loader

Pfsense – Protect your network

Pfsense

What’s pfSense ??
pfSense is an open source firewall/router computer software distribution based on FreeBSD.
It is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network
and is noted for its reliability and offering features often only found in expensive commercial firewalls.
It can be configured and upgraded through a web-based interface,
and requires no knowledge of the underlying FreeBSD system to manage

 

Install, update, packages, management
  • Live CD, update, NanoBSD/embedded, virtual machine, and USB installers available
  • Packaged support/push-button installer for extensions, including the Squid proxy server, the Snort intrusion prevention/detection system, ntop, the HAVP antivirus package, IP address blocklist’
  • Multi-language
  • Console, web-based GUI, SSH (if enabled) and serial management
  • RRD graphs reporting
  • Traffic shaping and filtering
  • Real-time information using Ajax
Functionality and connectivity
  • Virtual Private Networks using IPsec, L2TP, OpenVPN, or PPTP
  • PPPoE server
  • High availability clustering; redundancy and failover including CARP and pfsync
  • Outbound and inbound load balancing
  • Quality of Service (QoS)
  • Dynamic DNS
  • Captive portal
  • uPnP
  • Multi-WAN
  • VLAN (802.1q)
  • DHCP server and relay
  • IPv6 support
  • Multiple public IP addresses/multi-NAT
  • RADIUS/LDAP
  • Multiple resolvers (DNS forwarder, Unbound, TinyDNS, other)
  • Aliases supported for rules, IP addresses, ports, computers, and other entities
Firewall and routing
  • Stateful firewall
  • Network Address Translation
  • Filtering by source/destination IP address, protocol, OS/network fingerprinting
  • Flexible routing
  • Per-rule configurable logging and per-rule limiters (IP addresses, connections, states, new connections, state types), Layer 7 protocol inspection, policy filtering (or packet marking), TCP flag state filtering, scheduling, gateway
  • Packet scrubbing
  • Layer 2/bridging capable
  • State table “up to several hundred thousand” states (1 KB RAM per state approx)
  • State table algorithms customizable including low latency and low-dropout
Packages support Packages available as “push button installs” among others:

  • Snort Intrusion detection and prevention
  • Suricata Intrusion detection and prevention
  • pfBlockerNG
  • OpenBGPD
  • MailScanner
  • HAProxy
  • Asterisk
  • Squid caching and reverse proxy with SquidGuard
  • HAVP antivirus with ClamWin
  • Varnish3
  • Postfix forwarder
  • Apache HTTP Server with mod-security
  • FreeSWITCH (Voice over IP)
  • spamd
  • ntopNG
  • nmap
  • multiple monitoring and statistics packages, file managers.

Enterprise, Open Source   Firewall SOLUTIONS

Providing comprehensive network security solutions for the enterprise, large business and SOHO, pfSense solutions bring together the most advanced technology available to make protecting your network easier than ever before. Our products are built on the most reliable platforms and are engineered to provide the highest levels of performance, stability and confidence.

 

Protect Your Network

pfsense_product-family pfSense® software has the flexibility to be installed on a wide range of hardware, but it is currently supported only on the x86 and x86-64 architecture. The types of devices supported range from embedded devices to rack mounted servers.Since network environments differ dramatically, determining the exact hardware sizing for your pfSense deployment can be difficult, but the following will provide some base guidelines on choosing which hardware is sufficient for your installation.pfSense 2.x has low minimum system requirements (for example 256 MB RAM and 500 MHz CPU) and can be installed on hardware with x86 or x86-64 architecture. It is also available for embedded system hardware using Compact Flash or SD cards. pfSense also supports virtualized installation.