PfSense and perimeter security

  • Hey folks,

    We're seriously considering standardizing on pfSense as our preferred router platform, for all but our largest clients (because support isn't 24x7).

    I have one concern, however: I’m not aware that pfSense has much by way of advanced perimeter security. I know it has Snort as an optional package but in my playing with Snort it really peeved the heck out of me and I had to go pop some Extra-Strength Advil before uninstalling it.

    I also don’t know nearly enough about advanced perimeter security to know what I'm talking about!!! I know that the larger commercial router vendors like Cisco etc. have annual subscriptions to their threat databases and whatever but I don't really know what that means, whether it's worth it, and whether something like pfSense can do the same as effectively.

    What think?


  • I've had good results with Snort.  pfSense also has Suricata.  Both are IDS engines (Intrusion Detection System) that load daily update files with threat parameters.

Log in to reply