PfSense and perimeter security
-
Hey folks,
We're seriously considering standardizing on pfSense as our preferred router platform, for all but our largest clients (because support isn't 24x7).
I have one concern, however: I’m not aware that pfSense has much by way of advanced perimeter security. I know it has Snort as an optional package but in my playing with Snort it really peeved the heck out of me and I had to go pop some Extra-Strength Advil before uninstalling it.
I also don’t know nearly enough about advanced perimeter security to know what I'm talking about!!! I know that the larger commercial router vendors like Cisco etc. have annual subscriptions to their threat databases and whatever but I don't really know what that means, whether it's worth it, and whether something like pfSense can do the same as effectively.
What think?
n
-
I've had good results with Snort. pfSense also has Suricata. Both are IDS engines (Intrusion Detection System) that load daily update files with threat parameters.