I have used IPCop for about the last 6 months or so and I love it.  Monday, however, the IPCop Firewall sitting in front of my office completely died.  I have had a few problems with it locking up on me, plus I occasionally had to reboot it during the day to free up memory.  This not so much due to any error on IPCop's fault but largely due to the modules I had running had a very large memory footprint.

While I was getting a new machine prepped to reload the firewall, I remember someone had mentioned Untangle about the same time I was originally playing around with IPCop. (I believe it was Scott P. but my memory is not what it used to be.)  Liking a little variety, I decided to see what Untangle was all about.

INSTALLATION
Installing Untangle was very painless.  The base installation of IPCop goes by quickly, but with Untangle it was a complete breeze.  One nice thing about the Untangle installer is it runs in an X shell which makes things a little easier for me.  Another nice feature, when configuring your network connections you don't have to try to figure out which card is which.  It automatically assigns the card to the Internal or the External interface, all you have to do is plug in a live network cable and you can see which is which.  Aside from filling in some personal information and supplying your network configuration for the External interface you are done.

Once installed, Untangle has a Java-based front end you use to control the features of the firewall, reminiscent of  Cisco PIX firewalls.  Untangle is also completely free unless you want to buy the premium services.  The set of free services they offer are great: spam blocker, phish blocker, spyware blocker, web filter, virus blocker, intrusion prevention, protocol control, firewall, OpenVPN, attack blocker, and also a GREAT reporting module.  Basically every tool you could hope for comes prepackaged when you install it.  This is much easier than trying to deploy the same features to IPCop.

If there are some tools you do not want to use, click on the "power button" on the virtual rack for that "device" and that feature is disabled.

Definitely a product worth checking out.

Two years ago when I was forced to move my servers from where they were housed to an in-house setup I knew I needed a reputable firewall to protect the servers.  A good friend of mine whose opinion I respect greatly said he had recently went with the SonicWall firewall.  Looking at all the features it offered I pointed a web browser  at CDW and proceeded to buy my own SonicWall for the office.  While I have no real problem with the firewall itself, what I do have issue with is their licensing.  It would seem to me that when you pay quite a few hundred dollars for a firewall appliance (I don't remember the exact cost, but it was not trivial) you should be able to use all the features it supports.  You should not have to renew your licenses every year which generally runs another $500 to $600 a year.  This was a key factor that I was not aware of when I made my purchase.

[More]