pfSense: What is it?

scottalanmiller

@JaredBusch said:

I like pfSense, but I am now using Vyatta simply because it is what is on the Ubiquiti EdgeRouters that I have spread around.

We have Vyatta in our Toronto DC.

Nara

Give pfSense a go; I think you'll like it. If I'm looking for a low-resource business firewall that can handle multiple interfaces, WAN failover, and include outbound traffic filtering, I go with pfSense. It's my go-to product for tiny networks that deal with PCI compliance.

A Former User

compared to an Asa 5505? Why one over the other?

scottalanmiller

@Hubtech said:

compared to an Asa 5505? Why one over the other?

Cost and ease of management primarily.

A Former User

i'll play with it in my sweet new lab i could, once more, make some happy clients by saving them some money

scottalanmiller

It only saves so much as you still need hardware for it. But you can push more packets for cheaper.

JaredBusch

@scottalanmiller said:

It only saves so much as you still need hardware for it. But you can push more packets for cheaper.

you can potentially have it on your virtualization platform though. I would recommend some dedicated hardware (basic super-micro or something) though.

scottalanmiller

@JaredBusch said:

@scottalanmiller said:

It only saves so much as you still need hardware for it. But you can push more packets for cheaper.

you can potentially have it on your virtualization platform though. I would recommend some dedicated hardware (basic super-micro or something) though.

We run Vyatta on vSphere for one of our hosted environments.

JaredBusch

@scottalanmiller said:

We run Vyatta on vSphere for one of our hosted environments.

I ran ClearOS 5.2 on a VMWare system along with most of my other stuff in my coloation space for 3 years. I dumped it for the Ubiquiti gear. A hardware Vyatta box for < $100 is just a no brainer IMO.

scottalanmiller

@JaredBusch said:

@scottalanmiller said:

We run Vyatta on vSphere for one of our hosted environments.

I ran ClearOS 5.2 on a VMWare system along with most of my other stuff in my coloation space for 3 years. I dumped it for the Ubiquiti gear. A hardware Vyatta box for < $100 is just a no brainer IMO.

Which model do you have? Might want to check one of those out. Have thought that they looked interesting but was not aware that they were in that price range!!

IT-ADMIN

pfSense is a very powerful firewall, it provide many services in form of packages, including proxy server, openvpn, dhcp, traffic statistics .....and more and mor, all in one, it is really a very good firewall

scottalanmiller

FreeBSD, in which pfSense is built, is famous for the quality and performance of its TCP/IP stack.

A Former User

@scottalanmiller said:

@JaredBusch said:

@scottalanmiller said:

We run Vyatta on vSphere for one of our hosted environments.

I ran ClearOS 5.2 on a VMWare system along with most of my other stuff in my coloation space for 3 years. I dumped it for the Ubiquiti gear. A hardware Vyatta box for < $100 is just a no brainer IMO.

Which model do you have? Might want to check one of those out. Have thought that they looked interesting but was not aware that they were in that price range!!
@scottalanmiller
[here you go scott. ](link http://www.ubnt.com/edgemax#edge-router-lite url) these look like something I may need to play with. Currently i Use cisco cause it's what I know. so many less expensive options out there right now.

scottalanmiller

That link isn't working for me, at least not from iPhone.

A Former User

http://www.ubnt.com/edgemax#edge-router-lite

Nara

@Hubtech said:

compared to an Asa 5505? Why one over the other?

For the price of an ASA, the feature set is lacking. In that price range, I'd go after a UTM appliance such as Sophos. Cisco has missed the boat with the ASA of late. While it makes for an excellent VPN appliance, as a security device, it's merely mediocre.

Nara

@JaredBusch said:

@scottalanmiller said:

It only saves so much as you still need hardware for it. But you can push more packets for cheaper.

you can potentially have it on your virtualization platform though. I would recommend some dedicated hardware (basic super-micro or something) though.

I've had great luck running pfSense as a VM. In a multi-host environment, I can move it around as needed and not worry about firewall hardware failure.

Chamele0n

@Bill-Kindle said:

@Mike-Ralston It's a router / firewall that you can install on pretty much any old computer with two NIC's.

The one thing you have to worry about for hardware requirements is the supported network cards. It will RUN on anything but you may not be able to use it if your network cards are not supported.

Check out: https://www.pfsense.org/hardware/index.html#compatibility