PFsense box as firewall

Hi, I'm shopping around for a new firewall and Pfsense sounds tempting when coming to price and features. I mostly have experience with Sonicwalls but the price difference is significant for the needed features

I need a firewall that would have services like IPS/IDS, web filtering, site to site VPN capabilities(Azure connection). PFsense looks like it's capable to do that but I was wondering how steep the learning curve is for it. I see that it has a GUI but some people think it takes a while to learn. Although that sounds fun and interesting, I don't have a lot of time to tinker with it.
Alan DalaITAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

it_saigeDeveloperCommented:
I have found pfSense very easy to learn and their site does contain quite a bit of useful information in the form of forums and user provided articles.

-saige-
Alan DalaITAuthor Commented:
Hi and thank you for your response!

I also see that they offer their own hardware for the firewall. Do you think it is worth it to buy it? Do you know if it supports the services I was asking about? I'm mostly concerned about the site to site VPN which for us is very important for cloud solutions and remote office connections.


Thank you!
it_saigeDeveloperCommented:
IPS/IDS - Use either the Snort or Suricata packages
Web Filtering - Use Squid + squidGuard
Site to Site VPN - Supports out of the box

As for the hardware.  I have it installed on an old computer (I believe it is a P4) with (I believe) 8GB of ram and two Intel 10/100/1000 NICs.  It performs just fine.

-saige-
Alan DalaITAuthor Commented:
Thanks again for your help.

I talk to a vendor and he didn't recommend putting all those services on the same box but rather get a different appliance(sophos) for security services like IPS/IDS and web filtering. Of course, he was trying to sell some stuff but from your experience, would the firewall be fine with that additional load?


Thank you!
it_saigeDeveloperCommented:
There are not normally any problems running these (and other services) on the same box.  Most of the time problems arise because of misconfiguring the installed services.

-saige-

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cloud Services

From novice to tech pro — start learning today.