Checkpoint, Palo Alto, Cisco ACS, and others, all of them are enterprise, popular and good firewalls. But all of them require some price to pay. Is there any free alternative to these enterprise firewalls? Yes, there are a lot but most of them are not a competitor for them. Pfsense is the most advanced, powerful, popular alternative to these firewalls. Pfsense is not too advanced like them but provides most of the features for a day to day usage. In this tutorial, we will look at Pfsense features.
Pfsense became a professional product. So deployment of the Pfsense can be done in different ways like enterprise solutions. Pfsense can be deployed to the popular cloud services Amazon AWS, Microsoft Azure, Server Hardware provided by Pfsense or some embedded boards or into a virtual machine.
Pfsense is provided by AWS Market place as AMI (Amazon Machine Image). The current version as writing is 2.3.2 also other versions are available.
Microsoft cloud solution Azure also provides Pfsense. The provided version is newer than Amazon AWS which is 2.3.3 .
Hardware is provided by Netgate. There are different types of hardware solutions. From ARM board with 512 MB ram to Xeon CPU boards with 16 GB RAM.
Support is provided by Netgate. There are different types of support packages. Netgate provides support for their products after the sale. Also, there is a support type which is available for the customer who does not buy Netgate products. But this is a bit salty price.
Pfsense provides a lot of features. We will look at them below.
The dashboard provides the main overview panel for the Pfsense. In the dashboard, this information can be found DNS server, version, interfaces.
Pfsense supports routing protocols like OSPF, BGP, RIP. There is also support available for static routing. Routing is an important part of a firewall and router. We can redirect packets into related networks with a routing function and routing information.
Pfsense provides useful packages for popular applications. Some applications are asterisk, Suricata, snort, squid.
Today IT infrastructure needs HA for continuous operation. Pfsense provides HA seamlessly.
Firewall & NAT
As stated before Pfsense is a firewall. Pfsense also has NAT and PAT support. The firewall module provides all basic features for an enterprise firewall.
Pfsense has DHCP services also WINS services. DHCP services make Pfsense great for a compact solutions. DNS servers can be set with DHCP too.
NTP services can be provided with Pfsense. Another interesting feature is that Serial GPS devices can be connected to the system.
Another powerful feature is VPN services. Pfsense supports IPsec, L2TP, OpenVPN, PPTP by default as VPN services.