Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    School Usage - 300 Users

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Courting
      last edited by

      Hi folks,

      We currently use a Sophos WS1000 appliance for web filtering within a school. The maximum load on the box is around 300 users, and we have a 100Mb/s synchronous Internet connection. The problem is that the WS1000 is 5 years old and showing its age in both performance and features.

      We have looked at alternatives, such as Smoothwall and Fortinet, but for install and 3 years of subs we are looking at around £8,000. We're looking at around a 5-year lifespan, much as per the WS1000, so that's probably another £3-4k on top of that as well.

      In terms of features we are not looking for much. It clearly needs to be able to provide web filtering, but also current and historical performance (throughput, peak usage etc.), and AD reporting. It also needs to be able to work via an upstream proxy, which is how our Internet is delivered.

      Is pfSense a viable alternative in this situation? We have a Hyper-V based set of servers, so theoretically could setup pfSense as a VM and use that.

      TIA

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Yes it can do that.
        However it's likely to to take a little playing around with the configuration to get it doing what you need. Still if you've got £12K to save that could be worthwhile!
        What exactly do you mean by 'AD reporting'?
        If you mean running a webproxy that each user has to login to authenticated against Active Directory then you may struggle to get exactly what you want. It can be done though, via captive portal and freeradius for example.

        In my opinion the one part of pfSense you are likely to find lacking is logging/reporting. pfSense can export all it's logs to external reporting software though.

        If you have VM servers setup then I suggest installing it and having a play around.

        Steve

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.