Pfsense + UTM Appliance



  • Guys, I've setup a 2.0 Release pfSense without anyone informing me that someone purchased a UTM appliance before my arrival which is due to arrive soon. I just want to ask how can I incorporate this new appliance to my current setup:

    Internet - Router - pfSense(FW) - Proxy(ISA Server) - LAN

    From what I've heard, it's either a Cyberoam CR35iNG or a Sophos UTM 320 which is about to come.


  • Netgate Administrator

    What are you using pfSense for currently?
    You've already paid subscription fees for the appliance I assume.

    Steve



  • I used PFsense basically as a firewall-load balancer.


  • Netgate Administrator

    I've never used either of those products but if you're looking for a UTM solution they are likely to offer a better (more integrated at least) experience than pfSense with packages installed. I wouldn't normally recommend you remove pfSense.  :P However if you've already paid for an appliance and whatever subs are required it would foolish not to use it. Those can both perform whatever firewalling duties you need but I don't know about load balancing. If you are using pfSense purely because it offers load balancing then it might make sense to do the firewalling there also. You won't want to be double NATing so I would suggest which ever box can most easily be set up in transparent mode should be so.

    Steve



  • In setting up the appliance, where in my current setup should it fits. before or after the pfsense?

    Internet - Router - pfSense(FW) - Proxy(ISA Server) - LAN


  • Netgate Administrator

    I would probably put it between the pfSense box and the ISA server. However as I said it depends which is easier to setup as non-NATing. Are you using load-balancing?

    Steve



  • yes i'm using load balancing on my pfSense


  • Netgate Administrator

    In which case the pfSense box must be connected directly to the WAN connections so it has to go in front of the UTM device.
    Did you find out what that is yet?

    Steve