New to pfsense?
I got to know about pfsense from ubuntu forum. The person also recommended me zentyal, untangle and smoothwall.
If I understand correctly, pfsense is just a firewall. It's not an UTM like untangle.
Does that mean pfsense can't do as follows?
- works well with linux and apple, probably can link up with Linux OpenLDAP
- something instead of tracking by IP address?
- appmonitor - blocks facebook, facebook chat, block urls
- anti-virus and anti-spyware
- QOS - used for outbound SIP calls, priority port 5060
- SSL VPN, - with apps on iPhone and iPad, Apple Macs to connect
- IPSec VPN (site-2-site vpn between HQ and branch)
- basic wan acceleration
And I need both pfsense and untangle to work together?
They also said pfsense is not IPS so can't prevent hackers hacking PRI line (our main telephone line system) and sql injection related.
However from untangle perspective, I believe untangle should be sufficient without pfsense.
But many complained about untangle slowness and need a better machine to run it.
Currently, I am evaluating Palo Alto PA-500, but it's really too expensive. Then I evaluated Sonicwall NSA2400, still expensive but the custom reporting (most important feature) works on Windows Server (non linux).
My current office environment is 30 macs and 10 servers. Plan to hire more people, and total 50 macs and maybe 20 servers inhouse.
So can pfsense do all the above? or i still need to have a mixture?
Any help? Thanks.
podilarius last edited by
Out of the box pfsense can QOS, VPN and block based on url or ip (2.1 or higher). There are packages you can addon to the antivirus, IPS/UTM. I have never used untangled and I am not willing to as pfSense covers all my needs (2 DCs and 2 Offices).
are those addons free and stable as well?
so basically pfsense is firewall, utm and ips too?
It depends what you mean by UTM. It seems there are varying definitions.
Like Podilarius said pfSense out of the box is a firewall. It has QOS and VPN included though.
There are packages available to add: web proxy/filtering, antivirus, IDS/IPS. These are widely used and considered stable.
There are other more recently developed packages for a wide variety of other functions, mail filtering, that are considered less stable. However the more people use them the quicker the bugs get worked out!
Noted and thanks, I'll give it a try :)