Getting to know the Untangle NG Firewall Web Filter

Untangle firewall features a web filter to help you keep the worst of the internet off your network. Untangles web filter started from humble beginnings, but has matured greatly over the years and is one of the most effective on the market today. Thanks to the magic of Zvelo, Untangle can block over 450 million web sites in 140 categories, and it can do it in almost 200 different languages.

Like most of Untangle NG Firewall applications, the Web Filter can be found in the revolutionary rack style user interface.
untangle firewall user interface

Digging into the settings of the Untangle NG Firewall web filter, you can see the first tab is the block categories.
untangle web filter settings

Block categories work on three different actions, which are block, flag, or both block and flag.
Untangle NG Firewall web filter block setting

Blocking a category will prevent any website included in the selected category from loading, and will instead present the user with a block page.

 Untangle firewall web filter block alert

Flagging a category will not block any websites included in that category, but will instead log the visit in the Untangle firewall reports for that day and week. The flag action lets you see if users are visiting websites without directly affecting their session.
Untangle firewall web filter flag setting

Block and log is the most common Untangle Firewall web filter setting used by administrators. The block and log action both blocks the page and puts an entry into the Untangle NG Firewall reports for that day and week.
Untangle web filter block and flag setting

The next tab in the Untangle web filter settings is the block sites tab. This tab allows you to block a specific site without having to block the entire category. Simply enter a new rule to block a site, say for giggles.com.
Untangle web filter block sites setting

And ta-da, no giggling at work.

 

The next tab in the Untangle firewall web filter settings page is the block file type tab. This tab works like the block categories tab, except you are blocking file types instead of web sites. This feature is extremely helpful for stopping employees from downloading high risk file types such as .bin and .scr files.
Untangle NG Firewall web filter block file type settings

Same action rules apply here. You can block, log, and block and log different file types.

For the purpose of time, I am going to skip over block mime types. This tab works the same as the block file types tab, and gives you more fine grain control over what mime types you want to allow on your network.

The next tabs in the Untangle NG Firewall web filter settings page are the pass sites and pass clients tab. The pass sites tab allows you to whitelist or pass a site that would otherwise be blocked in a banned category. Simply enter the whitelisted URL in a new rule, and that site will be allowed while the other sites in the category will continue to be blocked.
Untangle firewall web filter pass sites settings

The pass clients tab of the Untangle NG Firewall web filter settings page allows you to bypass a client computer, server, or mobile device from being subject to the web filter rules. This tab is helpful for allowing servers to download files and content from otherwise banned sites.
Untangle web filter pass clients settings

The last settings tab we’ll review today is the Untangle web filter advanced tab. The advanced tab of the web filter is full of all kinds of advanced goodness! Untangle filters by several different methods, including DNS match, IP, and URI. You can control the behavior of the web filter by checking and unchecking the boxes. You can also enforce safe search on google and other popular search engine sites.
Untangle NG Firewall web filter advanced settings

There are allot of settings here, so you should review each one In detail. For the sake of time, I am going to end this blog post here. We’ll will follow up with another blog post specifically on the advanced features of the Untangle Firewall web filter.

I hope you have enjoyed this content, and thank you for reading.