For many small enterprises, the cost of implementing a comprehensive set of network security tools is daunting. Open Source solutions offer a way of avoiding these costs, but arcane implementation requirements and a lack of external support make them equally unappealing.

Growing Security Issues Leaving Small Enterprise Behind

As the variety and number of IT security risks that enterprises face continue to increase, the market is quick to respond with new tools designed to combat these new threats. Firewalls beget Intrusion Detection and Prevention, Anti-Virus begets Anti-Spam, Anti-Phishing, and Anti-Spyware. With each new threat comes a new tool to address it, but also a dollar cost to implement it. While larger enterprises are able to take these increased costs in stride, small enterprises with more limited budgets are left to make difficult choices as to which solution will go unimplemented, and therefore which threat will potentially be allowed to propagate.

Open Source Viable Only for a Few

Open Source pundits point to this situation and use it as rationale for the adoption of the broad variety of free tools that exist under the GPL license. While many of these tools are extremely viable, and in some cases better than commercial offerings, they are not generally appropriate for all enterprises for two primary reasons:

1. Lack of vendor support. Since there is no vendor associated with an Open Source solution, there is no vendor to provide support. The user community is generally good about providing support for these products, but only on a best efforts basis. Not exactly comforting for mission-critical applications.
2. High level of skill required. From implementation into ongoing operations, many Open Source platforms require a significantly higher level of employee skill due to a lack of clean installers and clunky, counter-intuitive interfaces. Without skilled personnel, getting the most out of these solutions can be challenging.

For open source to be a viable alternative for the majority of small enterprises, the products need to be easier to implement, easier to use, and easier to repair when they fail.

Untangling the Problem

Untangle, formerly known as Metavize, is attempting to do just this. The Untangle Gateway is available in two versions, Open Source and Free or a Professional Package. The former includes ten distinct security applications (listed below in Table 1) as well as two Untangle specific operational applications. The security applications address the most common gateway security risks. The two Untangle applications, Platform and Reports, provide a consolidated and intuitive user interface to manage the platform as well as an integrating reporting capability.

Table 1. Untangle Security Applications

The Professional Package takes this bundle and further enhances it by including a Remote Access Portal (to allow users offsite access), enhanced management capabilities (including integration with Active Directory), offsite backup of the Untangle Gateway, as well as 5x12 live support. A cost is associated with the Professional Package, but this works out to approximately one dollar per user per month, a figure significantly below that charged by most commercial vendors.

Finally, to make the adoption of the Untangle solution even easier, it can be acquired pre-installed on custom hardware. Untangle has two devices available, the XD at a cost of $995 and the XD+ at $1,195. The only difference between the two is the amount of system memory, but the larger box is recommended for enterprises with over 250 employees. Though the solution can be deployed on generic hardware, utilizing one of the Untangle appliances can certainly streamline implementation for enterprises with minimal technical resources.

Recommendations

1. Investigate the Untangle Gateway. Due to the conflicting and dual problems of limited staff and limited budgets that small enterprises face, Untangle can be a wise choice for these companies. The software solutions that form the package are capable enough for any enterprise and so there should be no concern that the solution is second rate. The focus of the company is definitely in the 250 or less employee category and the pricing model makes it attractive for those enterprises.
2. When selecting a package, if the enterprise is technically savvy, go basic. If Untangle is the right choice for the enterprise, remember that support isn’t included in the Open Source and Free package. Though the Untangle Platform does reduce some of the need for technically capable staff, the fact that it doesn’t include support means enterprise personnel will need to be able to support the solution if problems are encountered.
3. Invest in the Professional Package for one of two reasons. If the enterprise doesn’t have the in-house skills to support the Untangle solution, or needs the Remote Access Portal for enhanced connectivity for external workers, the Professional Package offers great value with its low monthly license costs.
4. Consider a pre-installed appliance if technical skills are limited. Getting all of the functionality in a ready-to-go appliance can save a lot of headaches for the enterprise that has minimal in-house technical capabilities. Furthermore, the devices themselves are competitively priced with commercial servers.

Bottom Line

Enterprise IT security is an issue that all organizations should be taking seriously. For those that feel they either don’t have the money or the technical skills to implement these solutions, the Untangle Gateway may be just the solution.