Untangle Targets Small Business Security Gap


Faced with a growing array of network security threats, small businesses are stuck: all-in-one proprietary solutions are too expensive and open source alternatives are too complicated and/or require multiple servers.

Dirk Morris, who worked for the Center for Internet Security and later developed algorithms for network traffic processing for Akheron Technologies, and network engineer John Irwin decided to quit their respective jobs during the 2002 recession and have some fun trying to solve this problem.

“John and I recognized that everybody was selling appliances to filter spam but a lot of small companies didn’t want appliances,” said Morris, Untangle’s CTO. “There was a lot of demand and great open source technology but no synergy. Something was broken. We figured it could be a huge business opportunity.”

The pair set to work writing code and four years later, Untangle shipped its first security product in 2006 with six free open source security applications, collectively incorporating nearly 30 open source projects. The six original free apps have now been expanded to 12, including open VPN for remote access, plus a reporting function. In addition, Untangle added include live support and 10 other paid applications including policy management; WAN balancer and WAN failover for maximizing bandwidth and redirecting traffic during outages, and PC Remote, which provides remote network access for the help desk.

“Appliances are useless for small business,” Morris said. “Our platform pulls together all solutions in a way that is easy and frictionless to deliver.”

Getting from concept to solution was anything but speedy, however. The challenge for the San Mateo, Calif.-based startup was figuring out a way to run all these applications and, certainly, more in the future, all on a single server without degrading performance.

Through trial and error, Morris and Irwin developed a better algorithm than the high bandwidth vectoring Morris had created at Akheron for processing network traffic. The new formula, which Untangle calls virtual pipelining, eliminates the otherwise huge latency problem with multiple applications on a single server by performing the numerous traffic processes on multiple applications concurrently instead of consecutively, Morris explained. These traffic steps include unzipping and connecting packets, identifying their functions and enabling them to perform their collective tasks, then reversing those actions and returning individual packets to the webstream. By performing these steps on multiple applications simultaneously, Untangle solved the latency problem and made it possible for a small office to run all security applications on a single server, he explained.

To make an analogy, virtual pipelining is like waiting in line and getting all required paperwork at one time, filling it out and submitting everything together vs. waiting to get the first required form, completing it and then waiting in line again for the next form, answering the questions and then waiting in line for the next form. And so on.

“Latency is a deal breaker,” Morris said. “But our new vectoring formula schedules processing linearly instead of geometrically so the addition of more Untangle applications decreases speed by only milliseconds, which isn’t noticeable.”

Untangle offers other advantages, including the use of standard, x86 chips instead of ASICs (application specific integrated circuits) which are not updated as frequently, he said. Untangle currently runs on Windows servers and desktops, booting up a Linux virtual machine and storing each application in a VMware virtual rack. Untangle also can be launched via a bare metal install with a CD on a dedicated server. In August, however, Untangle will switch its virtualization infrastructure from VMware to Sun Microsystems’ VirtualBox which will be even easier for small offices because it won’t require a dedicated Linux server, he said.

“Our goal is to get as many people as possible using Untangle,” Morris said. “This will take us to a new level (in ease of use).”

According to Mark Floisand, Untangle’s vice president of sales & marketing, Untangle’s free software has been downloaded to hundreds of thousands of computers in 17,000 businesses. In addition, Untangle has 2,200 paying customers for its premium products which is just under 13% of the total, he said. With 10% considered a “good” benchmark, Untangle feels upbeat about its ratio, he said.

Although the recession has cut revenues from some of Untangle’s larger customers, the downturn also has encouraged free users to upgrade, Morris added.

“We’re still seeing a consistent lift, quarter to quarter, of 35%,” he said. “We’re right at the cusp of profitability” and expect to become profitable, with revenues in the millions, by the end of the year, he said. “Our business model works quite well.”

To date, Untangle has received $20 million in venture funding. Its major competitors are appliances like SonicWall, WatchGuard and Barracuda. While companies like Vyatta are vying with Cisco Systems Inc. for the enterprise market, Untangle remains focused on schools, hospitals or offices with 30 or fewer employees, Morris said.

“Some companies try to extend from the enterprise to small business but you can’t really scale down that far,” he said. “Small business is its own market.”

Untangle’s biggest challenge is reaching new business and even some home customers cost effectively, he said. Technologically, the company is currently working to improve its infrastructure so that developers will be able to add their applications to Untangle’s online store with a single click, he added.

Long term, Untangle’s goal is to extend its security toehold in the small business market to other areas of IT like email, backup and VOIP servers, he said.

Untangle’s key milestone right now is profitability, Morris added.

“We believe profitability is just around the corner,” he said. “We’re 100% focused on that right now.”