When it comes to firewalls and UTM appliances, I have tried many of them over the years. However, a goto product that I have relied on for many different types and sizes of environments is Untangle. The product is super easy to download, install, and configure. Also, with each new release, they keep adding many great new features into the platform that provide many new capabilities. Recently, Untangle announced the GA release of the NG Firewall 16 release that now includes another great option for VPN. Let’s take a look at Untangle 16 new features including WireGuard VPN and see what this brings to the table.
Despite the ease and simplicity of the Untangle solution, don’t let this fool you. It provides enterprise-class firewall and UTM features that are often only found in many of the very high-end firewall appliances from other vendors at a premium price. Aside from the capabilities, Untangle has crafted and continually perfected the virtual appliance offering that allows you to easily download, provision, and start using Untangle in your environment within minutes of the download.
They provide a native OVA appliance download for VMware environments that allows easily getting up and running in vSphere. This is primarily the option I have used in different environments. However, you can choose to install the solution in a “bare-metal” VM if you prefer, or on an actual whitebox, baremetal device.
Untangle also offers native hardware appliances that are built specifically for the distro. These are called zSeries Hardware Appliances. The great thing about these is if you are looking for a physical device to run your Untangle installation, these are already built out and sized according to the number of users it will protect. This takes some of the guesswork out of the equation when compared to building hardware yourself.
Untangle provides a “virtual rack” concept to the interface that allows you to add and remove modules much like you would add a piece of rack gear that would process your network traffic. Each of these modules provide a certain functionality to the Untangle processing chain. Examples of modules include: firewall, web filter, intrusion prevention, virus scan, and VPN. Each of these that you activate will enable the virtual rack module in the interface that you can configure and enable for processing traffic.
All of these features I think really make the product super easy and intuitive for network admins and even those that have very little experience with networking or firewalls in general. So, it helps to cover the bases across a wide range of environments and personnel that will be supporting them.
Untangle 16 New Features Including WireGuard VPN
The new Untangle 16 release is certainly focused around bolstering the Untangle VPN solutions. There has been a lot of work done around the core VPN features contained in the product, including the introduction of WireGuard VPN as a new VPN offering in the product for both remote users and sites using the WireGuard VPN protocol.
Why are VPN features especially relevant right now? With the state of the increased remote workforce due to the global pandemic, organizations are heavily relying on VPN technologies among others to maintain business-continuity and connectivity between remote workers and the corporate office.
Why WireGuard for VPN? WireGuard provides a state-of-the-art cryptography suite for securing user networks. It is extremely fast and performant. On top of the performance of the protocol, it is designed for simplicity and ease-of-implementation. To setup a simple site-to-site configuration, you simply copy and paste keys between servers.
In addition to the performance of the solution, WireGuard provides superior connectivity when compared with other VPN solutions. it allows maintaining a secure connection, even when the device changes network connections. An example of this would be a mobile device that is currently connected to WiFi and then connects to LTE.
What other improved VPN features are found in Untangle 16? There have been IPsec VPN and OpenVPN improvements with this release. Untangle NGFW 16 improves the user experience and employee productivity by increasing the speed of VPN connections while reducing VPN connection disruptions.
Additional Untangle 16 New Features
There are also other great new features found in this release, including:
- UEFI Support – With UEFI Support, administrators have greater selection of newer hardware appliances on which to deploy the Untangle NGFW appliance
- Threat Prevention App – Improvements to the Threat Prevention app provide new settings to customize the app behavior and to monitor the app activity
- General Updates – Untangle 16 brings about improvements to system performance, disk maangement, and SSL certificate handling
Untangle 16 WireGuard VPN Settings
Below, I wanted to showcase a few of the new details of the WireGuard VPN module that has been added in Untangle 16. Below, you can see the Settings for the new WireGuard VPN tunne.. You can specify the port, DNS server, local networks you want to present, as well as Peer IP Address Pool to name a few.
Adding a remote WireGuard tunnel to your local Untangle 16 appliance is straightforward. You simply need to know the Remote Public Key as well as the remote Peer IP address for adding the remote WireGuard VPN appliance.
As mentioned by Untangle, this makes the configuration of a remote site a simple copy and paste process. Once you have pasted in the remote public key and other details, you can add the tunnel.
Untangle 16 New Features Including WireGuard VPN allows having even more options for configuring VPN connectivity for remote workers. The Untangle NGFW solution keeps getting more and more powerful. It is well-suited to any number of environments and provides very powerful features for securing your environment, including remote connectivity features.
To learn more about Untangle and download a fully-featured trial version of the product, visit Untangle here.