General Question



  • ;D

    Over the past 4 month, I have been looking at all my options to replace our aging Sonicwall Pro 3060. I have literally tried every available downloadable firewall appliance. Our Sonicwall Pro3060 is an awesome firewall but it has been costing an arm and leg to keep running. Ironically, after months of testing and still being undecided about what to choose our firewall actually died. 25 minutes later we were up and running a fully functional network using PFsense.
    Not only did it work but it seemed to work faster. I went back through my notes on each software package I had tested and they read as follows.
    Pfsense - easy to install, easy to configure, logical to use, fast. Cons - web interface a little bit glitchy with IE7 but fine with firefox. The big negative, no AV.

    This may sound daft but how are users getting around the no Antivirus problem? Our internet access is via a proxy and our proxy runs AV, so we should be fairly safe for web browsing. I am really curious to know what other users are doing for AV. Should I just get over the fact that our sonicwall had AV and used to scan the streams and that pfsense won't do this?

    BTW - a BIG thanks to the pfsense team…



  • If you absolutely need antivirus at the border, you could use untangle too. Antivirus isn't really necessary if you have it on your clients, especially if you are browsing through a proxy that scans too.



  • Hi,

    Thanks for the reply. I looked at Untangle and found it quite unstable on a variety of hardware. Also when I looked at licensing some of the addon modules it was more expensive than most commercial firewall appliances. Remember as a school we have got around 1500 users.



  • It's my impression that virus scanning on the stream mostly sounds good for the sales rep. So I'm curious on what your experience have been.
    If I was running a school with 1500 my focus would be vlan segmentation, removing admin rights and spending money on different client antivirus / spyware solutions.

    As a side note a havp package have been added.



  • Well I gets lots of pretty graphs daily telling me that it is stop viruses through HTTP and SMTP but how do I know that it is?

    eg.
    Virus Name  Percentage of Viruses [I am afraid you are just going to have to imagine the pretty graph :-)

    Suspicious#tibs 15%   
    Mitglieder.GFA 10%   
    HDDKill 9%   
    GetCodec.A 5%   
    Mydoom.M 3%   
    W32.Blackmal.E@mm_1 2%   
    Suspicious#asprotect 2%   
    Suspicious#banker 2%   
    MS_PowerPoint_Malformed_String… 1%   
    Suspicious.6#upack 1%



  • I think that McAfee has as an enterprise server to get all of those nice statistics if you are running their antivirus.


Log in to reply