Web Filter FAQs
From UntangleWiki
Top Questions
Is Untangle for Home or Business Use?
Untangle is great for businesses and small home office networks. However, Untangle does require its own dedicated server. Untangle takes over the computer that it is installed on so it is not a good fit for home where an extra computer is not available. Click here for hardware requirements.
How does Untangle Web Filter work?
Untangle Web Filter transparently scans HTTP traffic in order to block or log specific activity. Websites can be blocked or logged based on content category (porn, gambling, social networking, etc.), specific url (MySpace, YouTube, ESPN, etc.), MIME Type or File Extension (.exe, .mp3, .avi, etc..)
What is the Untangle Platform?
Untangle is a platform for deploying network based applications. The platform unites these applications around a common GUI, database and reporting. Applications on the Untangle platform inspect network traffic simultaneously, which greatly reduces the resource requirements of each individual application. The Untangle platform currently supports the following open source applications:
- Web Filter
- Spam Blocker
- Spyware Blocker
- Virus Blocker
- Attack Blocker
- Phish Blocker
- Protocol Control
- OpenVPN
- Intrusion Prevention
- Firewall
- Router
- Untangle Reports
These applications are available in the Professional Package add on:
- Remote Access Portal
- Configuration Backup
Who is Untangle?
Untangle is changing the way small businesses get the information technology they need. Untangle’s solutions today – which focus on network security, safe messaging, and control of web usage – enable businesses with fewer than 300 employees to “untangle” their IT infrastructure. Future Untangle solutions will continue to innovate on network security and control, and will also expand into adjacent areas that increase business productivity. Untangle is based in San Mateo, California, and are backed by venture capital firms CMEA Ventures and Rustic Canyon Partners.
Product Questions
Can I unblock websites that are appropriate for my business but are listed in inappropriate content categories?
Yes, any website can be placed on a “Pass List” by URL to override blocklisting when it is also in a content category “Block List.” This is particularly useful in industries like healthcare where legitimate medical or drug-related research could require access to sites that have been miscategorized in category block lists (usually pornography or drug content).
Why do category or URL-based blocks/unblocks not go into effect immediately?
Whenever the status of a block changes, there are associated delays before the change is visible. Details about the delays are as follows:
Blocks based on Category
Catgeory blocking is driven by a database that is part of the Untangle system. The database is downloaded and initialized when the system is created, and is updated whenever the Untangle administrator requests that a catgeory change status from blocked to unblocked (or vice versa). Additionally, this occurs every six hours. This assures that your category database is up to date at all times. This change causes the database contents to be deleted and reloaded from scratch, resulting in a delay of approximately five minutes before requested changes take effect. In future releases, only database changes will be downloaded and installed, so changes will be instantaneous.
Blocks based on a specific URL
When a specific URL is added or removed from either the Block List or Pass List, there are also delays. These are related to the "lifespan" of a web page (as defined by the web server which transmits the page), and the cache settings of the user's browser. You have no control over the page lifespan, but your browser may allow to you shorten and/or eliminate the use of browser caching. If your browser cannot use the cache, it cannot load a copy of the requested page from its cache, so blocks would immediately occur. Also, testing a block on a web page that is currently loaded causes confusion (unless caching is turned off) because the page will still load.
My users complained that they cannot connect to somesite.com, and it keeps showing up in my Event Log as blocked. How can I stop somesite.com from being blocked?
You can add a rule to the Pass List for somesite.com, as described in Blocking Web content for Specific Websites.
Why am I not getting all of the content for a web site on my Pass List?
It's common for a web site to display links, banners and content from other web sites as part of their web pages. There are two easy methods to re-integrate the content while maintaining your access controls.
- METHOD #1 (preferred)
- Access the Web Content Control Event Log, and either Refresh the list or set it to Auto-Refresh.
- In your browser, access the web site that has missing content -or- the page on that web site that is missing content.
- Check the Web Content Control Event Log again, and refresh if necessary. Web sites whose content is missing will be shown at the top of the list.
- Access the Web Content Control Pass List, and add the URL(s) that appeared in the event log. Remember to click Save.
- Access the web site (or the specific page) again. The content should now be present.
- METHOD #2
- In your browser, access the web site that has missing content -or- the page on that web site that is missing content.
- Right-click in your browser and select View Source in Internet Explorer or View Page Source in Firefox. PLEASE NOTE that the source of the web page may be very lengthy and/or difficult to read. ALSO, embedded Java, Flash, Shockwave may pull content from elsewhere and those sites will not be available to be listed as part of the page source.
- Access the Web Content Control Pass List, and add URL(s) that appeared in page source. Remember to click Save.
- Access the web site (or the specific page) again. The content will hopefully be present.
Can I grant privileged access to some users while still blocking sites for everyone else?
Yes, individual policies can be created for adminstrators, executives or any other user that requires unique Internet access to complete their job.
We run a hotel, where employees are not permitted to browse to inappropriate content yet guests using a public Internet terminal are not restricted. How can we handle this situation?
Configure the web filter policies as you would for employees. Then, create a pass list to exempt guests. For more information, go to Unblocking Web content for Specific Users.
Can I create time based policies to let user access personal sites during lunch?
Yes, policies can be created to allow access to blocked sites such as webmail or social networking during break or off-peak network usage hours.
Can Untangle Web Filter help me block video and music file formats?
Yes, Untangle Web Filter can block numerous types of file format including audio and video files such as mp3, wmf, wav, avi, mpg and mov.
Can Untangle Web Filter help me protect my network from potentially malicious file types like executables?
Yes, Untangle Web Filter can block numerous file types including executables such as exe, ocx, bin, dll, cab, bin, and com.
Why block both MIME Type and File Extension?
In an ideal world, both pieces of information would always be present for every web request. However, some sites use incorrect content types or extensions. Also, the behavior of operating systems (Windows vs. Mac) is different when given only file extension or content type. To be safe, both lists should be used.
Does Untangle Web Filter block IM, peer-2-peer, or gaming protocols like World of Warcraft?
Untangle Web Filter does not block protocols that can “hop ports.” However, Protocol Control, another module that runs the Untangle platform, does block “port hopping” traffic and comes preconfigured with dozens of signatures that block popular IM clients, games like World Warcraft and peer-2-peer applications like BitTorrent.
What Kind of Reporting Does Untangle Offer?
Untangle Web Filter provides network and user based reporting. The reports show high level trends like peak network usage hours and also drill-down into user level incidents for activity monitoring.
Does Untangle Use Blocklists?
Yes, Untangle uses Urlblacklist.com. However, we have found that false positives make these blocklists insufficient on their own. Thus, we manually inspect all blocklists before updating Untangle content categories.
Can I get a list of all sites visited?
Untangle Reports does not contain a report of all sites visited because of browser-based size limitations. However, the data on all sites visited is in the database and can be retrieved by using the following command:
echo "select n_http_evt_req.time_stamp as date,c_client_addr as client,host,uri from n_http_evt_req join n_http_req_line on n_http_evt_req.request_id = n_http_req_line.request_id join pl_endp on n_http_req_line.pl_endp_id = pl_endp.event_id order by date desc" | psql -U postgres uvm
WARNING: schema is subject to change without notice
Technical Questions
What are Untangle’s hardware requirements?
Untangle’s Verified Configurations are:
| Resource | Up to 50 Users | Up to 100 Users | Up to 300 Users |
|---|---|---|---|
| Intel/AMD-compatible Processor | 800 MHz | 1.2 GHz | 1.6 GHz |
| Memory | 512 MB | 1 GB | 2 GB |
| Hard Drive | 20 GB | 30 GB | 40 GB |
| NIC's | 2 (3 for DMZ) | 2 (3 for DMZ) | 2 (3 for DMZ) |
Untangle's recommended configurations are:
| Resource | Up to 50 Users | Up to 100 Users | Up to 300 Users |
|---|---|---|---|
| Intel/AMD-compatible Processor | Pentium 4 equivalent or greater | Dual Core | Dual Core |
| Memory | 1 GB | 1 GB | 2 GB |
| Hard Drive | 80 GB | 80 GB | 80 GB |
| NIC's | 2 (3 for DMZ) | 2 (3 for DMZ) | 2 (3 for DMZ) |
- More hardware information can be found here.
Is Untangle for Desktops or Servers?
Untangle does NOT run on desktop computers. Untangle is a server and it requires dedicated hardware. Transitioning a desktop into an Untangle server is easy and inexpensive. However, upon installation, Untangle will erase the previous operating system and applications in order to take over the computer.
Where does Untangle sit on the network?
Untangle sits at the network gateway in between the local area network (LAN) and the Internet. Untangle can be configured to in two ways:
- Transparent bridge mode to work with an existing router or firewall
- Untangle can be configured to act as a router and firewall itself
Does Untangle use open source software?
Yes, Untangle uses several open source projects. Untangle seeks to offer the best technology in each of its modules, whether or not that requires writing proprietary code or working with existing open source projects to combine the best features from multiple projects, add missing features or simply optimizing them for the Untangle platform. The Untangle platform itself is a proprietary technology that was developed internally.
Is Untangle hardware or software?
Untangle is a software platform that can be installed on standard Intel-compatible hardware. Minimum hardware requirements can be found here. Untangle does offer a prepared server for organizations that prefer the convenience of an appliance.
Can I demo a Prepared Server?
Yes, a free prepared server demo is available by filling out this form.
How does Untangle define users for licensing purposes?
A user is defined as a PC on the network. If multiple people use the same PC, it still counts as one user.
Is the product ad supported?
No, Untangle does not display advertising under any circumstances.
Who owns my network data?
You own 100% of your network data.
Is my network data private?
Your network data is 100% private and only viewable by administrators with login credentials.
