Pfsense – With out doubt a very good software firewall

An account from a happy user of pfSense:

“I had been reviewing pfsense firewall recently. After using an outdated Watchguard firebox for long, we wanted to replace it with something reliable and easy to manage remotely. Previously our NOC team was looking at Endian for a lot of customers but it ended up as a wrong choice of technology with many of the stuff not working as expected and some of the crucial features missing or not working no matter repeated attempts.

Installation of Pfsense is straight forward but can be a little confusing for a novice user especially assigning the WAN and LAN interfaces. But there are lots of step by step installation videos in youtube to rescue. Once you have got the web based GUI, then configuring everything is a breeze. I liked the PPTP feature which many of the s/w firewalls were missing.

Since we liked it a lot we are moving our internal office n/w also under pfsense which means ‘RIP’ for the pretty old watchguard or serve me at my home.”

Source (confiance.com): Pfsense – With out doubt a very good Software firewall

pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution.

Chris Buechler has created a list of pfSense 2.0 New Features and Changes.

A work in progress list of 2.0 new features and changes is available. I think that has most of the changes, but it’s definitely missing some. If you notice anything that was missed, please leave a comment. We’ll be adding to it as we review the list more in the coming days. (source)

Audio presentations: 1 pfSense and 2 BSD for Linux Users

Dru Lavigne has uploaded the audio file of her presentation at SCALE 2010 talk on BSD for Linux Users is now available in mp3 format. Slides are available as PDF

She also mentioned an mp3 of a NYCBUG session on PFSense II, Rocking The Datacenter.

pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution.

pfSense 2.0 Beta 1

pfsense-logoChris Buechler has announced the availability of the first beta release of pfSense 2.0, a FreeBSD-based firewall system.

Our Christmas gift to the community is the 2.0 release reaching the beta milestone. The release is feature complete, with no new features being added, and should stay relatively stable throughout the remainder of the development process.

That’s not to say it’s production-ready though, most of our developers are using it in production and have been for months, but unless you have a solid understanding of the underlying system and can manually verify the configuration, 2.0 is not yet for you. If you have a non-critical environment where you can try it out, you can find the latest build on the snapshot server.

Read the complete release announcement for further details and known issues

Released: PC-BSD 8.0-BETA

pc-bsd logo 100x100Kris Moore announced on New Year’s day the availability of PC-BSD 8.0-BETA (Hubble Edition).

Version 8.0 contains a number of enhancements and improvements. For a full list of changes, please refer to the changelog. Some of the notable changes are:

  • FreeBSD 8.0-Release
  • KDE 4.3.4
  • Brand new System Installer, allows the install of PC-BSD or FreeBSD
  • Run in Live mode directly from DVD
  • Updated Software Manager, allows browsing and installing applications directly
  • Support for 3D acceleration with NVIDIA drivers on amd64

Version 8.0-BETA of PC-BSD is available for download from our mirrors, and will be available shortly as bittorrent from www.gotbsd.net.

In order to prepare for 8.0-Release, please report any bugs to the Trac Database! Discussion regarding testing etc are taking place on the testing mailinglist.

Links

Dru Lavigne has finished the first draft of the Definitive Guide for PC-BSD. This book is based on PC-BSD 8 and is written for the novice user. Will keep you posted when the final paper version is published.

Released: pfSense 1.2.3

pfsense logo 100x100Chris Buechler has announced pfSense 1.2.3

1.2.3 release is now available! This is a maintenance release in the 1.2.x series, bringing an updated FreeBSD base, some minor enhancements, some bug fixes, and a couple security updates. We’ve been waiting a few weeks in anticipation of a FreeBSD security advisory for the SSL/TLS renegotiation vulnerability, which came last week and allowed us to finalize the release.

The primary changes from 1.2.2 are:

  • Upgrade to FreeBSD 7.2
  • Embedded switched to nanobsd
  • Dynamic interface bridging bug fix
  • IPsec connection reloading improvements
  • Dynamic site to site IPsec
  • Sticky connections enable/disable
  • Ability to delete DHCP leases
  • Polling fixed
  • ipfw state table size
  • Server load balancing
  • UDP state timeout increases
  • Disable auto-added VPN rules option
  • Multiple servers per-domain in DNS forwarder overrides
  • No XMLRPC Sync rules fixed
  • Captive portal locking replaced
  • Outbound load balancer replaced

For futher details, the changelog and download info, visit the pfSense 1.2.3 page

PC-BSD and pfSense books

Authored by pfSense co-founder Chris Buechler and pfSense developer Jim PingleThe Definitive Guide to pfSense covers installation and basic configuration through advanced networking and firewalling of the popular open source firewall and router distribution.

This book is designed to be a friendly step-by-step guide to common networking and security tasks, plus a thorough reference of pfSense’s capabilities. The Definitive Guide to pfSense covers the following topics:

  • An introduction to pfSense and its features.
  • Hardware and system planning.
  • Installing and upgrading pfSense.
  • Using the web-based configuration interface.
  • Backup and restoration.
  • Firewalling fundamentals and defining and troubleshooting rules.
  • Port forwarding and Network Address Translation.
  • General networking and routing configuration.
  • Bridging, Virtual LANs (VLANs), and Multi-WAN.
  • Virtual Private Networks using IPsec, PPTP, and OpenVPN.
  • Traffic shaping and load balancing.
  • Wireless networking and captive portal setups.
  • Redundant firewalls and High Availability.
  • Various network related services.
  • System monitoring, logging, traffic analysis, sniffing, packet capturing, and troubleshooting.
  • Software package and third-party software installations and upgrades.

The first review of the book is out now.

Congratulations to pfSense for their 5 year anniversary.

pc-bsd logo 100x100Dru Lavigne is currently working on a book on PC-BSD: Definitive Guide to PC-BSD

I’m about 2/3 of the way through book #3 on BSD, tentatively titled “The Definitive Guide to PC-BSD”. This book will be through Apress, and I’m excited that it will include a live DVD of PC-BSD 8.0 so you can follow along as you read it. The book is designed for users new to BSD up to existing PC-BSD/FreeBSD power users. Think of it as the type of book new users can grow into while existing users can still find nuggets of “I didn’t know that”. I’ve also concentrated on the importance of community–a concept new users aren’t used to and most tech books never mention.

Here is the Table of Contents: