Untangle Network Security (2014)
Chapter 14. Untangle in the Real World
A regulatory compliance is a critical thing to know for IT professionals. The first section in this chapter will discuss the common regulatory compliances related to the IT field. Untangle had lead the small and medium business (SMB) market with its secure, easy-to-use, low-cost solutions. The second section will cover the advantages of Untangle NGFW over its rivals. Later, the chapter will cover the usage of Untangle in the SMB, education, healthcare, government, and nonprofit fields, including why they chose it and how they implemented it.
We will cover the following topics in this chapter:
· Understanding the IT regulatory compliance
· Untangle in real life
Understanding the IT regulatory compliance
Since the Enron scandal in 2001, governments all over the world have taken up the job of protecting consumers and companies against the poor management of sensitive information by issuing laws and regulations that require organizations to take the necessary steps to ensure the protection of sensitive information.
Regulatory compliance is an organization's adherence to laws, regulations, guidelines, and specifications relevant to its business. Violations of regulatory compliance regulations often result in legal punishment, including federal fines.
Regulatory compliance requires organizations to take proactive measures to establish network security processes to detect network anomalies, attacks, and other vulnerabilities that can put organizations' sensitive data in the risk of being compromised. Also, organizations are required to provide network compliance audit reports to auditors when demanded.
The following are some of the laws and regulations that have immediate impact on the IT field. This includes the well-known US laws and some national and international laws. Additional laws may affect you depending on your country and your business field:
· The Sarbanes-Oxley (SOX) Act of 2002 requires that the annual reports of public companies include an end-of-fiscal-year assessment of the effectiveness of internal control over financial reporting. This report includes the entire IT infrastructure (servers, network security, and IT practices and operations).
· Similar to the SOX in US, there is also Japan's Financial Instrument and Exchange Law (commonly referred to as J-SOX) and Canada's Keeping the Promise for a Strong Economy Act (Budget Measures), 2002 (commonly known as C-SOX or Bill 198).
· The Financial Services Modernization Act of 1999 (better known as the Gramm-Leach-Bliley Act (GLBA)) protects the privacy and security of individually identifiable financial information collected, held, and processed by financial institutions. The individuals' information can become exposed during online banking.
· The Federal Information Security Management Act (FISMA) of 2002 requires that all government agencies, government contractors, and organizations that deal and exchange data with government systems have to monitor, retain, and maintain audit records of all security events.
· Information Security Management System (ISMS) Compliance (ISO 27001) is an international standard for securing information assets from threats. The standard provides precise requirements for a holistic information security management. The standard has great worldwide acceptance by organizations both large and small, especially in the United Kingdom, Japan, India, and United States.
· The Health Insurance Portability and Accountability Act (HIPAA) was implemented to protect the confidentiality and integrity of electronic personal health information (ePHI), including protecting against unauthorized use or disclosure of information. Although the regulation focuses on the healthcare industry, other companies can be impacted if they engage in certain activities such as the management of employee group health plans, or if they provide services to companies that are directly impacted by the regulation.
· The Payment Card Industry Data Security Standard (PCI-DSS) is intended to protect cardholder data, wherever it resides, ensuring that members, merchants, and service providers maintain the highest information security standard.
· The Children's Internet Protection Act (CIPA) addresses concerns about access to offensive content over the Internet on school and library computers. Schools and libraries subject to CIPA need to certify that they have an Internet safety policy and technology-protection measures in place.
When it comes to Untangle NGFW and its role to achieve the regulatory compliance inside organizations, Untangle NGFW can help to achieve the required compliance through its rich features that could protect the network and provide detailed reports.
However, Untangle NGFW alone can't achieve the required compliance; additional policies and procedures and even computing aspects need to be employed to achieve the required compliance. Examples of bad procedures and controls include using noncomplex passwords (especially dictionary words) and allowing remote laptops to have VPN sessions to your facility that don't force human authentication, which would be a great risk if the laptop is stolen.
Untangle in real life
Untangle's integrated suite of security software and appliances that offer enterprise-grade capabilities and consumer-oriented simplicity are trusted by over 400,000 customers, and protect nearly 5 million clients.
Untangle mainly targets the SMB as more than 99 percent of Untangle customers have fewer than 100 employees. This includes accounting firms, professional services firms, retail franchises, and small government agencies/offices. Untangle is also popular for schools, especially private middle and high schools.
In 2014, Untangle started to extend its market to just-below-enterprise businesses and large campuses by releasing the IC Control and providing an HA option for Untangle NGFW.
This section will explore the advantages that Untangle NGFW offers over its rivals and how Untangle was able to lead the SMB market. After that, this section will introduce case studies for some companies and how Untangle NGFW helped them to reduce the administration headache and time, and increase the network's overall security.
As most of the Untangle customers are SMBs, this section will discuss Untangle's advantages with SMBs in mind. The advantages could be extended to other markets and fields.
SMBs need affordable secure networking, which is largely out of reach of proprietary products, and open source projects were just too complex to implement and manage. Untangle provided a comprehensive network management solution that leverages the best open source network applications, which are designed for ease-of-use, and features just for small businesses. In short, Untangle makes it easy for small businesses to acquire, deploy, and install a network security solution.
SMBs will spend money, but only for something they really need. Untangle was able to understand the SMB market needs and achieve them to lead this market. The common advantages are as follows:
· Strong platform: Untangle brought together the best open source projects to create its comprehensive network management solution, which provides a cheaper and better alternative for the proprietary appliances. In addition, Untangle commercial modules are based on the industry-leading applications.
· Cheap solution: Untangle offers many free, open source applications. Advanced features and applications based on commercial applications are charged for competitive prices.
· Reduction in the administration headache: Most of the SMBs don't have dedicated IT personnel; for example, a computer teacher could be responsible for administrating Untangle NGFW for their school, besides their normal duties. Untangle provides an easy-to-use, pre-tuned solution that will need minimal administration after being deployed. In addition, the reports reduce the amount of time needed by the administrator to investigate and analyze the users' usage.
· Modular selections: Customers are able to purchase only the modules they need/want.
· Generic hardware: In addition to the appliances provided by Untangle, Untangle NGFW can be installed on any generic Intel/AMD PC.
· Special pricing: Untangle offers 60 percent discount for the software's complete package, and 20 percent for appliances with the complete package. The discount is available for schools and educational institutions, nonprofit organizations, and government entities.
· Great support: Most of the customers' inquiries are answered within hours, irrespective of whether it is in the forum or to the support team.
Untangle for SMB
When used well, Untangle can be leveraged to improve network security and performance while reducing administration efforts, which are the main needs for the SMBs. A few examples of how SMBs have been able to take advantage of Untangle are explored in this section.
South Mountain Creamery is a delivery services company that has seven computers for employees and free Wi-Fi for in-store customers who bring in their smartphones and computers. In 2012, Donald Koch joined the company as an IT manager. He started to build a fully qualified domain environment instead of the existing sneaker-net environment. Also, he wanted to secure the environment from external threats, so he replaced the existing Netgear appliance with Untangle NGFW. After running Untangle for a few years, Donald was approached by his CDW account representative to have a vendor-sponsored audit. The company went through the security services threat check from Symantec. The result was that the network had no botnets, malware, viruses, spyware, or even access to known unsafe sites. One of the Symantec engineers mentioned to Donald that in all the time he has been performing these tests, he has never seen zero results returned on the scan. With the strong security provided by Untangle NGFW, Donald freed up time for his other duties including managing various databases, file management, backup monitoring, Active Directory, and Exchange Online.
The Catania Hospitality Group is an award-winning collection of restaurants, hotels/resorts, and spas. The average network size is four sites with 250 employees and 200 computers for employees and guests. The group was using SonicWALL to protect their network. However, the cost to continue using it was downright offensive, as said by Robert Topolski—the only IT resource for the group. So, he decided to look for other solutions with similar functionality but at a much lower price point. Hence, he decided to use Untangle, which was implemented alongside an existing Cisco ASA. In addition to the price point, Robert found Untangle to be more familiar, and he was quickly able to use and manage the product. Using Untangle helped Robert to automate his day-to-day tasks and diagnose trouble areas on the network.
Bank of New Glarus and Sugar River Banks is an independent bank that provides financial guidance and solutions. The average network size is six area locations with about 60 users. After joining the bank, the IT veteran Jeff Armstrong quickly realized that he needed a solution that provides site-to-site VPN, bandwidth control, and web filtering in addition to protection against malware and phishing. After some research, he decided to use Untangle, which satisfied his needs simply. Jeff purchased two u10 appliances, which run flawlessly. The investment paid off for the bank by reducing administration headaches for Jeff and his team.
Portlandia IT, LLC, is a comprehensive managed services provider (MSP) with customers throughout Portland, Oregon. Portlandia IT used to provide Cisco solutions for their customers who often require spam blocking and web content filtering as top priorities. Portlandia IT decided to head to Untangle because of the level of power it introduced, great flexibility, and great saving over competitive devices. Providing Untangle solutions helped Portlandia IT to serve customers with low budgets and sell to markets that would normally not even look outside the box. Some other points that interested Portlandia IT about Untangle were the reports, the ability to monitor the overall network or certain machines, Untangle's speed, and the ability to provide it as a software-only solution or as an appliance.
Shoreline Business Machines Ltd. (SBM Tech Ltd.) is a Canadian IT services company that serves in the computer networking and office automation fields. In addition, it provides network security recommendations for its customers, which include legal firms, medical clinics, schools, and nonprofit organizations. Jeff Hope, IT manager for SBM, found Untangle online and decided to try it on his own network. After familiarizing himself with the product, he felt that it would be a great fit not only for SBM Tech but also for their customers. Most of the SBM Tech customers are small businesses, and their needs include antivirus, antispam, web filtering, and reporting, all of which are provided by Untangle and at a price that is palatable to businesses with limited resources and competing priorities. Some other Untangle features mentioned by Jeff are that it is easy to set up, run, and maintain. Comparable to SonicWALL and at about 60 percent of their cost, and shave great support.
Sunridge Properties is an Arizona-based hotel development and management business with about 12 users. At Sunridge, staff spends a lot of time on the road checking on the development projects, which requires them to stay connected via e-mails. The company invested in Blackberry, but a constant barrage of spam e-mails kept employees from taking incoming e-mails seriously. Untangle was a perfect choice for them. Setup was simple for IT and it reduced spam by 95 percent. The reduced spam improved responsiveness by the team in the field and gave back time lost while reviewing useless e-mails. The added reporting of blocked threats and general network activity was a nice bonus.
Summer Hill, Ltd. is a home furnishings and fabrics company based in San Francisco with a global reach; they have about 12 users, and one unexperienced IT personal. After many security incidents, the company decided to protect its network using Untangle. Untangle protected the company network with minimum intervention from the IT. Even when they had performance issues with their network, Untangle Support helped to not only find the root of the problem but also to solve it. Summer Hill currently doesn't use the full set of Untangle applications, but they are pleased that they can deploy them at the time of need.
KK Fine Foods is a ready meals manufacturer on the border between England and Wales with 75 users. Untangle came to replace an existing Barracuda 200 spam firewall, which was doing well with identifying the spam, but it needs the administrator's intervention to review the whole quarantine, and releases any legitimate e-mails classified as spam. Untangle provided a better job by allowing each user to manage their quarantine, which saved time and efforts for the IT administrator. In addition to the spam filtering, Untangle provides additional features over the Barracuda 200 spam firewall, such as malware scanning, web filtering, Directory Connector, and Policy Manager.
BGO Architects is a medium-sized architecting company based in Texas with 80 users. BGO Architects doesn't have a dedicated IT team, so 10 to 12 hours a week spent on IT issues was keeping the architects away from their primary responsibilities. Untangle provided a simple way for them to manage the network, reducing the time and efforts required in managing the network, thanks to Untangle's reliability and the reporting feature, which reduces the time required to investigate any incidents and quickly diagnose any network problem. Also, the Web Filter increased the productivity by blocking access to inappropriate sites.
e-Clarity Ltd is a UK-based telecommunication consultancy company that offers IT support solutions, business support services, e-mail hosting, network security, connectivity, systems integration, and IT consulting for companies that range from five to 500 employees from different industries. They are a long-time partner with Untangle. Every customer has their unique network issues; using Untangle and its various modules allowed e-Clarity to tailor solutions specific to the customers' unique situations. Untangle also has many advantages, including low prices, the ability to be installed on recycled hardware, and the ability to select only modules that you want.
Using Untangle in education
The Internet is a revolutionary tool to enhance student learning, but with power comes responsibility. Schools must ensure the safety and productivity of students and staff wherever their online inquiries may take them. Untangle solutions can protect students from online threats, block their access to inappropriate content, and manage their Internet use on school networks, ensuring compliance with IT use policy. Untangle is a cost-effective solution that allows schools to comply with the CIPA compliance. We'll explore some examples of schools that installed Untangle in their networks in this section.
Tehachapi Unified School District is based in Tehachapi, California. This district contains three elementary schools, one middle school, one comprehensive high school, and an alternative education school that includes continuation high school, adult education, and a home-based independent study program. The district has about 4,600 students and 450 staff members.
As the district students were able to override the filters and network policy rules set by the IT team, the district started to search for an easy-to-implement, scalable, and robust solution to replace their bulky, expensive M86 solution. Untangle met those needs at a fraction of the cost of their previous vendor. The district has selected the Untangle u500 appliance, which enabled the IT department to provide teachers and staff with the tools they needed without exposing the network to unnecessary risks. In addition, the Policy Manager and Directory Connector greatly helped the IT department to create different policies for the teachers, staff, students, and mobile devices, and monitored their network usage.
Lake Park Audubon School District is a school district based in Lake Park, Minnesota with about 700 students. When Bob Henderson joined the school district as a Technology Director, he recommended that their failing Lightspeed system's Web Filter be replaced with Untangle. Untangle paid for itself in less than six months as its cost was 40 percent less than the previous solution. Bandwidth Control and Web Cache helped Bob to optimize the network bandwidth usage. In addition, Web Filter helped him block access to inappropriate and proxy sites and ensured that useful learning videos on YouTube can be bypassed. Also, the reports helped him save time in reviewing and managing his network. Bob also provides public Wi-Fi for use during sports and academic events throughout the school year. He relies on Untangle to provide this service without compromising on the performance or safety of his network. He said, "We've had up to 4,000 people and 36,000 sessions running through Untangle. It works wonderfully and doesn't miss a beat".
Mount St. Mary's Academy is a private Catholic school in Grass Valley, California with about 50 users. Untangle is being used to manage and monitor the network traffic. Untangle removed the complexity of security systems and provided time for the IT staff to accomplish other tasks. The IT staff reviews Untangle reports every few weeks against the school policies to see if the policies are attained.
Portland Public Schools District in Portland, MI, comprises four schools, an adult and alternative education center, and two administrative offices. Serving 2,100 students with about six sites and 730 computers, the district has a policy of constantly reassessing what technology options are available, as its systems and software come up for renewal or replacement. David Palme, Director of Technology, said: "School technology budgets are under pressure. However, we aim to not only maintain service levels, but continue to innovate and move forward. Untangle fits that bill". David selected Untangle for the completeness of its security offerings, coupled with the ease with which it can be administered. The district uses Untangle for virus and spam blocking and web filtering. In addition, the Policy Manager and Directory Connector helped David in setting different web policies for staff and students. Reports also helped him to know the network usage. David said, "Untangle gives us everything we need to keep our staff and students safe, and at a cost about half that of competitors".
Western Seminary is a graduate school comprised of three sites that serve approximately 250 users, the main campus, located in Portland, and the two satellite sites, located in Northern California. The aim of Western Seminary was to provide uniform access for the remote sites to the centralized resource on the main campus, such as the student records database. With the annual decreases in IT budgets and increases in the need for network protection, Western Seminary needed an affordable solution that would allow consistency across sites and protect users' online experience. Western Seminary uses Untangle Open VPN to provide the connection between the three sites, and Web Filter to secure users' access to the Internet. Untangle was a great replacement for their existing web filtering solution and at a much lower price.
Barksdale Air Force Base Library and Youth Center needed an inexpensive or free product (due to budget limitations) to help prevent abuse on their limited commercial Internet connection and to meet CIPA requirements. Untangle met their needs, and they installed Untangle on old hardware. Untangle is used to provide web filtering, bandwidth control, virus scanning, and captive portals.
Using Untangle in healthcare
Protecting personal health information is a critical mission for healthcare organizations, and many laws, including HIPAA, were issued to ensure the protection of this information. Untangle helps healthcare facilities to protect their networks with minimal administration overhead and without any need of dedicated IT personnel. Some examples of healthcare facilities that utilized Untangle to protect their networks are explored in this section.
Complete Family Vision Care is an optometry-specialized clinic with three locations, each with more than 10 computers. It was driven by the license exceeding for the existing SonicWALL firewall, and unsatisfied with its reliability, Dr. Havranek, the owner, decided to search for another solution to protect his network and his patients' data. Dr. Havranek was mainly looking for an easy-to-use solution that provides strong network protection, low network downtime, and blocking of malicious websites. So, he decided to deploy three u50 appliances for the three locations as Untangle met all of his requirements and at a price much lower than other competitors.
Orthopedic Associates of Grand Rapids (OGAR) based in Michigan has 24 specialist orthopedic physicians and a total staff of 250 employees spread over three offices. After multiple infections with malware, OGAR decided to add additional layers of security including Untangle. So, they implemented the Untangle server at each site to stop malware, adware, and spam. Untangle helped the IT team to focus on solving the users' issues by removing the administration headache and by reducing the infection rate inside the network. Untangle was easy to learn by the IT staff because of its simple GUI; anyone with basic firewall knowledge could use it. In addition, reporting helped the IT team trace and solve network issues.
Genesis Physicians Group serves 1,700 doctors in the North Texas area. This group acts as an intermediary between its clients and the insurance companies, offering a range of other services including the compilation of patients' outcome data, credential management, and secure e-mails. They have 27 users. Genesis Physicians Group needs to maintain a tight, secure network that ensures privacy and confidentiality. They need to ensure that the physicians' e-mail accounts are free of spam, and the sensitive patients' data is protected from corruption by viruses and exploitation by spyware. Hence, they started to use Untangle as an additional layer of security to address their security issues and to handle network monitoring. Untangle makes the IT job much more smooth as they no longer solve problems caused by malware. In addition, Untangle helps to increase the users' productivity by blocking the game sites during office time. Another great feature about Untangle for them is the Untangle Web Filter flexibility. For example, if the Web Filter blocked a site with drug references, which could be a problem in a medical environment, the site could be easily unblocked from the Web Filter.
Using Untangle in government organizations
The more the government services are offered to the public via the Internet, the greater the efficiency for both parties, and also the more risk for services being compromised. Hence, there is a need to implement a security solution that can help against security threats. In this section, we'll explore some examples that show how Untangle was able to help some government offices to protect their networks and achieve regulatory compliance.
Pickaway County Sheriff's Office has embraced a new technology to keep up to date. It has about 120 nodes. Untangle is used to provide a VPN connection between mobile police units and headquarters. Also, it's used to provide web filtering for both the internal and mobile units. They first implemented Untangle in 2007 as a free package. After that, they started to purchase the premium modules such as the Policy Manager and the Directory Connector. They installed Untangle in transparent bridge mode behind another existing firewall. Within 5 minutes, Untangle was up and running, and started to filter the web traffic.
Virgin Isles Water & Power Authority (WAPA) is a public-power utility whose core purpose is to enhance the economic development and the quality of life for people living in the Virgin Islands and the surrounding areas. It has about 350 users across three sites. Forced by budget pressures and the ability of some employees to bypass the web filtering using proxies, WAPA's IT department considered replacing their existing web filtering solution with another more cost-effective, robust solution. After testing Untangle, they decided to purchase the full subscription because of its performance and its ability to prevent people from using proxy sites, which also came in a good price for them.
Using Untangle in nonprofit organizations
Nonprofit organizations face the same problems as that of the for-profit organizations. They need to secure their network but with a lower budget and have less time to deal with IT infrastructure issues. Untangle considers the right solution for the nonprofit organization with it special pricing. It is easy to deploy and manage. In this section, we'll explore some of the nonprofit organizations that leveraged Untangle.
Legal Assistance Foundation (LAF) of Metropolitan Chicago is a nonprofit organization that provides free, high quality, civil legal services to people living in poverty and other vulnerable groups. LAF has about 200 users between employees, students, and volunteers. LAF staff uses their devices to connect to the network from both within and outside the offices. Eric Fong, who is an IT veteran of 11 years, was looking to replace his current expensive solution, which requires special clients' configurations on the users' smartphones and laptops with a next-generation firewall that has the ability to filter websites, block spams and viruses, report incidents, and more. After some online searching, Eric decided to go with Untangle. Untangle enabled Eric to stop spam and malicious software, set up VPNs to securely connect from anywhere, and enforce usage policies. Untangle provided LAF with the most complete next-generation firewall available, and at an unbeatable price. The difference in price was so significant that Untangle had paid for itself in just three months.
First Community Federal Credit Union (FCFCU) is a nonprofit organization that caters to the financial services needs of community residents. FCFCU has about 250 people with 200 computers. FCFCU was dissatisfied with its Websense solution as it was expensive and cumbersome. Furthermore, as a financial institution, FCFCU needs to comply with stringent information security audits throughout the year. Thus, they searched for a security gateway that provides antivirus, web filtering, and reporting features. They decided to turn to Untangle as a way to reduce costs and complexity as well as to meet the gateway requirements recommended by third-party security auditors. Untangle was implemented in three regions as a transparent bridge behind another firewall. Untangle's free package was selected in addition to the Directory Connector, Policy Manager, and Web Filter premium modules. Some Untangle features for FCFCU include the cost of one year of Websense is more than the cost of deploying Untangle in the three regions, and the ability to buy what they only need of the premium modules when they only needs. In addition, the ease of use helped to reduce the time required to learn and manage Untangle. Also, it enabled to investigate incidents more quickly. Finally, the ability of Untangle to complement other products in place is beneficial.
In this chapter, we reviewed some regulatory compliance techniques with relevance to the IT field, mentioning some of the Untangle features that make it a popular selection for the SMBs. After that, we stated some of the use cases of Untangle in the SMB, education, healthcare, government, and nonprofit fields.
With this chapter, we have completed our journey of Untangle NGFW. We hope that you enjoyed this book and it was a great benefit for you to start your own journey with Untangle NGFW in the real world.