New to pfsense looking to eventually replace Watchguard devices.
-
Hello,
I am completely new to pfsense. I recently purchased a Netgate APU kit and just finished installing pfsense. I am going to be using this in my home for testing to get a feel for its capabilities with the hope of replacing multiple watchguard devices currently in service at a medium sized business with several watchguard edge units in remote offices all connecting back to the main facilities watchguard firewall. These watchguard devices are great, however they come with a yearly cost that I would like to remove if I can get the same or similar feature set using pfsense.
I am sure I will have plenty of questions as I go through and set this Netgate unit up, however for now I just have a couple as it seems like it's fairly straightforward with what I see so far.
Does pfsense have the ability to block content types for HTTP Response or via proxy for example application\octet-stream or video\x-flv? The watchguard out of the box blocks everything when using the HTTP Proxy so in a very granular way I have control over what users have access to. I have to allow or add every content type to a policy when using the proxy. Can pfsense do this? If so what or where do I need to go to enable this?
Also for business users what are the popular must have packages?
Thanks!
-
You can install the squid proxy server.
And you can (without the proxy) block ports. -
Ahh perfect! Installed squid and found it under Proxy Server–->ACLs--->Block MIME types (reply only). This is exactly what I was looking for, Thank you Marv21!
-
no problem :)