Web Filtering Through UntangleIntroduction:Untangle isNGFW/UTMsoftware, bringing together everything your network needs to stay healthy on one box: web content and spam filtering, virus scanning, VPN connectivity, multi-WAN failover capability and much more. We strive to make deployment and administration easy, with a friendly web-based GUI to help you monitor and filter traffic on your network. Untangle provides a suite of applications free of charge with the option of subscribing to additional applications as best suits your organization.Installing Untangle:Untangle installs to the hard drive of a PC,erasing all data on that drive in the process. Please be aware of this before starting the installation. Also note that Untanglerequiresat least twoNICsto be installedbeforeyou start the installation.

Setup Wizard:TheSetup Wizardwill open automatically when Untangle first boots. If you do not have a keyboard/mouse/video connected to the Untangle server, the Setup Wizard can be reached by plugging into a DHCP-configured laptop into the internal interface opening a browser to http://192.168.2.1/.

Setup Wizard - WelcomeThe first screen simply shows the welcome screen of Untangle

Setup Wizard - Step 1 LanguageThe first step has you select the language

Setup Wizard - Step 2 - Configure the ServerThe first step has you set a password for the administrator account for Untangle and select a timezone.

Setup Wizard - Step 3 - Configure the ServerThe third step shows you the network cards.

Setup Wizard - Step 4 - Configure The Internet ConnectionThe fourth step configures your External (WAN) interface.

Setup Wizard - Step 5 - Internal Network InterfaceThe fifth step will configure your "Internal" interface (and DHCP server and NAT configuration.) There are two choices.You can configure the internal interface with private static IP address (ie 192.168.2.1) and enable DHCP serving and NAT (Network Address Translation) so all internal machines will have private addresses and share one public IP. This is commonly referred to asRoutermode.You can also configure the internal interface to be bridged to the external. In this mode the internal interface does not have its own address and is simply shares the External's address. This is commonly referred to asTransparent Bridgemode.

Setup Wizard - Step 6 - Configure Automatic Upgrade SettingsIn the sixth stepAutomatic Upgradesare not configured. You can manually update after completion of installation.

Setup Wizard - FinishedThat's it!

Untangle TerminalIP check

About Web FilterWeb Filter monitors HTTP traffic on your network to monitor user behavior and block inappropriate content. Web Filter also appeals to customers who require an added level of protection or are subject to regulations, for example Web Filter helps libraries comply with the Children's Internet Protection Act. Need to block Pornography or Hate Speech on your network? Web Filter is your answer.Some users may be familiar withWeb Filter Lite. Web Filter improves upon Web Filter Litein the following areas: Real-time classification and updates: When your users visit a site, Untangle sends the URL to thecloudto be categorized. When the data is returned, Untangle keeps a temporary local cache of the site and category to speed up the process the next time the URL is requested. This data is then used to block or allow users access to the site they have requested, all without any appreciable increase in load time. If a site is not categorized upon request, it is autocategorized by our partners atzVeloand put into a queue to be verified by a human. Because this is done dynamically, new sites and updated URLs are allowed or blocked according to your settings without additional intervention, plus you have the option of requestingrecategorizationof sites. HTTPS Filtering: Web Filter has multiple techniques to deal with HTTPS, SSL-encrypted HTTP. HTTPS traffic is encrypted so only some information is visible and this information is used to categorize the session. More information on how this is down below. Detailed categorization: Web Filter offers over 140 categories and over 450 million categorized sites. The Web Filter database is over 100 times larger and more accurate. With over 10 times the number of categories it also has better granularity. The abundance of categories means that you can narrow your scope - maybe you want to block websites related to Sex, but allow sites dealing with Sexual Education or Pregnancy. With Web Filter Lite you would have to block 'Pornography' category and allow any specifics sites through, while with Web Filter you could set the separate categories appropriately and not worry about manually unblocking anything. Additional features: Youtube for Schools support, the ability to force SafeSearch on search engines that support it, and more!

SettingsThis section reviews the different settings and configuration options available for Web Filter.Block CategoriesBlock Categories allows you to customize which categories of sites will be blocked or flagged. Categories that are blocked will display a block page to the user; categories that are flagged will allow the user to access the site, but will be silently flagged as a violation for event logs andReports. These block/flag actions operate the same way for all of the different Web Filter options.

Site LookupSite Lookup allows you to find the categorization of a URL. Clicking it brings up a dialog. InSite URLspecify the URL to find and clickSearchto find the URL's categorization.If you feel the current categorization is incorrect, checkSuggest a different category, select a new category from the list, and clickSuggestto submit the category change for consideration.NOTE: This is only a suggestion and may not be accepted. If accepted it may take a few days to become active.Block SitesUnder Blocked Sites you can add individual domain names you want to be blocked or flagged - just enter the domain name (e.g. youtube.com) and specify your chosen action. This list usesURL Matchersyntax.

Block File TypesThe Block File Types section allows you to block files by file extension - just select (or add) your chosen file extension, check your preferred action, and save. This list usesGlob Matchersyntax.

Block MIME TypesThe Block MIME Types section allows you to block files by MIME types - just select (or add) your chosen file extension, check your preferred action, and save. This list usesGlob Matchersyntax.

Pass SitesPass Sites is used to pass content that would have otherwise been blocked. This can be useful for "unblocking" sites that you don't want blocked according to block settings. Any domains you add to the Passed Sites list will be allowed, even if blocked by category or by individual URL - just add the domain and save. Unchecking the pass option will allow the site to be blocked as if the entry was not present. This list usesURL Matchersyntax.

About Policy ManagerPolicy Manager is one of Untangle's most powerful features. It works by allowing you to create virtualRacks, much like a traditionalserver rack. Like server racks, Untangle's virtual racks can contain multiple devices (applications) that perform different functions on network traffic, such as filtering web content or filtering spam. Policy Manager allows you to create policy rules that send traffic to different racks, which can contain multiple, independently configured applications. These features enable you to: Set up multiple racks for different user groups, such as Teachers, Administrative Staff and Students. Choose what applications are running in each rack (students may not need spam filtering, for example). Configure applications in separate racks independently (e.g. Student web traffic being more restricted than Teacher web traffic). Configure multiple applications in separate racks simultaneously using theParent Racksystem.This allows you to "copy" the configuration ofsomeapplications from another rack, but not others - this makes doing things such as having differentWeb Filtersettings across racks, but keeping the configuration of all other applications identical across racks. There is not usually a need to modify settings for applications likeVirus BlockerorSpam Blockerbetween different user groups, however if it is necessary it only takes a few clicks.