't.

[the how's and why's- these things are mass-produced in China]
 
As an Amazon Associate, HardForum may earn from qualifying purchases.
As an Amazon Associate, HardForum may earn from qualifying purchases.
Does Qotom include the rice grain sized networking CPU stuff that phones home to China?
 
I bought one. Shipping from China takes about 3 weeks or so. Thanks for the help!
 
You must log in or register to reply here.
Back
Top