UTM users... which one did you go with and why?

[VanFanel89]

I have enough spare parts laying to build a basic box to use as a router/firewall; sell my current netgear Tomato based router and basically get free money

I am reading about the various UTM distros out there (Untangle, Astaro, Copfilter...) and I see many with awesome features but not a concise winner.

So - those of you who have gone that route, what are your recommendations and experiences? I'll probably be building the box in a couple of weeks so plenty of time to figure things out.

To give you an idea of what the UTM would be "servicing":

My personal desktop (Win7 64 bit)
My gaming desktop (Win7 64 bit)
My thinkpad (Ubuntu 32 bit)
My Macbook Air (snow leopard latest rev)
My XenServer box (currently running 2 VMs)
My DNS323 NAS which is actually a FreeBPX/Asterisk box (and is providing phone service )
A printer, a SIPURA device (linked to the DNS323) and PS3/Wii (PS3 is used to stream content to my TV)

The networking hardware itself would be:

UTM -> Netgear GS108T-200NAS -> everything else (will have a wifi AP, maybe another non managed gigabit switch for a specific VLAN).

Thanks!!!

 

[Greatone123]

First question will be, what hardware do you have to use?

My first one I used is untangle worked great, my next build is going to be pfsense just for routing rather then a full utm.

 

[YeOldeStonecat]

You'll find Copfilter quite dated, it was the first UTM I tried....back many many years ago. And it's still about the same.

Astaro and Untangle are light years ahead of it.
You'll find Untangle easier to setup for your home LAN..defaults work well...they lock down incoming, and are loose for outgoing. It's quite simple.
Astaro, you'll find you'll be playing with the firewall right away trying to get outbound things to work..because it defaults to clamped down. Astaro has been around longer, you can consider it more polished. I like the dashboard of it better than Untangle. It has a few more features in the free version.

Both seem to perform about the same..same horsepower requirements,

 

[jadams]

First question will be, what hardware do you have to use?

My first one I used is untangle worked great, my next build is going to be pfsense just for routing rather then a full utm.

Free apps for Untangle are all available packages for pfsense, ClamAV, snort, spam blockers etc.... Plus pfsense will run circles around Untangle. Although Untangle is pretty easy to setup. Some of the screens in pfsense may leave you scratching your head.

 

[MavsX]

we have untangle running at work. It's still a somewhat new installation of it, but it looks pretty easy to play with, configuration was pretty simple too to get it up and running.

 

[YeOldeStonecat]

Free apps for Untangle are all available packages for pfsense, ClamAV, snort, spam blockers etc.... Plus pfsense will run circles around Untangle. Although Untangle is pretty easy to setup. Some of the screens in pfsense may leave you scratching your head.

PFSense will run circles around any true UTM distro as far as speed, QoS, etc. Any basic distro will run circles around a UTM. I love the distro..it's a freaking Ferrari.
However, even with those add-ons to make PFSense a "partial wannabe" UTM....Untangle and Astaro will run circles around it for true UTM protection. Yes Untangle leans on Clam..but it leverages a whole bundle of other tools in it's Spyware module. By itself...Clam can't find much.

 

[RiDDLeRThC]

I love my Astaro firewall. free for home use too (up to 50 IP's).

 

[-Jess-]

I've been using Untangle 8, as a "temporary" replacement for my Astaro box.
It's been working out really nice, but like Astaro, it needs some decent hardware to run properly.

For hardware, minimum I think is a P4 and 1GB of RAM. I've successfully run it on a Sempron and 1GB but startups/shutdowns were pretty slow.
If you have the spare parts, overkill box for the win.

Aside from listing your hardware specs though, what will you be using your connection for (gaming/voip/streaming, etc)? Maybe the guys here can recommend guides and configs that may help.

 

[VanFanel89]

Thanks for the great feedback guys! More is welcome!

For those who are wondering - this is the hardware (well going to be the hardware) to power the box:

MSI Fuzzy RS690T mini-ITX board; board has two marvel gigabit nicks, onboard graphics, two SO-DIMM slots, even has a PCIe slot etc. Great little guy!

An Athlon X2 4450 (hopefully would work in the board)

A 2.5" 80 GB SATA Drive

A case... need to figure that one out

And that's about it! The install will be done via a USB drive so no need for an optical drive.

In terms of what the connection will be used for: pretty much everything! VoIP for sure (asterisk ftw), gaming, possibly outbound audio streaming... and general web shenanigans.

 

[jadams]

PFSense will run circles around any true UTM distro as far as speed, QoS, etc. Any basic distro will run circles around a UTM. I love the distro..it's a freaking Ferrari.
However, even with those add-ons to make PFSense a "partial wannabe" UTM....Untangle and Astaro will run circles around it for true UTM protection. Yes Untangle leans on Clam..but it leverages a whole bundle of other tools in it's Spyware module. By itself...Clam can't find much.

I'd like to know exactly what they mean by:

Uses dozens of custom-tuned community blacklists in addition to Untangle's Virus Blocker technology, based on ClamAV

Its a little unclear about what the difference is between. Untangle ClamAV and its community driven "custom-tuned" stuff and pfsense's ClamAV who gets its definitions from google, edwin (which updates daily), neo, and sven according to the AV app. Not that I really know who the last three are.

Based off how I setup Snort in pfsense I dont see much of a difference between the two packages when I compared it to the Untangle running in my VM.

 

[VanFanel89]

bump!

 

[dashpuppy]

I vote Untangle. If you could afford the Kaspersky license, do it

 

[DeChache]

As funny as it sounds I run untangle because it runs on top of Debian. It was fun to go in an root around and see what was going on.

 

[Captain Colonoscopy]

If you don't want to do a lot of piddling around then go with Untangle. If you don't mind wrenching around in your firewall and want a more robust feature set then go with Astaro. I've used both extensively in home and business settings and I always end up liking Astaro more. I think Untangle has a better community behind it, so if you're not too savvy you'll get more help on their boards than with Astaro.