Web Filtering Through Untangle

Introduction:
Untangle is NGFW/UTM software, bringing together everything your network needs
to stay healthy on one box: web content and spam filtering, virus scanning, VPN
connectivity, multi-WAN failover capability and much more. We strive to make
deployment and administration easy, with a friendly web-based GUI to help you
monitor and filter traffic on your network. Untangle provides a suite of applications
free of charge with the option of subscribing to additional applications as best suits
your organization.
Installing Untangle:
Untangle installs to the hard drive of a PC, erasing all data on that drive in the
process. Please be aware of this before starting the installation. Also note that
Untangle requires at least two NICs to be installed before you start the installation.
Setup Wizard:
The Setup Wizard will open automatically when Untangle first boots. If you do not
have a keyboard/mouse/video connected to the Untangle server, the Setup Wizard
can be reached by plugging into a DHCP-configured laptop into the internal interface
opening a browser to http://192.168.2.1/.
Setup Wizard - Welcome
The first screen simply shows the welcome screen of Untangle

Setup Wizard - Step 1 Language

The first step has you select the language

Setup Wizard - Step 2 - Configure the Server

The first step has you set a password for the administrator account for Untangle and
select a timezone.

Setup Wizard - Step 3 - Configure the Server

The third step shows you the network cards.

Setup Wizard - Step 4 - Configure The Internet Connection

The fourth step configures your External (WAN) interface.

Setup Wizard - Step 5 - Internal Network Interface

The fifth step will configure your "Internal" interface (and DHCP server and NAT
configuration.) There are two choices.
You can configure the internal interface with private static IP address (ie 192.168.2.1)
and enable DHCP serving and NAT (Network Address Translation) so all internal
machines will have private addresses and share one public IP. This is commonly
referred to as Router mode.
You can also configure the internal interface to be bridged to the external. In this
mode the internal interface does not have its own address and is simply shares the
External's address. This is commonly referred to as Transparent Bridge mode.

Setup Wizard - Step 6 - Configure Automatic Upgrade Settings

In the sixth step Automatic Upgrades are not configured. You can manually update
after completion of installation.

Setup Wizard - Finished

That's it!

Untangle Terminal
IP check

About Web Filter

Web Filter monitors HTTP traffic on your network to monitor user behavior and
block inappropriate content. Web Filter also appeals to customers who require an
added level of protection or are subject to regulations, for example Web Filter helps
libraries comply with the Children's Internet Protection Act. Need to block
Pornography or Hate Speech on your network? Web Filter is your answer.
Some users may be familiar with Web Filter Lite. Web Filter improves upon Web
Filter Lite in the following areas:
Real-time classification and updates: When your users visit a site, Untangle
sends the URL to the cloud to be categorized. When the data is returned, Untangle
keeps a temporary local cache of the site and category to speed up the process the
next time the URL is requested. This data is then used to block or allow users
access to the site they have requested, all without any appreciable increase in load
time. If a site is not categorized upon request, it is autocategorized by our partners
at zVelo and put into a queue to be verified by a human. Because this is done
dynamically, new sites and updated URLs are allowed or blocked according to your
settings without additional intervention, plus you have the option of
requesting recategorization of sites.

HTTPS Filtering: Web Filter has multiple techniques to deal with HTTPS, SSLencrypted HTTP. HTTPS traffic is encrypted so only some information is visible
and this information is used to categorize the session. More information on how
this is down below.
Detailed categorization: Web Filter offers over 140 categories and over 450
million categorized sites. The Web Filter database is over 100 times larger and
more accurate. With over 10 times the number of categories it also has better
granularity. The abundance of categories means that you can narrow your scope maybe you want to block websites related to Sex, but allow sites dealing with
Sexual Education or Pregnancy. With Web Filter Lite you would have to block
'Pornography' category and allow any specifics sites through, while with Web Filter
you could set the separate categories appropriately and not worry about manually
unblocking anything.
Additional features: Youtube for Schools support, the ability to force SafeSearch
on search engines that support it, and more!

Settings

This section reviews the different settings and configuration options available for Web
Filter.
Block Categories
Block Categories allows you to customize which categories of sites will be blocked or
flagged. Categories that are blocked will display a block page to the user; categories
that are flagged will allow the user to access the site, but will be silently flagged as a
violation for event logs andReports. These block/flag actions operate the same way
for all of the different Web Filter options.

Site Lookup
Site Lookup allows you to find the categorization of a URL. Clicking it brings up a
dialog. In Site URL specify the URL to find and click Search to find the URL's
categorization.
If you feel the current categorization is incorrect, check Suggest a different
category, select a new category from the list, and click Suggest to submit the
category change for consideration.
NOTE: This is only a suggestion and may not be accepted. If accepted it may
take a few days to become active.
Block Sites
Under Blocked Sites you can add individual domain names you want to be blocked or
flagged - just enter the domain name (e.g. youtube.com) and specify your chosen
action. This list uses URL Matcher syntax.

Block File Types

The Block File Types section allows you to block files by file extension - just select (or
add) your chosen file extension, check your preferred action, and save. This list
uses Glob Matcher syntax.

Block MIME Types

The Block MIME Types section allows you to block files by MIME types - just select
(or add) your chosen file extension, check your preferred action, and save. This list
uses Glob Matcher syntax.

Pass Sites
Pass Sites is used to pass content that would have otherwise been blocked. This can
be useful for "unblocking" sites that you don't want blocked according to block
settings. Any domains you add to the Passed Sites list will be allowed, even if blocked

by category or by individual URL - just add the domain and save. Unchecking the pass
option will allow the site to be blocked as if the entry was not present. This list
uses URL Matcher syntax.

About Policy Manager

Policy Manager is one of Untangle's most powerful features. It works by allowing you
to create virtual Racks, much like a traditional server rack. Like server racks,
Untangle's virtual racks can contain multiple devices (applications) that perform
different functions on network traffic, such as filtering web content or filtering spam.
Policy Manager allows you to create policy rules that send traffic to different racks,
which can contain multiple, independently configured applications. These features
enable you to:
Set up multiple racks for different user groups, such as Teachers, Administrative
Staff and Students.
Choose what applications are running in each rack (students may not need spam
filtering, for example).
Configure applications in separate racks independently (e.g. Student web traffic
being more restricted than Teacher web traffic).
Configure multiple applications in separate racks simultaneously using the Parent
Rack system.
This allows you to "copy" the configuration of some applications from another
rack, but not others - this makes doing things such as having different Web

Filter settings across racks, but keeping the configuration of all other
applications identical across racks. There is not usually a need to modify
settings for applications like Virus Blocker or Spam Blocker between different
user groups, however if it is necessary it only takes a few clicks.