Local Network Security
Manage internet access and increase efficiency within your business, set policies by user, group, device, time and more. See who's doing what when accessing your network. Restrict access to websites and specific devices, such as personal mobile phones.
Protect your system with a powerful solution consisting of: firewall, virus , spam and phish blocker.
4 Main features
02. Filter
Block porn, gambling, videos, social networks, shopping sites and other inappropriate content or applications.
Get a handle on every rogue application, encrypted web request, malware distribution point, drive-by malvertising attempt, and rash of spam. Cloudsis puts you in control of what your users can access, install and use.
03. Connect
Tackle the challenges of a remote workforce, branch offices and guest Wi-Fi
Block internet access for users until they complete a defined process. Create a persistent, secure connection between your Firewall and a remote network. Securely extend your network to remote users, or knit together branch offices into a single virtual network.
04. Analysis
Detailed views of the traffic on their networks.
Drill down into any aspect of the traffic on your network. See who’s doing what when on your network. Set policies by user, group, device, time and more. Get complete visibility and control over traffic. Create alert rules to stay on top of threats, policy breaches, system status and more.
01. Firewall & Security
Untangle NG Firewall is designed to balance performance and protection, policy and productivity. It’s an ideal fit for a range of organizations seeking a powerful, cost-effective network security solution that can handle any IT challenge: from small, remote offices to diverse school campuses and largely, distributed organizations.
Firewal Security
NG Firewall gives you more protection at the gateway in a single solution - saving you time and money. Tackle malware, hacking attempts, phishing schemes and other exploits before they ever reach your users.
Drawing the line that separates internal and external networks, Firewall filters traffic based on IP address, protocol and port, which enables administrators to designate which systems and services (HTTP, FTP, etc.) are publicly available.
Firewall can be run as a transparent bridge to complement pre-existing firewall and allows you to control inbound and/or outbound access to specifics IPs and ports.
Spam blocker
80% of all email are either spam, phishing or email fraud, causing each of your users to waste an average of 100 hours per year cleaning out their inbox. For even a single user, Spam Filter quickly pays for itself in reclaimed productivity, not to mention reduced frustration and actual financial losses. Arm yourself and fend off the criminals who are clogging your inboxes and wasting your time.
NG Firewall sits between the Internet and your mail server, filtering and quarantining fraudulent email—spam, phishing and email fraud—preventing it from reaching your users. Its smart analysis delivers a catch rate of 99.5% while minimizing false positives. Spammers constantly adjust their content and tactics to evade spam blockers. Spam Blocker is updated in real-time to keep you one step ahead of spammers. Quarantine is automatic and maintenance-free.
Intrusion Prevention
Intrusion Prevention blocks hacking attempts before they reach internal servers and desktops. Untangle’s pre-configured signature-based IPS makes it easier for administrators to provide 24/7 network protection from hackers.
It minimizes annoying false positives and ensures that signatures are always current with automatic updates. With an easy-to-use setup wizard allowing simple configuration of rules specific to each environment, Intrusion Prevention provides flexible control. Over 34,000 signature detections, including heuristic signatures for port scans, enable you to effectively monitor and block most suspicious requests.
Phish Blocker
Identity thieves are becoming increasingly sophisticated with email and website spoofs that are nearly impossible to discern from the real thing. Phish Blocker protects users from email phishing attacks and fraudulent pharming websites.
Protection for multiple protocols, including HTTP and SMTP, ensure that signatures are always current with automatic updates.
Virus Blocker
Don’t wait until viruses infect your devices—block them at the gateway. Modern malware threats target servers, appliances, laptops, tablets, even mobile phones. While it is important that all of these devices have end-point protection—with the latest versions of software and virus signatures—you may struggle with control over these devices as they connect offsite to unsecured networks, then return to your network with malware on board. You need a first line of defense.
Hackers are working tirelessly to develop malware that they let loose on the Internet. That’s why you need a team of anti-malware experts working around the clock to defend you against the latest threats. Virus Blocker leverages signatures from Bitdefender, the leader in speed and efficacy, whose threat lab experts work 24-hours a day, 365-days a year to identify emerging threats. Heuristic models provide an additional layer of protection against zero-day threats, and real-time updates with no system downtime ensure that your network is always protected. Identifies and blocks zero-day threats, viruses, worms, Trojan horses, botnets, unknown malware, and new infections.
02. Filter
Get a handle on every rogue application, encrypted web request, malware distribution point, drive-by malvertising attempt, and rash of spam. Cloudsis puts you in control of what your users can access, install and use.
Web filter
Allowing access to inappropriate content can reduce productivity, create distractions or even lead to legal action. Web Filter is a fast, easy, and effective way to ensure that your users are not abusing your network use policies.
Block porn, gambling, videos, social networks, shopping sites and other inappropriate content or applications from entering your network. If users turn off safe search, you can have Web Filter turn it right back on, automatically. Just as Application Control manages access based on the application type, Web Filter manages access based on the type of content on the site.
There are more than 1 billion websites on the Internet, so how can you realistically evaluate each one to filter out offensive or inappropriate content? No worries, we do that for you! We combine Web Filter and Policy Manager, to enable more flexible access based upon user groups (e.g. teachers versus students) and during different times (lunch time or weekends). For example, you might allow teachers to access social networks any time, but students can only access them during lunch break or after school. Setting up and managing filter rules is quick, easy and effective with Web Filter.
Application Control
Do you have a handle on your network traffic? If you’re only choosing to block or allow websites by URL, that may not be enough. Today, you need the ability to control traffic at the application level. Enter Application Control.
Application Control helps you wrangle productivity drains, bandwidth hogs and protocol-agile apps used for filter bypass. It works in concert with Web Filter, SSL Inspector, Bandwidth Control and Policy Manager to give you the tools you need to enforce your use policy and see where your bandwidth pounds are being spent. Make sure that your users can access mission-critical, cloud-based apps (like CRM, ERP) while keeping recreational or inappropriate apps off the network.
Application Control performs deep packet (DPI) and deep flow (DFI) inspection of network traffic, enabling it to accurately identify thousands of common applications such as social networking, P2P, instant messaging, video streaming, file sharing, enterprise applications and much more. Simply check “block” for anything you want to stop, and Application Control will take care of the rest. If you need a higher degree of control, you can use the Integrated Rules EngineTM to create custom rules to target more complex traffic patterns.
Web monitor
Web Monitor enables administrators to categorize web site requests, giving them complete visibility to web traffic, creating reports and event logs that help monitor web browsing behavior.
Web Monitor has 140 categories and 500 million sites categorized. As sites are visited, they are dynamically categorized using cloud-based lookups for real-time categorization. Additionally, Web Monitor categorizes HTTPS traffic using SNI and/or any certificate information.
Web Monitor has the best web categorization and analytics available and is perfect for organizations that just need to monitor, not control, web activity.
03. Connectivity & Performance
Untangle NG Firewall is designed to balance performance and protection, policy and productivity. It’s an ideal fit for a range of organizations seeking a powerful, cost-effective network security solution that can handle any IT challenge: from small, remote offices to diverse school campuses to large, distributed organizations.
Wifi Portal
Captive Portal allows administrators to block internet access for users until they complete a defined process. With Captive Portal you can require users to view or accept an Acceptable Use Policy before accessing the internet (e.g. public WiFi). You can also configure Captive Portal to be displayed only at certain times.
Enable custom integrations from acknowledging Acceptable Use Policies (AUP) to accepting payments for wi-fi hotspot access.
Tunnel VPN
Tunnel VPN is the easiest way to create a persistent, secure connection between your Firewall and a remote network. You can easily set up and manage a variety of network scenarios for a range of issues, such as:
-
SD-WAN applications where you wish to connect to a cloud security service
-
Managing many small locations by redirecting all traffic through a central location
-
Privacy or circumventing geographical limitations
Tunnel VPN is powered by a fully featured ruleset, enabling WAN optimizations around which traffic is sent through the tunnel and directed at any given interface, host, subnet, port or other criteria. Like other NG Firewall apps, Tunnel VPN uses Untangle’s leading-edge tagging feature to enable advanced, dynamic routing scenarios based on criteria like.
For example, if a user visits a certain website or uses a certain protocol, like BitTorrent, the host can be tagged and automatically switched to using Tunnel VPN. Once the application usage stops, the tag will expire and the host will automatically switch back to regular routing.
Tunnel VPN features a configuration wizard to enable connections to many privacy VPN providers like another ExpressVPN, NordVPN or even another Cloudsis Firewall. There are also generic options which support most commonly available OpenVPN-based providers.
IPsec VPN
If you want to securely extend your network to remote users, or knit together branch offices into a single virtual network, IPsec VPN is the tool you need. Working remotely—from home, a remote branch, or even a café—is increasingly popular, but it creates serious risks for network administrators and users. These days, users expect access to everything from their phone or laptop, wherever they are. If they access the Internet directly, they are exposed to Wi-Fi hackers, viruses, and more. IPsec VPN solves all of that by routing them through Untangle where all of the same policies and protections are provided via a secure encrypted tunnel directly between your network and the user.
In a mobile or remote environment, IPsec VPN protects both your users and your network by applying the same protections they would get if they were hardwired into the network.
If you have one or more branch offices, IPsec VPN creates an encrypted mesh between them, enabling them to function as a single virtual network. IPsec even interoperates with other firewalls (tested with Cisco, Sophos and SonicWALL devices). Securely extend your network resources to mobile, remote and branch office users today with IPsec VPN.
04. Analysis & Insights
See who’s doing what when on your network. Set policies by user, group, device, time and more. Get complete visibility into and control over traffic.
Reports
The Reports app provides administrators with detailed views of the traffic on their networks. These reports can be automatically emailed, viewed online, or broken down into CSVs for archiving locally or remotely to Google Drive (requires v12+ and Directory Connector). The Reports app runs within NG Firewall and does not require a separate appliance. The email reports are a simple overview of traffic with a breakdown in HTML format, while more granular viewing of the data can be done through a web browser.
Cloudsis Firewall’s reports are database-driven, allowing you to drill down into any aspect of the traffic on your network. The reports are fully dynamic, interactive, and customizable. Slice and dice based on hosts, users, policies, domain, or literally any column on any table. Additionally, the Reports app enables you to create alert rules. Alert rules are evaluated on all events logged in the database and will log and/or email the administrator when a given condition is met. This enables administrators to stay on top of threats, policy breaches, system status and more.
Reports has an new templating system that allows administrators to build a custom overview of all their favorite reports to be sent via a scheduled email. The template can include any report entry, including custom ones––text or graphical!
Policy Manager
Define and manage network privileges based on username, groups, time, day, protocol and much more. Policy Manager works with other apps to help you create rules that leverage the full power of NG Firewall’s features.
User-Based Rights: Personalize access based on IP address or group. Combine Policy Manager with Directory Connector, and give have access to social media to teachers, but not students. Combine Policy Manager with Web Filter and you can filter anything remotely offensive for visitors, while authenticated users have more liberal access.
Time-Based Rights: You might choose to allow your employees to access games or shop online only during lunch time, after hours or on the weekends. Or you can allow students to check their social networks during their lunch break. Policy Manager enables you to easily fine-tune time and calendar-based policies. Policy Manager makes Bandwidth Control better too. You might choose to remove bandwidth caps after-hours, when business-critical functions won’t be impacted.
Why do I need Network Security?
IoT, Internet of things
With the proliferation of IoT, internet of things devices, the attack surface for hackers has increased massively. Traditional antivirus software was designed on the assumption that there were just a few operating systems. Now, because of IoT, there are thousands. Network security tools are becoming increasingly necessary in a world where everything - from lamp-posts to lawn sensors - is becoming Internet-enabled.
How many unsecured devices are connected to your network?
These include security cameras, elevators and seemingly innocuous gadgets such as tills, printers or power supplies among others. Businesses typically underestimate by 30% to 40% how many devices are linked to their network. These unidentified devices could definitely have been access points for hackers who could have then found how to control critical assets on your network. Once they have accesS hackers could steal sensitive data, encrypt it, then demand a ransom for its safe return.
Even if you work in the cloud your local network may be at risk.
Cloud providers have normally thousands of security controls governing its services that are periodically updated to tackle new threats. Data is also protected through encryption and sharding.
Does this mean that your company is safe? The answer is no. Your local network is still at risk, and it is vital to protect it and analyse the behaviour of all the connected devices to detect possible anomalies.
GDPR implications
According to the new General Data Protection Regulation, as a Data Processor, you will have to safeguard data and ensure data resilience to a high standard. You must have a cyber resilience strategy in place to reduce the risk of data breaches. It should include enterprise-grade tools as robust firewalls, anti-malware/virus tools and monitoring against hacking and staff visiting suspicious phishing websites. If you fail to comply with the Regulation you could find yourself being fined up to €20 million or 4% of your company’s global annual turnover, whichever figure is larger, and your reputation could be seriously damaged.