help : clearos vs endian vs untagle?

K

k4mus

n00b
Joined
Feb 17, 2010
Messages
5
hello everybody, this is my first post and i want to make a few questions about these UTM:

i'm searching for a alternative for IronPort of cisco ( mail security server) and i found the most UTM used are these ones : Untagle , Endian and ClearOS. The thing is i don't really can decide what of these is the most powerful for a mail security server. all have similar properties, antispam ( spamassasain), antivirus (clamav), etc. but if anyone of yours can help me to take the best decision for a server on a small enterprise.

the most important point to consider is the capacity for filtering emails, no so much the hardware requeriments (isn´t a really a problem, so far)

i hope for your experiences and opinions.

thank and my best wishes :D

cheers
 
Go with Untangle...with either one of the bundles or just a few specific apps...depending on what you need.

How many users?
At the least, get the CommTouch Spam Booster module, and Kaspersky Antivirus module. May also want the active directory connector.

The open source version of Untangle is similar to the others....using the free sourceforce open source apps like spam assassin, and a few other things integrated with it..and it works "OK"..needs some manual tweaking and constant management. But the CommTouch add-on brings it up to a top notch professional level, 99% effectiveness.

Adding Kaspersky antivirus, it's a lot better than the open source Clam.

Untangle sends end users a spam quarantine digest at 6am every day. Easy to read, easy for the end users to release bagged mail, manage the white list, etc.

ClearOS is pretty neat, but..it's a jack of all trades, master of none...it's a combination server, web server, e-mail server, etc. Very cool package..but think of it as sort of an open source version of Microsoft Small Business Server Premium Edition.

Endian is pretty slick. I used to use that at a few clients a few years ago, but have since moved to Untangle...I like UT better.
 
is the AD Connector any good? When i talked to a guy, the new version will have a web page that they will need to log into to authenticate, before they had that script??
 
The AD connector helps you with reports...you can tie reports to user accounts, instead of computer IP addresses. As well as use it for authentication for the SSL VPN portal.
 
i know what it is silly, how is it implemented? before it was a login script, now its suppose to be some stupid IE thing?
 
yeah i heard that is going to be replaced with some IE based authentication, seemed very clumsy for end users.

the vbs script is pretty good since its behind the scenes.
 
I haven't read a peep about that over in their forums. Doesn't make sense why they'd make the end users log into via web browser, it's something that needs to run transparently to the user when they log into their PC.
 
not sure why either they would do that, i could have sworn someone told me that from their forums or even an untangle guy.
 
thank you for the reply. i can see that your knowledge is pretty advanced in this area.
therefore i like to do a few questions.
- how many emails per day can support Untagle and with wich hardware? ,(i'm thinking in arround 10k to 500k per day )
what is the max capacity that you know about this features? ( is for comparing thinking wich is the actual limit)

-Firewall Throughput
Concurrent Connections
VPN Throughput

i'm very greatful for your answer.

my best wishes.

cheers!
 
You sound like you might be above the typical target market for Untangle if you're looking at 500,000 emails per day worth of volume...it's more on the SMB side....designed for small to medium networks of up to 1,500 PCs.
I've read some Untangle techs have installed IT for some networks above 4,000...and I think the largest network someone installed it on was about 6,500 PCs.

It's built on Debian..currently Lenny, they didn't recompile the linux code in the area of eliminating the wall of 10,000 concurrent states, so it's hard coded at 10,000 max.

They recently released a 64 bit version, so you're not limited at 4 gigs of RAM anymore.

The performance of Untangle is greatly based upon installing it on a good solid supported motherboard/chipset, and using good network cards....Intel Pro, Broadcom (I don't like Broadcom for Windows but Linux supports most of them well), older 3COM NICs. Good NICs is especially important the way Untangle works 'n being layer 7.

Build a good quad core Xeon box, stuff it with 8 gigs, install 64 bit and give it a test...do a trial of Commtouch Spam Booster, and Kaspersky. See how it does for you. Might want to also check other modules...if you're concerned with surfing control, content filtering...get that extra module, as well as AD connector and support.
 
thanks for your really useful answer. i have another doubt, i see in the website of UNTANGLE that the price for the "super boundle" is something about 50k dl. and i dont know if that included the hardware too but if they don't is a little expensive.. i beg you clarify my ideas about this

my best wishes and thank you.

cheers
 
Untangle is software only, you supply your own hardware. The Super Bundle had EVERYTHING offered. Do you need WAN balancing and failover? Are you doing to be using it as your firewall? If not, then you don't need the Remote Access and VPN modules, either. If you're primarily interested in the spam filtering capabilities then just do the Open Source package and buy the CommTouch and Kapersky modules.
 
ok, i have a pretty good idea about the diferences between these sofware appliances. i have to say thank you to everybody for the responses. if someone has a new point or comment, i'll be greatful for that.

i think what i'm going do is test first untangle and then clearos.

can you suggest some utilites o websites for doing test over the server of untangle?

thanks alot and my best wishes.

cheers :D
 
Hang out at Untangles forum...great bunch of people over there, ask some questions.
http://forums.untangle.com/

Lets get a bit more detail on your existing network....you have a high range of e-mail flow...so do you have a fairly large network? How many nodes, how large is the pipe, what sort of mail server(s), single location or a WAN?

You mention VPN...note that Untangle has OpenVPN for connections only, and an SSL portal to ge to just shares on the inside. So if you have existing setups with SSL or IPSec or PPTP....have to rethink this if you want to use Untangle for your VPN.

Again, regarding ClearOS..it's a very cool package..but it's an all in one package ..sort of like an open source of Microsoft Small Business Server Premium. Using it as a dedicated mail scanner....eh eh....won't work so well, as it relies on basic open source packages...which will fall far short of your expectations such as being nearly as effective as IronPort.

Untangle, the basic open source package, has a "fairly" effective anti SPAM component, does better than most other open source packages because they combine the technologies of a lot of different anti spam technologies, not just spamassasin. But again, you're looking for an alternative to a fairly top notch mail washing appliance, and Untangles open source package won't match that. To fairly compete with top notch mail washers...you want to add the better modules, which cost money, Kaspersky and Commtouch.
 
thanks alot, i'm testing now untangle and is wonderfull, the instalation and configuration is really easy. now i'm going to do some hard test for see the performance and other thing. thank you, later, i tell you as i was in this job.

cheers
 
You must log in or register to reply here.
Back
Top