Please share with the community what you think needs improvement with Untangle NG Firewall.
What are its weaknesses? What would you like to see changed in a future version?
At this stage, I think the SSL decryption option can be streamlined. I think decryption transparency could be improved because you basically click a button and then you set up one rule-set and that's about it. I've noticed there's a problem on some sites where it doesn't do the proper decryption. I actually had to go through the application control module, and logs to see what was happening, and why some sites could not function, before I could decipher that it was the SSL decryption that was blocking the sites. I would like to see more hands-on configuration in that respect.
The web content filtering needs improvement.
The pricing is not as good as it was some time ago. They've since skipped offering a lot of individual features. In the future, Untangle should offer a web server feature. That's the only application Sophos gave us which Untangle doesn't have.
The hardware can be improved. Now, we're using hardware appliances. In terms of processing power, I think it can actually be improved further, because, in terms of the number of requests, especially if you are using web filtering, the number of requests that should be coming onto the appliance is quite large and it needs a bit more processing power. If the solution included a unified device tracker and management, that would be great. So that we could actually include other endpoints, like our laptops, or mobile devices. We need something to help in terms of mobile device management. I think it's one critical feature which is required by another interface because people are now bringing their own devices to the workplace to get services. I think MDM is quite critical to be included in that.
There quite a number of modules I've not used. For the web filter, I think they can do better especially on the free model. They have a free and a licensed model. If you use the free model, is not that effective. You have to use the commercial module for you to get effective results. Functionality wise, they should try to put more options on some of the modules like web filtering capability. I know it has the capability to block specific IPs but I have not seen the capability to block a specific range of IPs. For example, you want to block a range of between 50 and 100 of an IP, I haven't seen that capability. I believe there are more functionalities which they can improve and prevent for security and management of internet within a corporate environment. For example, I've seen firewalls where, let's say for example there's an infected machine within your network, they give you an alert or automatically block it from your network or mailing system. There're a number of functionalities missing in Untangle. It needs improvement but I believe every solution needs improvement.
It would be much easier if there was a mobile app.
The ability to setup a DDNS for each WAN independently would be a very handy feature.