What is
Firewall? a firewall is a network security system that monitors, and controls
incoming and outgoing network traffic based on predetermined security rules. A
firewall typically establishes a barrier between a trusted internal network and
untrusted external network, such as the Internet. Wikipedia
Firewalls are
also categorized as network firewalls and firewalls depending on host. Network
firewalls filter and run on network hardware from two or more networks.
Firewalls based on host computers run in and out of such devices and control
network traffic.
Here are the
major types of firewalls.
- First generation: Packet-filtering
firewalls
- Circuit-level gateways
- Stateful packet inspection
- Application-level gateway
Table
of Contents
·
Introduction of Untangle NG Firewall?
·
Creating Virtual Machin with VMWare
Workstation
·
Configuration of Untangle
·
Configuration of Untangle APPS Part I:
Web Filtering & SSL Inspector
Introduction
of Untangle NG Firewall
Untangle
is NGFW/UTM software, bringing together everything your
network needs to stay healthy on one box: web content and spam filtering, virus
scanning, VPN connectivity, multi-WAN failover capability and much more. With a web-based friendly interface to help you track and filter
traffic in your network, it is essential for us to make deployment and
management simple.
Requirement: Minimum 2GB RAM, Dual Core processor, 8
GB hard drive space and minimum 2 LAN cards are required.
Creating a
Virtual Machin with VMWare Workstation
Once untangle.ova file is downloaded Doble click and setup will
start.
The Setup Wizard will open automatically
when Untangle first boots.
Language
selection
Before you begin the setup wizard, select your
preferred language.
The next screen simply welcomes you to the Setup
Wizard. Click next to continue. Untangle
Software License click on Agree
Configure the Server, In the first step, you have set a password and select
a time zone for the administrator account. The admin e-mail can also
be listed for warnings and reports. Optional method of installation.
Now Click on Network Cards
Identify Network Cards,
you can simply start with the next
move if it's an Untangle unit.
Note: Be sure that the physical network cards are configured with
the right (wanted) interface if this is a custom server.
Configures Interface
The default selection is Auto (DHCP). The
automatically assigned address is displayed if an address was successfully
acquired. Otherwise, click Renew DHCP to acquire an IP address.
Click Test Connectivity to verify Internet access
Configure
your Internal network interface
Configure your
"Internal" interface (and DHCP server and NAT configuration.) There are
two choices NAT or Bridge.
Untangle is the edge unit on your network in router mode and
acts as a firewall and router. In this case you would need to correctly
configure your external and internal interfaces for traffic to flow.
We must configure the internal interface and allow DHCP and
NAT (Network Address Translation) with private static IP addresses to share one
public IP on all the internal machines. It is generally called router mode.
In
my testing lab I am not enabling DHCP
Automatic Upgrades are configured
If Automatic Upgrades is enabled, NG Firewall
automatically checks for new versions and performs the upgrade.
In my testing lab I am not enabling “Connect to
Command Center”
Setup
Wizard – Finished That's it!
Click on Go to Dashboard
Configuration
of Untangle
In part one
we are going to learn how to configure web filtering
Congratulations! Untangle is
ready to be configured Click on Continue
The next steps include registration.
After finishing registration
click on continue
Now installing the desired apps and possibly tuning
the configuration of Untangle NG Firewall.
In my testing Lab I am going with
Install the recommended APPS.
Recommended apps now installed as
you can see on the screen and you can install available Apps as per
requirements.
On the Apps tab you will see
the currently installed apps.
Let’s come to the Dashboard of untangle
& you can see almost all the information in one page.
To identify the configuration of
Untangle network cards you can navigate to Config tab
The config tab holds all the
settings related to configuration of the Untangle server itself and settings
for components of the platform that apps may interact with.
Configuration
of Untangle APPS Part I : Web Filtering
Let’s use
the windows 10 system as untangle client
This client
is internal system and we will set default gateway 192.168.2.1 .
Now you can see Internet is
working and Social networking site Facebook.com is opening.
Block Categories
Now come back to the Dashboard of untangle
Firewall go to Apps > web Filter > Categories Tab > Social Networking
Categories
Tab: Categories allow you to change which website categories are
blocked or highlighted. Blocked categories show the user's block page; flagged
categories allow the user to access the site but will be secretly flagged as an
infringement for event logs and reports. For all Web Filter options, these
block / flag actions function the same way.
Now for our testing lab we are going to
block Social Networking Sites. And click on Save.
Now you can see on client system Social
Networking Site www.facebook.com is blocked and not opening.
Lookup Site Tab
Now again come to the untangle
Dashboard: app > web filter > Site Lookup
Lookup Site offers you the
possibility to categorize a URL. A dialog is generated by clicking on it. In
the Web URL, enter the URL for the categorization of the URL and click search.
Block
Sites Tab
Now
again come to the untangle Dashboard: app > web filter > Block Site
Under Block Sites you can add individual domain names
you want to be blocked or flagged - just enter the domain name (e.g.
youtube.com) and specify your chosen action.
We are going to block www.ignitetechnologies.in
site
Click on add > and type
your site which you want to block. Then click on done.
And then click on save.
Let’s check on client System.
Pass
Sites Tab
Now again come to the
untangle Dashboard: app > web filter > Pass Sites
Pass Sites is used to pass content that would have
otherwise been blocked. This can be useful in
"unblock" pages, which are not blocked by block settings.
Also if blocked with category or
individual URLs, domains which you add to the Passed Sites lists will be
permitted-just add and save the domain. When the pass option is unchecked, the
link can be blocked as though the entry is not open.
I am going to pass www.linkedin.com/
site as an example.
Click on add > type required site
and Done.
Then click on save.
Now on client system open browser
and type www.linkedin.com/ in URL, see
the result Site is opening.
Pass the Client
Let’s add another client and that
client IP is 192.168.2.11 and default gateway is 192.168.2.1 untangle IP.
On this system, Let’s try to open
www.linkedin.com site and see the result this site is under web filter block
category.
Now
again come to the untangle Dashboard: app > web filter > Pass the
Client
Pass
Clients Tab: If you add an IP address to this list, Web Filter will
not block any traffic from that IP regardless of the blocked categories or
sites.
Just add the
IP 192.168.2.11 & Enable the pass option, then save the configuration
as followed in the given image.
Now on the client system, open
browser and type www.linkedin.com J bingo see the result this system is working perfectly
from Pass Clients settings option.
About SSL
Inspector
The SSL Inspector is a special
application that allows other Untangle applications processing HTTP traffic to
process encrypted HTTPS and SMTP processing applications to process SMTP also
via SSL. The software does this by manually encoding and encrypting SSL traffic
via the Untangle server for verification by certain applications and services.
Navigate to Apps > SSL
Inspector; Turn ON the SSL inspector for the HTTP site.
Now let’s check on the client
site, open browser and type any site name in URL.
Now you can see after SSL
Inspector is enabled all sites are blocked.
How these sites will work on
client system with SSL Inspector to be continue on Configuration of Untangle APPS Part II.
0 comments:
Post a Comment