Enterprise style Central Management Interface - {Now $1900}
-
Hello all.. I work in an industry which requires use of Captive Portal firewalls and Device management. I am trying to put together a combination Gateway and Management system. I like the pfSense firewall as the Gateway portion and am looking at Ops View http://www.opsview.org for the management portion. I especially like the ability to write changes to devices from the Central Management console. I am curious as to whether individual connection details would be available in this application.
What would be involved in adding some SNMP data collection to an onsite pfSense box and having that information relayed to a Central Management Solution. Sorry if this seems a little off topic but I feel that I can add a lot to the Bounty if I can get a complete Rock Solid solution developed and ready for deployment.A little background if you are interested. I have a solid networking background and do all of the engineering for our company but do not have a solid enough background in the Open Source arena to put together a system on my own. We are looking for something that would work out of the box without a lot of fiddling.
-
Glad to see more interest in a solution like this.
Sorry if this seems a little off topic but I feel that I can add a lot to the Bounty if I can get a complete Rock Solid solution developed and ready for deployment.
If you are able to add alot to the bounty for this feature I would suggest posting the amount ahead of time. Almost everything is possible with this product. Posting the amount that it is worth to you to have this feature will get a quicker response.
Mark
-
Have not heard from a Dev since April 27th and my requests for an update have gone unanswered. I am still interested in this bounty but will have to look for an alternate solution if no one pipes in with some type of update telling me there is still interest in this.
Thanks,
Mark
-
I posted a new bounty for a network monitoring solution but I could add the $400 to this solution instead if this could be incorporated.
Server Drive space
Monitor running services.
Ping monitoring
Web monitor (to see if web pages are returning correct results) IE Outlook Web Access Not required.
Event Logs (Monitor Errors and warnings.)
Custom SNMP traps
Syslog monitoring.
Monitor multiple remote locations from a single device. and be able to separate them out by location and or company.Email notification based on specific types of events or keywords.
-
I will add 250$ to get m0n0wall-cmi ported as a separate project: pfsense-cmi. Obviously we will need maintenance going forward to support new features, so I hope that the m0n0wall-cmi code is a good/clean place to start.
-
It's really not. A number of the pfSense developers have looked at the m0n0wall-cmi code and have judged it to be a major mess. I think that the direction currently under consideration in this thread is a better one.
-
@submicron:
A number of the pfSense developers have looked at the m0n0wall-cmi code and have judged it to be a major mess.
I don't think that's accurate, I don't know that any of us have looked at the code, at least not that I recall.
We are looking to go a different direction with this though.
-
Well if there is any info that anyone has about the direction it is going I would really appreciate hearing about it since there has not been an update in a very long time about whether this is going in any direction at all. Hope I am wrong but this bounty seems to not be going anywhere.
-
@cmb:
@submicron:
A number of the pfSense developers have looked at the m0n0wall-cmi code and have judged it to be a major mess.
I don't think that's accurate, I don't know that any of us have looked at the code, at least not that I recall.
We are looking to go a different direction with this though.
I distinctly remember being on a conference call with both you and sullrich where exactly this statement was made, I believe by sullrich.
-
@submicron:
I distinctly remember being on a conference call with both you and sullrich where exactly this statement was made, I believe by sullrich.
I remember that call, but what I recall is we were talking about functionality we wanted just not being there. Oh well, moot point. :)
Well if there is any info that anyone has about the direction it is going I would really appreciate hearing about it since there has not been an update in a very long time about whether this is going in any direction at all. Hope I am wrong but this bounty seems to not be going anywhere.
We will have more info on our plans as things progress. We aren't in a position yet to discuss any further.
-
@ cmb
We will have more info on our plans as things progress. We aren't in a position yet to discuss any further.
I don't understand what you mean by "our plans". Do you mean the developers only or also the people who have created and or added money to the bounty. I would hope that as a contributor to the bounty that myself and anyone else who is offering to contribute to this bounty would be informed of any updates, progress, or direction this bounty is taking unless the devs have decided to take this in a different direction. My main concern is I have allocated funds to this bounty and it has been about 4 months since the last time a dev has shown any interest in this bounty. That dev did not say they would take the bounty. I will need to start looking for an alternative solution which means pulling my money from the bounty.
-
Was reading bout limitations with VPN and sending snmp and syslog data across the vpn. Was wondering because most MSP apps which do this central management type thing do so via VPN tunnels to each client. Will this still be a problem or will it be fixed in 1.3?
-
What is stalling this bounty? Is it the amount of money? If so, how much more will it take to get things moving. Giving me a realistic figure will enable me to try and get others to jump in. Ex. Lets say 3,000 will get a dev accept the bounty. Then I know that if I get 3 people to pony up $250 each we can get started and they know that by adding to the bounty it will begin developement.
Thanks
-
I still think using another server to monitor services, management and polling devices is not ment for a firewall.
There are already great packages like zabbix and nagios which offer plenty of management abilities.
Monitoring a great deal of servers and services also take up plenty of cpu power/memory (10 sensors for each server with 20 servers..)
Just my 2 cents, why reinvent something which is already invented ?
-
Not for monitoring devices. More for maging and being able to configure all of your pfSense firewalls from one location. There is no product out which does this for pfSense. Also 1.3 can operate with 1 NIC, meaning this would become an appliance rather than your firewall slash everything else under the sun. I have been looking at a different solution for monitoring devices. ManageEngine has an MSP solution which for 2500 per/year aloows you to monitor 100 devices. I do agree that for monitoring pfSense would probably not make much sense since the cost of developing a solution would cost much more.
-
Very interesting! I can see a solution in my mind, but I don't know how long this will take. I think I need to research this or something….
-
It would be a dream come tru if someone developed a management client for pfsense like Firewallbuilder with log viewing capabilities…
Today I manage 20+ pfsense boxes for VPN/firewalls etc, just imagine if it would be possible to manage these from one gui
Wishlist:
object oriented firewall/VPN configuration, +only create the objects one time (drag/drop the object rules to the firewall and apply/upload)WE CAN ALWAYS DREAM ;)
/MRNilsson
-
@ MRNilsson
One does not have to just dream. One can also donate! Hint Hint.. ;D
-
Curious….Is someone developing a commercial solution for this? I noticed Centipede now has an automatic backup plugin for configs..... That is not a full solution but I get the feeling something like that is happening. This bounty gathered much interest in the beginning and then P :o :oF. The concept is a very good one (At least I think so) and am hoping that someone is still interested. I will up the bounty by $500. I would appreciate it if someone would tell me (Devs) if the lack of interest is due to wanting to make a commercial solution...add-on or if it is the bounty total. If it is the bounty total then if someone could tell me what it would cost to "interest" a dev to create this. I have added a significant amount of my own money and might be able to convince others to join in but with the bounty sitting stagnant it is difficult to convince people to pony up some cash when no one is negotiating.
-
I read this whole thing and can the requirements reconciled in a post and what is the last offer for this?