Two packages for preview: Network Inelligence and App/Protocol Blocking
-
Hi All,
Long time listener, first time poster.
We're a small Canadian company that has developed a couple of packages for pfSense:
-
The Netify package and cloud service provide complete network traffic visibility and analysis - know what's happening on your network. We know, we know... "cloud" is not everyone's cup of tea, but we really needed the horsepower to do some of the deep analysis.
-
The Netify FWA package provides a way to block unwanted protocols and applications. This one is free, open source, and cloud-free.
Getting Technical
pfSense users tend to lean on the technical side, so let's get down to the details. First, we have an open-source deep packet inspection (DPI) engine - netifyd - that is able to extract useful metadata from a network conversation:
- Application
- Protocol
- SSL cipher, SNI, Server CN etc.
- Hostnames
- Agent strings
- GeoIP
- Torrent hashes
- DHCP fingerprints
- and more
This free DPI engine is used to fuel both of the new packages for pfSense.
Package #1 - Netify
<sales pitch warning>
The first package - Netify - is a cloud-based subscription service that provides network intelligence and visibility. Netify makes it possible to manage network resources, enforce company policies, provide forensics, audit network devices, detect weaknesses, and stay on top of cyberthreats. In essence, Netify provides insights to help manage your network and devices. Here are some screenshots.Features include:
- Device Discovery
- Application Detection
- Protocol Detection
- Risk and Reputation Analysis
- Bandwidth Monitoring
- Hostname Visibility
- Geolocation Information
- Connection Tracking
</sales pitch warning>
Package #2 - Netify FWA (Netify Firewall Agent)
The second package - Netify FWA - is a free and open-source solution that is able to block protocols (e.g. BitTorrent) and applications (e.g. Facebook). It runs locally on the pfSense system - no cloud required!
Privacy First
It's strange to think that your ISP, DNS provider, Google, Facebook and online marketers may know more than you about the networked devices and traffic patterns inside your organization.
At every step of the Netify development cycle, we have security and privacy in mind. Deep packet inspection (DPI) sounds intrusive, but it's actually less so than you might think. Netify typically 'looks' inside only the first 5-10 packets of data. DPI cannot decrypt your encrypted communications. No SSL interception, no certificate deployment headaches, no breaking end-to-end encryption. It provides a balance that gives you the power to manage your network without compromising encryption and security. We encourage you to learn more about Netify's privacy features.
In addition, the underlying netifyd deep packet inspection agent is open source, so you can see exactly what network metadata is being processed. Feel free to poke around and see what happens under the hood - the source code is hosted on Netify's GitLab group and the documentation on Netify's JSON data payload might be helpful too.
What's Free, What's Not
Just to summarize what's free and what's not:
- The underlying netifyd deep packet inspection agent is free, open source, and licensed under the GPLv3.
- The Netify FWA package is free and open source. Enjoy!
- The Netify cloud-based service is a paid subscription service, starting at $25 per month. Subscription levels can be found on Netify's pricing page. Please feel free to take a test drive with our no-obligation 7-day free trial.
Installation and Configuration
Though the underlying netifyd engine is mature, the pfSense/FreeBSD packaging is a first release, so it will come with the usual first release kind of software quality. You can find installation and configuration instructions here:
-