New to pfsense looking to eventually replace Watchguard devices.
I am completely new to pfsense. I recently purchased a Netgate APU kit and just finished installing pfsense. I am going to be using this in my home for testing to get a feel for its capabilities with the hope of replacing multiple watchguard devices currently in service at a medium sized business with several watchguard edge units in remote offices all connecting back to the main facilities watchguard firewall. These watchguard devices are great, however they come with a yearly cost that I would like to remove if I can get the same or similar feature set using pfsense.
I am sure I will have plenty of questions as I go through and set this Netgate unit up, however for now I just have a couple as it seems like it's fairly straightforward with what I see so far.
Does pfsense have the ability to block content types for HTTP Response or via proxy for example application\octet-stream or video\x-flv? The watchguard out of the box blocks everything when using the HTTP Proxy so in a very granular way I have control over what users have access to. I have to allow or add every content type to a policy when using the proxy. Can pfsense do this? If so what or where do I need to go to enable this?
Also for business users what are the popular must have packages?
You can install the squid proxy server.
And you can (without the proxy) block ports.
Ahh perfect! Installed squid and found it under Proxy Server–->ACLs--->Block MIME types (reply only). This is exactly what I was looking for, Thank you Marv21!
no problem :)