Do people using pfsense all work in IT?
-
I'm a home user with no work history in the IT field. I taught myself to use computers in 1992, my first being an AppleII, and currently have a computer running OpenBSD 5.2 and a laptop running FreeBSD 9.0.
My first experience with firewalls was the Conseal PC Firewall, a rules-based packet filter, on my Windows98 box. Both of my computers run the OpenBSD pf firewall, but my first experience with a hardware firewall is my current pfSense box installation, which I utilize on my home Ethernet network. Having some prior experience with the pf firewall I'm comfortable with pfSense rules and operation and haven't had an ounce of trouble out of it since I first started using it earlier this year.
I've considered going with a straight OpenBSD or FreeBSD box as a firewall but I'm very happy with pfSense and have no plans to switch over from using it.
-
@cmb:
Most of our business customers we get because the people in charge use it at home first, see it can do everything their <big name="" vendor="">box can do and then some in some areas, and when it comes time to upgrade firewalls or put in a new colocation or office, they go with pfSense instead of dropping an order of magnitude more money on commercial gear to provide the exact same end result or a lesser result in some cases.</big>
<big name="" vendor="">I manage the IT infrastructure of a small NGO and that's exactly my case. Started using m0n0wall at home and then "upgraded" to pfSense because of upnp support ;) . When I realized the potential of pfSense I ditched Sonicwall at work. I have been running pfSense in two locations for few years without problems and I recommend it every time I have a chance.</big>
-
I've considered going with a straight OpenBSD or FreeBSD box as a firewall but I'm very happy with pfSense and have no plans to switch over from using it.
This has come up before, and for many real-life scenarios pfSense can probably save most "ordinary" network admins a huge amount of time (i.e. do in two hours what one would probably spend 20 hours to accomplish with OpenBSD or FreeBSD). If on the other hand you're looking to build a LNS box for 5k users for an ISP, you'd probably better with plain FreeBSD.
-
I work in IT and have 20+ years of experience. I am a dedicated "Windows" guy and know very little of FreeBSD "nerd" stuff. So the GUI of PFsense is what I need and I need a "walkthrough" when it comes to github asf. I have run firewalls like M0n0wall, IPcop and smoothwall. Always returning to PFSense. Currently running 1.2.3, since I have weird issues with 2.0.1 and generally think its not very intuitive compared to 1.2.3. I have been on the forum for quite some time and have learned a lot from the very nice people in here. I got the idea to make Countryblocker for 1.2.3, but dont have the knowledge to make it. Tommyboy180 did, and he did it quickly!
-
I'm a tier II tech who works for the government in the US (Department of Energy) and have the advantage of a large team. I can take what I learn from messing around with the pfsense setup at home, and have a fuller grasp of what our netops team is talking about.
More recently I purchased a tp-link smart-switch that supports VLANs. I've since converted my pfsense box to ESXI, virtualized my pfsense and setup 5 vlans. Talk about being thrown into the deep end, coming from no working knowledge of vlans other than their purpose.
Helps greatly when trying to discuss issues at length with netops. I can also go spend the day with them, and see their day-to-day work.
So just by toying around with pfSense I've exposed myself to basic routing, packet-filtering, squid, VLANs, BGP, ESXI, and a handful of other neat things.
In summary to answer the OP's question, I would say depending on your devotion and expanding your experimenting, you could easily get an entry level job in the networking field. You'd quickly want to get some cisco training as you without question will run into cisco devices.
-
I'm too working in IT, but more on business IT side like SAP, Oracle DB or new stuff like iPad as single device.
For those topics is always good to know how the bits travel between end points. I use pfSense on ESXi 5.1 mainly at home; but with the goal to prototype/showcase some solutions for business and to continue learning. Playing around is it too. A bit. A lot bit ;D -
should of run a poll! IT isn't my profession, but I like to tinker with things like pfsense and computer gear.
-
Solid state electronics student for me. Tangentially IT, but not really at the same scale.
Love pfsense at home though undoubtedly running on an overkill machine. -
Retired IT type here, started out with MonoWall, moved to SmoothWall for more features but got tired of the lack of direction, progress, bug fixing and the horrible additional tools process there.
Spent a lot of time reading about small firewalls, both the performance and as important the community and decided pfSense looked like the best spot for me.
-
Police
first job was in IT as technician but it was rather dull so I did not go back to it after doing my time in army. Computers&networks are more or less just hobby..
-
I work in IT but only use pfSense personally. I did have it as a guest-wireless firewall in a previous job, but that's about it. While it is the best of the cheap or free options out there, it fails on useful logging, packages (too many beta packages), timely bug fixes and updates compared to the big boys.
-
While it is the best of the cheap or free options out there, it fails on useful logging, packages (too many beta packages), timely bug fixes and updates compared to the big boys.
What kind of logging are you missing ? Considering that not only does pf allow very detailed logging, you can use tcpdump on pflog or the physical interface(s) either from CLI or webGUI, and you can export netflow data.
Regarding timely bugfixes and updates, I'd be inclined to agree, but I'd think with the significant increase in installed base to 170+k live pfsense systems, it will eventually be possible to improve pace through crowd-funding.
Anyway pfSense does still miss some "big boy" features (e.g. L2TP/IPsec, GRE NAT proxy, TCP multipath, IPsec IKEv2, IPsec redundancy with multiple Phase-1, IPsec VTI, DMVPN, L7 filtering etc), most of which however are not relevant to probably 95% of the SMB installations. And in return pfsense offers ISC dhcpd, ntpd, unbound, openvpn and so much more.
-
packages (too many beta packages), timely bug fixes and updates compared to the big boys.
Re: Package versions, that's mostly the fault of the various maintainers just never updating the status. Most all of them are probably at least "stable" but that field is mostly ignored.
We fix bugs very fast in most situations. We may not have very frequent releases, but the bug fixes are public in the source repos and they can be applied as needed in many cases. And there are always snapshots if one needs certain fixes/features before an official release.
-
While it is the best of the cheap or free options out there, it fails on useful logging
What kind of logging are you missing ? Considering that not only does pf allow very detailed logging, you can use tcpdump on pflog or the physical interface(s) either from CLI or webGUI, and you can export netflow data.
valnar, when you have a moment, please elaborate on what you meant by "useful logging" and pfsense limitations vs other platforms.
TIA.
-
It's not the logging per se, but the user interface for it, hence "useful logging". If you are familiar with the Checkpoint and Cisco ASDM GUI's, you'd know what I mean - especially for troubleshooting problems.
Geez, sorry if I offended anyone. ;)
-
It's not the logging per se, but the user interface for it, hence "useful logging". If you are familiar with the Checkpoint and Cisco ASDM GUI's, you'd know what I mean - especially for troubleshooting problems.
Geez, sorry if I offended anyone. ;)
No offence whatsoever taken :-) I was just trying to understand where you were coming from, because "logging" might mean different things to different people.
Anyway, as I wrote above, while the webGUI doesn't expose too all available functionality to the user, a knowledgeable networking professional can always drop to the CLI and do all sorts of troubleshooting.
-
It's not the logging per se, but the user interface for it, hence "useful logging". If you are familiar with the Checkpoint and Cisco ASDM GUI's, you'd know what I mean - especially for troubleshooting problems.
Geez, sorry if I offended anyone. ;)
Well it's not really offensive per se, it's just extremely vague and unhelpful. If you can explain what "useful" means specifically, to you, it would help more than a vague complaint.
Also try 2.1, the firewall log filtering was expanded quite a lot.
-
Did the network admin gig then moved to SysAdmin/Engineering/Development.
Have used pfsense to hold up 2,000+ students in the past. Some small hosting companies and test/dev environments frequently. Been using at home since 0.6.x or 0.5.x I think….Spring/Summer 2005...Helped Scott setup the forums originally way back when.
-
:D
Hello, another IT admin here.Started using monowall at home, and quickly found about pfsense.
After a few months, I started to deploy pfsense at most my clients. At the time, sure mainly I was the only using it for vpn in to the office. Nowdays everyone connects trough the internet, and firewalls like pfsense aid a lot in keeping cost down, or better being able to get a massive pc for the firewall.
At the most important locations, I do have an HP DL380G5 with pfsense. It does make a diference. The best about pfsense, is that you build up as you need. so no matter if you are a beginner in networking, or have quite the experience, pfsense is a great tool to learn and use.
I would like to take advantage of this topis and thank everyone on the pfsense team.
-
Yep, another IT guy here.
Been using pfSense at home after getting sick & tired of the consumer level garbage, using DD-WRT to get better functionality, and still needing to reboot the device every week or so. Tried Untangle, the gui was nice, but it made me feel like a donkey with Untangle riding me, dangling a carrot on a stick in front of me to purchase stuff. ClearOS was neat, but felt bloated. Stumbled across pfSense after the 2.0 stable release, and it was love at first install at home (virtualized under ESXi 5).
And we literally swapped out our Fortigate 80C last night at work (11 hours ago now) in favor of running pfSense 2.1 in a VM, everyone's been telling me today "the internet works so good now!"
Admittedly, if I wasn't in I.T. I'd probably still be limping along with yet another wrt54g flashed with dd-wrt …..
