Skip to main content

Untangle NG Firewall Review

John Irwin and Dirk Morris founded Untangle as Metavize, Inc. in 2003. In 2006, Metavize received $10.5 million in venture capital, appointed Bob Walters as CEO, and rebranded as Untangle Inc.

Untangle released the Untangle Gateway Platform as open-source in 2007, allowing them to profit from the many additional apps and upgrades created by the Untangle community.

Untangle has joined Arista Networks in delivering commercial edge threat management assets in 2022.

Arista Networks is a provider of cognitive client-to-cloud networking technologies that provide availability, agility, automation, analytics, and security. Arista's Commercial Market products are supplemented by Untangle's NG Firewall and Micro Edge technologies, as well as the Command Center.

Arista Networks, Inc.'s registered and unregistered trademarks include ARISTA, EOS, CloudVision, CUE, and AVA in jurisdictions worldwide.

Untangle, network software and appliance startups offer firewall and Internet management products that are tailored to the specific requirements of small businesses. Untangle's solutions are easy to implement and administer, with a multi-function firewall at its heart and a suite of supplementary Internet management tools.

Untangle Inc. is a company that creates network software and equipment. The company provides a multi-function firewall as well as Internet control software. Anti-spam, content filtering, antivirus, anti-phishing, anti-spyware, intrusion prevention, firewall, OpenVPN, router, and web cache software are all supported by Untangle.

Untangle's NG Firewall software may be deployed on third-party hardware, as a virtual machine, or as a turnkey appliance.

1. Untangle Security Features

The Untangle NG Firewall platform is meant to function similarly to an app store. Applications, like apps on a smartphone, are modules that add functionality to the NG Firewall platform. Though each app performs a separate function, such as filtering spam or preventing virus infections, all of the applications communicate with one another via NG Firewall's Integrated Rules EngineTM. This enables you to define detailed policies for each sort of traffic, threat, or optimization requirement, regardless of the complexity of your network or business processes. Even better, NG Firewall offers on-board reports that allow you to dig down not only by program, but by the user, group, time of day, and much more. Reports provide access to every dataset accessible in NG Firewall.

Some of the prominent Security features of Untangle's can be listed as:

  • Ad Blocking Software: Remove advertising and improve web page load speeds. Stop tracking cookies to protect user privacy.
  • Captive Portal: When providing guest Wi-Fi, you can manage logins and reduce legal risk. Display a checkbox for Acceptable Use Policies (AUP), an authentication screen, or even incorporate payments.
  • Firewall: Keep your network separate and secure from the Internet. Control is accomplished by the use of an IP address, a protocol, and a port.
  • Intrusion Prevention: Hackers attempt to uncover flaws that they may attack to gain access to, control, and steal from networked systems. To Stop these exploits before they begin IPS feature is available.
  • OpenVPN: Allow approved remote employees safe network access from outside the workplace. Site-to-site and client-to-site connections are supported.
  • Phish Blocker: Semphasized textpam and phishing are inextricably linked. Keep naive, click-happy consumers safe against identity theft and credit card capture schemes.
  • Reports: To monitor your network and its utilization, see who is doing what and when. Drill down into any app or across applications based on user, group, time, and other criteria.
  • VPN tunnel: Make a long-lasting, secure connection to a faraway network. Allows you to dynamically respond and route traffic depending on any taggable event or behavior.
  • Web Monitoring: For enterprises that only need to monitor, rather than regulate, web traffic. In real-time, it categorizes online requests. A web Filter is necessary to regulate web traffic (block, flag).

2. Untangle Usability

Although Untangle focuses on small and medium-sized organizations, its NG Firewall Complete may be utilized in a variety of scenarios. These can range from tiny family companies (up to 12 people) to large multinationals and governments (unlimited persons).

NG Firewall Complete provides its customers with a comprehensive number of specialized apps that are included in the bundle, as well as extra ones if required. It enables intrusion prevention, management, and monitoring across all apps, devices, and events on the network, regardless of size.

Alternatively, some of the featured programs and features may be purchased as standalone versions or in smaller bundles. This is useful for a company that does not require the provider's whole service.

3. Untangle Technical Support

Untangle's an on-staff system and network administrators provide live, US-based technical assistance. The Edge Threat Management tools and their application by our diversified client base are well-understood by the support team.

Edge Threat Management Professional Services are provided by Untangle's skilled U.S.-based technical services team to assist with NG Firewall and Micro Edge installation and setup requirements.

Live Support is available to assist you by phone or email. Monday through Friday, 5:00 a.m. to 5:00 p.m. Pacific Time. In addition, through user forums, the community, including engineers. Untangle also offer documentation in the form of a Knowledge Base.

4. Untangle Visualization Tools

You receive a thorough and visual analysis of real-time data with Untangle NG Firewall. The dashboard displays event logs and alerts you to any unusual network or user activity. You have total control over the network thanks to the visualization. Furthermore, you will not require a new device to check the status.

5. Untangle Policy-based Controls

There's also the Policy Manager, which allows you to define, assign, and manage network rights depending on factors like IP address, group, username, time, protocol, and so on.

The Directory Connector, which connects to numerous Active Directory servers and enables users with simple authentication and network access, strengthens the Policy Manager. At the same time, administrators have a complete picture of all users.

Finally, the Reports app provides a picture of network traffic in reports that may be read online, automatically emailed, or split down into .csv files.

One of Untangle's most popular features is Policy Manager. It works by allowing you to build several policies, which are separate groups of apps configured differently for various use scenarios. Typically, you will set all Untangle programs to service the whole network, but it is sometimes essential to manage traffic for certain users or network devices differently. For example, you may want different Web Filtering for students versus teachers, and you may want no Web Filtering at all for your servers. You might want to use Captive Portal exclusively on the wifi network or for unrecognized devices. You may want to use Application Control to prohibit specific programs, but only at particular times of the day.

In such circumstances, Policy Manager may simplify configuration by allowing numerous sets of programs to be configured independently. The policy Manager enables the establishment of new policies in addition to the "Default Policy." To handle the situations above, the administrator can write a "Student Policy," "Teacher Policy," "After Hours Policy," and "Wireless Network Policy," among other things. Each policy can execute a unique set of programs that are configured individually. Policy Manager Rules may be used to decide which policies manage certain network sessions.

  • Create separate policies for different users, hosts, networks, interfaces, times of day, days of the week, and so on.
  • Choose which applications run in each policy.
  • Using the Parent Policy system, you may configure many programs in distinct policies at the same time.

This enables you to "clone" the configuration of some programs from another policy but not others - for example, having differing Web Filter settings across policies but keeping the configuration of all other applications equal across policies. Changing settings for software like Virus Blocker or Spam Blocker across various user groups is seldom necessary, but if it is, it merely takes a few clicks.

6. Untangle Content Inspection

As a secure online gateway solution, Internet Content Control (ICC) was created primarily for web filtering, bandwidth control, and reporting. All of these features, plus URL categorization, HTTPS inspection for secure connections, application control, better bandwidth and QoS management, malware and intrusion protection, spam and phishing blockers, VPN and captive portal capabilities, and reporting, are available in NG Firewall.

Web Filters aid system administrators in the security of the web and content over the network. You may use Web Filters to design policies that prevent users from accessing social media, retail sites, gambling sites, or any other undesirable information. You can easily customize the rules to allow you to flag or warn of any improper information. Searches on prominent search engines such as Google, Bing, Yahoo, Ask, and Bing may be readily controlled and monitored. Safe search on YouTube may also be enabled in schools, libraries, and organizations.

Allowing unauthorized content access can impede productivity and get you in legal jeopardy. As a result, using Web Filter to provide a secure network where no one may misuse network restrictions is a preferable solution.

7. Untangle Pricing

NG Firewall Complete starts at $20/month and includes a subscription to the entire Untangle app library. This includes a three-year membership ($720 for the duration) and up to 12 licensed devices. The price rises with the number of necessary licenses and the length of the subscription. A yearly subscription(opens in a new tab) covering up to 100 devices, for example, would cost $1,890, or $157.5 each month.

NG Firewall Complete can be operated on your hardware, in the public cloud, or as a Virtual Appliance. However, it may also be used in conjunction with an Untangle SD-WAN Router (opens in a new tab) to extend security protocols to branch offices and obtain a comprehensive network overview from the Command Center. NG Firewall appliances range in price from $299 (corresponding to a monthly payment of $14) to $3,499, depending on the client's unique needs.

What are the Other Features of Untangle Firewall?

NG Firewall Complete covers all premium and free NG Firewall Applications, as well as integrated cloud services products like Command Center and ScoutIQ.

  • WireGuard VPN
  • Threat Prevention
  • Web Filter
  • SSL Inspector
  • Live Support
  • Policy Manager
  • Branding Manager
  • WAN Failover
  • WAN Balancer
  • IPsec VPN
  • Application Control
  • Web Cache
  • Bandwidth Control
  • Virus Blocker
  • Spam Blocker
  • Directory Connector
  • Web Monitor
  • Application Control Lite
  • Virus Blocker Lite
  • Phish Blocker
  • Intrusion Prevention
  • Firewall
  • OpenVPN
  • Reports
  • Spam Blocker Lite
  • Captive Portal
  • Ad Blocker
  • Tunnel VPN

Is There a Free Version of Untangle Firewall Software?

Untangle NG Firewall version 16.0 is free to download. Current Untangle customers will be able to upgrade at no cost. WireGuard VPN App is incorporated with NG Firewall Complete and cannot be purchased separately.

How to Use Untangle Firewall?

Untangle NG Firewall may be deployed in the following ways:

  • A cloud appliance is a virtual appliance that is offered through Amazon Web Services or Microsoft Azure.
  • A virtual appliance intended for VMware installations in private cloud architecture. Command Center is where you may get the virtual and software appliances. The virtual appliance may be downloaded as an OVA file. Installation instructions may be found at Untangle Virtual Appliance on VMware.
  • Hardware Appliance: An Untangle network appliance that comes preconfigured with the NG Firewall.
  • Software Appliance: A portable version of the NG Firewall that can be installed on most x86-based machines. The software appliance is provided as an ISO file that can be imaged to a USB device.

The software appliance approach installs to a device's main storage, wiping out all data on that drive in the process. Please keep this in mind before beginning the installation. Also, before you begin the installation, you must have at least two NICs installed.

Most users install Untangle on the server before connecting it to their network. To achieve this, connect one of your Untangle interfaces to your network as you would any other PC, then launch the installation. This guarantees that Untangle has internet connectivity throughout the installation.

Turn off the server, insert the ISO or USB installer, and restart it. Check that the boot settings are configured to boot from the inserted CD or USB media. Once the Untangle installation has begun, follow the on-screen instructions to finish the installation.

NG Firewall may now be deployed through BIOS or UEFI as of release 16.0. When booting from a CD or USB, the installer identifies whether it was booted through BIOS or UEFI and adjusts the installation procedure appropriately. Check the installer's menu title to see if it was booted through BIOS or UEFI. The installer menu title will be "Untangle installer boot menu" when booted through BIOS. When using UEFI to boot, the installer menu title will be "Untangle UEFI Installer".

During the installation, you may be asked to answer a few questions, such as whether you want to write to the storage device. If you run into problems when installing NG Firewall on your server, consult the Troubleshooting Server Installation section.

When you launch Untangle for the first time, the Setup Wizard will launch immediately. If you do not have a keyboard/mouse/video attached to the Untangle server, you can access the Setup Wizard by inserting a DHCP-configured laptop into the internal interface and navigating to

Once installed, the setup wizard may be accessed via the NG Firewall GUI at Config > System > Support > Setup Wizard.

The Setup Wizard for versions 16.3 and later begins with a welcome page. To get started, you can either create an Untangle account or connect with an existing one. Your Untangle account is free, but it is required to activate a trial or full license on the device. Your account is also linked to Command Center, allowing you to control your Untangle appliances remotely.

When you log in or create an Untangle Account, the Add Appliance wizard appears, which provides the UID of your appliance. The Add Appliance wizard walks you through the remaining stages of configuring your new NG Firewall appliance.

If your NG Firewall device is not connected to the Internet or requires special settings to connect, you can Configure the Internet Connection using the wizard. If you are unable to connect to the Internet, proceed with the local setup process by following these steps: Wizard for Offline Installation.

Installing the appropriate applications and maybe fine-tuning the setup of your Untangle NG Firewall are the following steps.

How to Configure Untangle Firewall?

The main configuration steps of Untangle are as follows:

  1. Account Registration: Untangle will ask you to sign in or create a new account on To install any applications, you must first register, which takes only a few seconds. Whether you sign in with an existing account, the system will look for any unused subscriptions in your account and ask you if you want to apply them to this system. Continue with the instructions below once you've completed the procedure. You may always access your account by going to or choosing My Account in the bottom left-hand corner of the UI.

  2. Install Applications: The User Guide describes how to install programs. Before configuring/tuning the program settings, it is advised that you finish reading this section and have everything working.

  3. Configure Other Subnets: Even when implemented as a Transparent Bridge, Untangle will route all traffic according to its routing table. This implies that Untangle must have a routing table for each subnet on your network. If you have subnets on your network that are not defined in the Setup Wizard, you must configure Untangle to know about them. For example, if you are operating Untangle as a bridge with an address of and a netmask of, but you also have a 192.168.20. network and a 10.0..* network, you must inform Untangle where to access these addresses. There are several ways to do this:

  • In Config > Network > Routes, add a route that tells Untangle how to contact those subnets. If 10.0.. is local on Internal, all you need to do is construct a route to "Local on Internal." If 10.0.. is located behind another router on your network, such as, you must construct a route to transmit all traffic to
  • Create an alias on the relevant interface. Click Edit on the relevant interface in Config > Network > Interface and provide an alias IP address. This informs Untangle that this IP range is local and may be accessed via that interface. It also gives Untangle a local address on those subnets in case any of those customers need to access Untangle through a local IP address.
  • Each subnet on your network must be set up so that Untangle may reach it. To ensure that Untangle can access the defined subnets, use the "Ping Test" option in Config > Network > Troubleshooting.
  1. Configure Other Interfaces: Both the Internal and External interfaces were specified in the setup wizard. If you have more than two interfaces, the third and subsequent interfaces are disabled by default. If you intend to utilize them, they must be set up, and a name that reflects their intended usage is recommended.

Typical applications include:

  • Additional WAN interfaces (if you have multiple internet connections) for failover/balancing: Simply set it up as a WAN interface using the ISP's given parameters. For additional information on failover/balancing, see WAN Failover and WAN Balancer.
  • Other internal networks: Simply set it up as a non-WAN interface with a static internal IP address. If you used on your internal interface, you could use on your third interface. This is helpful on bigger networks, guest networks, wireless networks, and so on.
  • Public segment for public servers (DMZ): If you have servers with public addresses, you may connect them to the extra interface(s) and bridge them to your WAN. Then assign them IP addresses in the same subnet as the WAN interface.
  • Additional NICs for existing networks: If you need more NICs for your internal network, for example, you may bridge the third interface to your internal network and connect extra internal computers to that NIC. This functions similarly to a switch, only that traffic passing through the untangle to reach other internal hosts is checked by the applications.
  • Email: Some Untangle apps and features, such as reports and spam quarantine digests, rely on email transmission. Config > Email is where you set up email sending. By default, an email will be transmitted via DNS MX records, much like a mail server. Some ISPs and networks, however, restrict port 25 to avoid spam, in which case you must install an SMTP relay (and the appropriate authorization credentials if required).
  • Hostname: Config > Network > Hostname allows you to set the hostname (and domain) for the Untangle server.
  • Port Forward Rules: If Untangle is installed as a router and you have internal servers that need to be publicly accessible, you must specify port forward rules to redirect that traffic to the proper server. Config > Network > Port Forward Rules is where you may set up port forwarding rules.
  • Bypass Rules: Untangle, unlike many next-generation firewalls, scans all TCP and UDP traffic on all ports at the application layer by default, except VoIP communication. This is good for most installations, but if you have a really big network (1000s of users), it makes sense to bypass traffic that you are not interested in scanning. Config > Network > Bypass Rules allow you to bypass traffic.
  • Public Address: If you utilize OpenVPN, quarantine, or other publicly available services on Untangle, you might want to modify Untangle's "public address" to communicate the proper URL to distant users. Config > Administration > Public Address is where you may set your public address.
  • External Administration: If you want to be able to administrate Untangle remotely via HTTPS, you must allow HTTPS access on WAN interfaces under the Filter Rules#Input Filter Rules section.

What Are Some Better Alternatives to Untangle Firewall?

Untangle appliances are plug-and-play, with options ranging from quiet, small-footprint desktop devices to data center-ready 2U rackmount servers.

Untangle Command Center is a cloud-based centralized management system that enables you to manage Next-Generation Firewall deployments from any web browser.

While the advantages of Untangle's next-generation firewalls are numerous, many individuals may be looking for alternatives to find a lower price or a more cost-effective option. Fortunately, there are a plethora of fantastic Untangle options that you may use. One of the well-known alternatives to Untangle is Zenarmor.

Zenarmor's lightweight and powerful, appliance-free technology enables enterprises to instantly launch firewalls and quickly secure settings as small as home networks or as large as multi-cloud deployments.

The packet inspection engine is robust enough to protect against encrypted threats while remaining lightweight and agile enough to work in resource-constrained contexts.

Zenarmor's deployment is simple across any network, at any time. On-premises or in the cloud? Whether virtual or bare-metal. Also, it provides a free edition for non-commercial use.

One of the appealing features of Zenarmor is deploying zero-latency security without the need to backhaul data packets between POPs and data centers.

Also, the single-pass architecture used by Zenarmor processes packets only once for all security measures.

Zenarmor's lightweight, appliance-free technology offers business security capabilities such as:

  • L2-L7 Packet Filtering
  • Advanced Network Analytics
  • Policy-based Filtering and QoS
  • Web Filtering and Security
  • Application Control
  • User/Device-based Filtering
  • DNS Security
  • Built-in Full TLS Inspection (*)

Individuals and businesses can use a flexible pricing strategy to choose the plan and subscription model that best suits their needs.

The full list of Untangle's alternatives is as follows;

  1. Zenarmor (Sensei)
  2. Cisco Secure Firewall
  3. Sophos Firewall
  4. Check Point Quantum
  5. Firebox
  6. Barracuda CloudGen Firewall
  7. SonicWall NSA Series
  8. Smoothwall
  9. pfSense Software