What is our primary use case?
We are an authorized partner of Untangle, and we primarily work with small businesses that have limited needs. We have deployed Untangle NG Firewall z4 Plus to the majority of our clients. With simple hardware and a monthly service fee, it's very affordable for our clients.
The software versioning is 16.5. We have deployed them primarily on-premises. We have a couple virtualized and on ESXi servers, and that's pretty much it. They're fully managed from our cloud database directly on untangle.com/cmd.
How has it helped my organization?
Its ease of use, variety of available features, and low pricing have enabled us to improve the security for a lot of our very small business clients at a price that they are happy to pay for. The big thing for us is that we're providing a good quality security service to them without spending thousands of dollars per year on hardware and licensing, which we would spend with something like SonicWall, Palo Alto, etc.
What is most valuable?
It is very easy to use. The user interface is very straightforward. It may not be as fancy as some of the ones I've seen, but it's very straightforward. It's very easy to find what you need, and it's very easy to get things done.
The majority of our clients are very small businesses, and Untangle devices have been fantastic for these small clients. We've basically standardized our stack to just simply use Untangle. We include the hardware and the service option, which makes it very easy and affordable for us to just simply push that into the monthly per-user costing that we provide as a managed services provider. It's really a no-brainer. They're easy to use, and they're easy to set up and configure. Support is generally good about resolving any issues that we have. We haven't had any real complaints.
What needs improvement?
I've heard other people saying that other firewalls have better detection rates, so better security. If they can improve the security of the device, I'm always for that, but at the moment, we've been happy with the service that we're getting out of them.
It does have multi-factor authentication in some areas, but I would love to see a more widely implemented version of that on the devices themselves.
It could use some improvement for Azure Active Directory Connections. It does exist, and it is available, but it needs work to be able to fully authenticate.
I know there are some advanced features that other firewalls have that aren't present in Untangle, but we've never noticed any feature that we need but isn't there.
I also know a lot of people have complained about the cost per device because they license by device counts. So, once you get over a certain number of devices, it is not really a cost-effective solution.
For how long have I used the solution?
We have been using this solution for the past three years.
What do I think about the stability of the solution?
We have had one device go down in three years. I've never been certain if that was an issue with Untangle themselves or with the client location. I know for a fact that the client did unplug the device repeatedly because they did not want to listen to their tech support. They unplugged it repeatedly. They left it disconnected from the internet completely for several months. It was disconnected and turned off, and it came to a point where we were never able to remotely restore that connection. So, we had to go in and physically factory reset the device. That's the only issue that I've had in terms of stability, but I don't know if that's an issue with Untangle or an issue with the client themselves. We dropped that client shortly after.
What do I think about the scalability of the solution?
It is easy to scale. I ordered 10 of them in bulk just a month ago. We have about a hundred clients.
We pretty much standardized it across our client base. We also provide some email services, Microsoft 365, and tech support to people who literally just work from their laptop from a Starbucks. They are the only clients who aren't using it. Any of our clients that have an office or home office have Untangle Firewall. We serve a lot of residential customers, and we've stuck the unlicensed version of the Untangle Firewall on their network. We manage those, and it's been great for the most part. The only way we would really increase that in our client base is by just increasing our client base.
How are customer service and support?
I would really like phone support for emergencies. I'm not sure if there is one. I don't think I've ever had to actually utilize it if there was. Having a direct line of contact or support, especially being a partner, would definitely be an improvement, but their tech support has been able to resolve every issue that we've had with them.
Which solution did I use previously and why did I switch?
Originally, we tested Untangle many years ago, but it wasn't a fantastic solution then. So, we didn't really utilize it and always stuck with pfSense, but over the past three years, we've been using, almost exclusively, Untangle devices for our clients.
Our clients were using a variety of solutions. They have been utilizing SonicWall. We have replaced a couple of WatchGuard firewalls. We've had people with pfSense, and we've had people with Cisco Meraki. We've seen most of the firewalls in the business, and I like Untangle.
How was the initial setup?
It was straightforward. You can basically set up a demo device with the settings that you want, take the config file, and export those configs and policies to any new device you deploy. So, the initial setup is not that complex. It is very simple and straightforward because the user interface is very simple and straight.
When you get to whatever you like and how you want to configure it, you just save it as a policy set, save the config file, and deploy it within minutes. We order the device, get the serial number, apply the serial number to our portal, and then apply the policies, and we're done.
One person can handle the deployment. As a matter of fact, the end-user can handle the deployment, as long as the tech just tells them where to plug it in. The end-user doesn't need to do anything. As soon as it's connected to the internet, as long as it's plugged into the right place on the network, the deployment takes minutes, and we manage them all from the command center.
What was our ROI?
I'm not a financial type of person, but I can say that configuring a pfSense firewall is a couple of hours per location, and managing other firewall solutions is definitely more costly and time-consuming from what I've seen previously. We've definitely saved time in deployment, and we have also saved time in management. We save time and money in a variety of ways. So, we have definitely seen an increase in ROI. In addition, the fact that we're able to just simply include it in our monthly costs for what we charge our clients makes it all the better.
What's my experience with pricing, setup cost, and licensing?
Untangle is open-source software. So, you can get it for free. That has been a benefit, especially for the residential users because it is free. The license costs start at $25 a month for some additional features, including higher tiers of security intrusion prevention. The free version comes with intrusion detection, and then the license version has intrusion prevention. It also has some additional things for active directory connectors, etc.
It starts at $25 a month to cover 12 devices. Then it goes up from $25 to $50 a month for 12 to 25 devices. That's where it really doesn't scale out per site. If you have a site that has more than 50 devices on it, then Untangle quickly becomes cost prohibitive in comparison to several other competitors. They have a weird per-device licensing model, whereas most firewall vendors simply tell you that this is how many devices we expect you to cover and this is what your licensing costs. They don't tier it by the device. Firewalls have different costs and different licensing. So, in a way, it is the same, but Untangle is more upfront about it. They tell you that if you have X amount of devices, this is what your licensing cost is, whereas other firewall vendors tell you that if you're covering this amount of devices, you need this type of firewall that they make, and it's going to cost you this amount a month, which is going to be more, but the price comparison is definitely not favorable for Untangle once you go over 50 devices.
There is an additional cost of the hardware, which you can purchase upfront. You can pay for hardware as a service, or you can deploy it to your own hardware at no additional charge. We can deploy this for free, completely and utterly free and clear, just by simply running a VM and installing the free version of the software on it. So, there are literally no costs to it. The additional costs are basically just completely optional, except in the cases of industries where certain of these other security features are a requirement, but the only costs that you have to pay are the licensing costs. You can choose not to buy their hardware at all and just deploy it in a VM.
Which other solutions did I evaluate?
We evaluated pfSense, WatchGuard, and Sophos, and ultimately went with Untangle.
What other advice do I have?
I would definitely advise going for z4 Plus. The base z4 is good if you're going with the free licensing. It is a little bit lower powered. So, it's only good for the free tier licensing or very small offices with only a couple of devices. z4 Plus has been fantastic. We can turn on every feature that Untangle has, and it runs right along for months at a time.
I would rate it a solid nine out of ten. It has been fantastic for the uses that we put it to, which are primarily small clients. It does its job, and it does it well. I've had almost no issues in the past three years of running them except for one, and I'm pretty sure it was the client that caused the issue.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.