As a security engineer and open source enthusiast, Pfsense has been a very good and complete perimeter security solution,
It is an open source customized distribution of FreeBSD focused on offering perimeter security controls. It can be installed on-premise, virtualized or in the cloud depending on your needs and your available resources.
What can you do with Pfsense?
Define Pfsense as a firewall and a routing tool is a very short description. It has a wide variety of plugins that allow it to work as:
- Firewall
- Router
- DNS/DHCP
- Proxy (with Squid and SquidGuard)
- Antivirus (with Squid, SquidGuard and ClamAV)
- IDS/IPS (with Snort or Suricata)
- VPN (IPsec or OpenVPN)
- Web filtering
- Captive portal
- Traffic shaping
- Load balancing
- High availability
Is it friendly?
Pfsense admin GUI is very friendly, it can be customizable with the main statistics and reports. In the menu bar there are options for each service and configuration.
For troubleshooting and debugging tasks has multiple tools as traffic capture, port scanning and others.
Apart of control tools Pfsense has modules for resources monitoring, alerting and periodic reporting.
I hope that with this article you have a general view about pfsense and all its functionalities. You can download it and find more documentation here.