Eliminate annoying advertisements and decrease page load times with Ad Blocker. Ad Blocker lets you easily block ads at the gateway without installing browser plugins. Prevent malware and scam links through banner ads while reducing traffic on the network.
Application Control performs deep packet (DPI) and deep flow (DFI) inspection of network traffic, enabling it to accurately identify thousands of common applications such as social networking, P2P, instant messaging, video streaming, file sharing, enterprise applications and much more. Simply check “block” for anything you want to stop, and Application Control will take care of the rest. If you need a higher degree of control, you can use the Integrated Rules Engine to create custom rules to target more complex traffic patterns.
Just as Application Control manages access based on the application type, Web Filter manages access based on the type of content on the site. If you combine Web Filter and Policy Manager, you can enable more flexible access based upon user groups (e.g. teachers versus students) and during different times (lunch time or weekends). For example, you might allow teachers to access social networks any time, but students can only access them during lunch break or after school. Setting up and managing filter rules is quick, easy and effective with Web Filter.
SSL Inspector creates a specialized certificate on each client. This certificate communicates directly with the gateway which is then able to decrypt HTTPS and SMTP traffic, process, and re-encrypt it on the fly all from within the firewall without ever exposing the decrypted traffic to the network. This enables HTTPS traffic to be inspected in the same way as regular HTTP traffic, meaning that all firewall apps and their rules can be applied.
Drawing the line that separates internal and external networks, Firewall filters traffic based on IP address, protocol and port, which enables administrators to designate which systems and services (HTTP, FTP, etc.) are publicly available.
Intrusion Prevention blocks hacking attempts before they reach internal servers and desktops. The pre-configured signature-based IPS makes it easier for administrators to provide 24/7 network protection from hackers. It minimizes annoying false positives and ensures that signatures are always current with automatic updates.
Identity thieves are becoming increasingly sophisticated with email and website spoofs that are nearly impossible to discern from the real thing. Phish Blocker protects users from email phishing attacks and fraudulent pharming websites.
Threat Prevention app adds an additional layer of insight and security for users. Threat Prevention scans IP addresses, blocking or granting access to web and application-based content after a complete analysis of the IP address reputation.
Don’t wait until viruses infect your devices—block them at the gateway. Modern malware threats target servers, appliances, laptops, tablets, and even mobile phones. While it is important that all of these devices have end-point protection—with the latest versions of software and virus signatures—you may struggle with control over these devices as they connect off-site to unsecured networks, then return to your network with malware onboard. You need a first line of defence.
Recreational apps and websites (video, streaming media, gaming, file sharing) can suck up available bandwidth, bringing your network performance to a crawl. Bandwidth Control puts you in charge of your bandwidth allocation. It starts with tracking and monitoring bandwidth usage, enabling you to pinpoint the problem applications, websites or users. Combine Bandwidth Control with Policy Manager to define different actions based on policies (user, group, time of day, etc.).
As your bandwidth demands grow beyond a single commodity connection, pushing you to explore dedicated circuits, WAN Balancer will quickly pay for itself by enabling you to grow incrementally with additional commodity Internet connections, creating a “single virtual” Internet connection that delivers the throughput you need at a far better cost.
No ISP is foolproof, they all have planned and unplanned downtime. That’s why we recommend using multiple ISPs and WAN Failover. WAN Failover tests your Internet connections, and when one slows or fails, it can reroute network traffic over the remaining connections, maximizing your uptime. WAN Failover also logs all downtime for each connection, arming you with the evidence you need to hold your ISPs accountable.
Internet users download the same web elements (images, page headers, embedded content, text, etc.) over and over again; Web Cache speeds browsing performance by caching these static elements and serving them locally. Web browsers all use local web caches to accelerate browsing performance. Web Cache applies this same principle across your network, enabling cached elements to be shared by all Internet users on your network. Reduced bandwidth is nice, but faster page loading—resulting in happier users—is the real reason you should use Web Cache.
Leverage the power of your directory service to provide you with more granular policy creation, management and reporting. If you use Microsoft Active Directory, RADIUS or the in-built Local Directory, Directory Connector dramatically simplifies and enhances the value of Policy Manager. Policy Manager inherits user and group information, enabling simplified management and greatly enriched logging and reporting.
You might choose to allow your employees to access games or shop online only during lunch time, after hours or on the weekends. Or you can allow students to check their social networks during their lunch break. Policy Manager enables you to easily fine-tune time and calendar-based policies.
The dashboard is a new way to look at the data available in the Reports app, as well as acting as a single pane of glass providing security alerts and insight into system performance. The Reports app provides administrators with detailed views of the traffic on their networks. These reports can be automatically emailed, viewed online, or broken down into CSVs for archiving locally
Captive Portal allows administrators to block Internet access for users until they complete a defined process. With Captive Portal you can require users to view or accept an Acceptable Use Policy before accessing the Internet (e.g. public WiFi). You can also configure Captive Portal to be displayed only at certain times.
In a mobile or remote environment, IPsec VPN protects both your users and your network by applying the same protections they would get if they were hardwired into the network.
OpenVPN enables administrators to provide secure remote access to the internal network to remote users and sites. You can generate custom certs for each client, and easily distribute pre-configured client software via email.
Tunnel VPN is the easiest way to create a persistent, secure connection between your Firewall and a remote network. You can easily set up and manage a variety of network scenarios for a range of uses.
Working remotely is common practice and considered essential for most organizations to support, but it can create serious risks and headaches for network administrators and users. If users access the Internet directly through an unknown or open network like public Wi-FI, they may be exposing your network, systems, and databases to Wi-Fi hackers, viruses, and more. WireGuardⓇ VPN solves that by routing them through Untangle, where all of the same in-office network policies and protections are provided via a fast yet secure encrypted tunnel directly between your network and the user.