Alan Dala
asked on
PFsense box as firewall
Hi, I'm shopping around for a new firewall and Pfsense sounds tempting when coming to price and features. I mostly have experience with Sonicwalls but the price difference is significant for the needed features
I need a firewall that would have services like IPS/IDS, web filtering, site to site VPN capabilities(Azure connection). PFsense looks like it's capable to do that but I was wondering how steep the learning curve is for it. I see that it has a GUI but some people think it takes a while to learn. Although that sounds fun and interesting, I don't have a lot of time to tinker with it.
I need a firewall that would have services like IPS/IDS, web filtering, site to site VPN capabilities(Azure connection). PFsense looks like it's capable to do that but I was wondering how steep the learning curve is for it. I see that it has a GUI but some people think it takes a while to learn. Although that sounds fun and interesting, I don't have a lot of time to tinker with it.
ASKER
Hi and thank you for your response!
I also see that they offer their own hardware for the firewall. Do you think it is worth it to buy it? Do you know if it supports the services I was asking about? I'm mostly concerned about the site to site VPN which for us is very important for cloud solutions and remote office connections.
Thank you!
I also see that they offer their own hardware for the firewall. Do you think it is worth it to buy it? Do you know if it supports the services I was asking about? I'm mostly concerned about the site to site VPN which for us is very important for cloud solutions and remote office connections.
Thank you!
IPS/IDS - Use either the Snort or Suricata packages
Web Filtering - Use Squid + squidGuard
Site to Site VPN - Supports out of the box
As for the hardware. I have it installed on an old computer (I believe it is a P4) with (I believe) 8GB of ram and two Intel 10/100/1000 NICs. It performs just fine.
-saige-
Web Filtering - Use Squid + squidGuard
Site to Site VPN - Supports out of the box
As for the hardware. I have it installed on an old computer (I believe it is a P4) with (I believe) 8GB of ram and two Intel 10/100/1000 NICs. It performs just fine.
-saige-
ASKER
Thanks again for your help.
I talk to a vendor and he didn't recommend putting all those services on the same box but rather get a different appliance(sophos) for security services like IPS/IDS and web filtering. Of course, he was trying to sell some stuff but from your experience, would the firewall be fine with that additional load?
Thank you!
I talk to a vendor and he didn't recommend putting all those services on the same box but rather get a different appliance(sophos) for security services like IPS/IDS and web filtering. Of course, he was trying to sell some stuff but from your experience, would the firewall be fine with that additional load?
Thank you!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
-saige-