Yes, I don't know what the difference is between the revisions but they all look like Portwell boxes. I would expect pfSense to run an any of them really.

@jeffshead That is correct. Snort/Suricata operates outside the firewall so to speak so it cannot inspect ssl traffic. There is no mechanism within pfsense to decrypt a flow and send to an engine to inspect. This largely,in my opinion, makes the threat prevention aspect of pfsense quite useless. It would be more useful to have your endpoint mitigation tools on the clients do the protection.