TechRadar Verdict
Untangle NG Firewall Complete is an affordable firewall and gateway security platform that packs everything any organization might require from a platform of its type, and then some.
Pros
- +
14-day free trial
- +
Lots of apps and features
- +
Easy to use
Cons
- -
Some features can be slightly overwhelming for beginners
Why you can trust TechRadar
NG Firewall Complete is a product by Untangle, an expert provider of comprehensive network security to a variety of users - schools, banks, hospitals, government organizations, non-profits, and others.
The firewall product allows its users to manage their networks and ensure every device is properly protected. To this end, it provides a single, modular platform that aims to grow with the organization it serves.
Through a responsive and intuitive browser-based interface, NG Firewall offers visibility into all the traffic on the network. Additionally, it provides advanced threat protection, VPN connectivity, and application-based shaping for bandwidth optimization - just to name a few.
That said, its most important feature is content or URL filtering. It refers to organizations limiting their employees’ access to specific content based on specific parameters. Traditionally, this method was deployed to prevent staff from visiting certain random websites during office hours which affected their productivity.
A TechRadar choice for top URL Filtering provider
Protect your employees and network from web-based threats with URL Filtering. Track web activity. Create custom filtering rules. Block malicious content. Secure your entire organization with just a few clicks with Perimeter 81. Radically simple. Get started today!
However, URL filtering is now a popular way to protect organizations from malicious individuals or groups acting through harmful websites that employees may access from their office computers. To achieve this, IT administrators use software such as NG Firewall Complete, which compares web traffic against certain databases and blocks content the algorithm recognizes as harmful.
To get a better understanding of how Untangle’s NG Firewall Complete achieves this, we analyzed its security and management features, usability, and its pricing structure. Here’s what we’ve learned.
Security features
NG Firewall Complete features a long list of apps, each with its own purpose in terms of security.
To start off, its open-source Firewall filters traffic based on IP address, port, and protocol.
This allows administrators to block sessions on simple rules and fend off hacking attempts, malware, and phishing schemes.
The pre-configured signature-based Intrusion Prevention tool (also open source) stops hacking attempts in their tracks before they even get a chance to reach your internal servers and desktops. It covers more than 34,000 signature detections, including heuristic signatures for port scans. Automatic updates ensure signatures are current at all times, while an intuitive setup wizard facilitates easy configuration of environment-specific rules, providing the user with flexible control.
Another open-source app is the Phish Blocker which provides defense against increasingly sophisticated email phishing attacks and website spoofs. The app’s SMTP protocol protection provides detailed reports and event logs of each attack and ensures signatures are always current with automatic updates.
An additional security layer, Threat Prevention allows or prevents content access to an IP address after a complete scan based on the Webroot BrightCloud IP Reputation Index. This powerful tool can analyze even encrypted data and block it when necessary.
The Virus Blocker tool stands as the first line of defense against malware threats with a 99.8% detection rate. This includes protection against HTTP, FTP, and SMTP, as well as decompressing archives and compressed files such as RAR, Zip, Gzip, Tar, Bzip2, MS CHM, MS OLE2, MS SZDD, and MS Cabinet Files. The local scan takes place simultaneously with the cloud scan, leveraging Untangle’s cloud platform ScoutIQ.
These are all complemented by an Ad Blocker, Spam Blocker, SSL Inspector, Web Filter, Web Monitor, and Application Control.
To create persistent, secure connections for a remote workforce, guests, and branch offices, Untangle uses a collection of VPN technologies, including WireGuard, Tunnel VPN, OpenVPN, and IPsec.
Management features
NG Firewall Complete provides IT administrators with several highly practical tools to manage their organizations’ networks, security, users, as well as the product itself.
The Captive Portal includes the means to block Internet access to users until they complete a specified procedure, such as acknowledging Acceptable Use Policies (AUP). It also facilitates user authentication against Untangle’s Local Directory, RADIUS, or Microsoft Active Directory.
There’s also the Policy Manager that facilitates defining, assigning, and managing network privileges based on specific parameters, such as IP address, group, username, time, protocol, and so on.
The Policy Manager is strengthened with the Directory Connector which connects to multiple Active Directory servers and provides users with straightforward authentication and network access. At the same time, admins get a full overview of all the users.
Finally, the Reports app offers a full view of the network traffic in reports that can be viewed online, emailed automatically, or broken down into .csv files.
Usability
Although Untangle specializes in small and medium businesses, its NG Firewall Complete can be used in a wide array of settings. These can range anywhere from very small family businesses (up to 12 persons) to major conglomerates and governments (unlimited persons).
NG Firewall Complete equips each of its customers with a long list of dedicated apps included in the package, as well as additional ones if they need them. This way, it provides intrusion protection, control, and monitoring across all of the apps, devices, and events on the network, regardless of its size.
It also ensures secure VPN connections for all of the organization’s remote workers, clients, guests, and other allowed entities.
Alternatively, some of the apps and features included in the package can be purchased as standalone versions or in smaller packages. This is handy for an organization that doesn’t require the provider’s entire service.
Pricing
NG Firewall Complete includes a subscription to the entire Untangle app library and starts at an equivalent of $20/month. This covers a three-year subscription ($720 for the entire term) and up to 12 licensed devices. The price increases with the number of required licenses and shorter subscription length. For instance, an annual subscription covering up to 100 devices would cost you $1,890 or $157.5/month.
NG Firewall Complete is available at a discount for nonprofits and the public sector.
Add-ons are available at an additional cost, including System Installation & Configuration Service and System Optimization Service. The Live Support is included free of charge.
You can run NG Firewall Complete on your own hardware, in the public cloud, or as a Virtual Appliance. However, it can also be deployed with an Untangle SD-WAN Router to expand security protocols to branch offices and get a complete overview of the network from the Command Center. The prices of NG Firewall appliances range from $299 (equivalent to a monthly payment of $14) to $3,499 - depending on the client’s specific requirements.
Untangle also offers a 14-day free trial on its NG Firewall Complete product and all its capabilities, after which it reverts to the basic features of the NG Firewall Free.
Final verdict
Untangle NG Firewall Complete is an affordable firewall and gateway security platform that packs everything any organization might require from a platform of its type. These include powerful URL filtering, intrusion and threat prevention, SSL inspection, application control, VPN tools, as well as phishing, virus, spam, and ad blockers - and then some.
Especially important, it provides enough ease of use and intuitiveness for an IT department and users in an organization of any size.
And all this is accompanied by free-of-charge live customer support, if you happen to get stuck with anything.
If all the features and capabilities included in the Complete package feel too much for your organization, then you can take your pick among any of the smaller packages and standalone options.
If you’re still not convinced of the platform’s capabilities or you’re unsure of what you need, then make sure to take the risk-free free trial. It will allow you to test all the features and make the final decision.
We've also highlighted the best URL filtering and best business VPN
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.