Author: Gordon Language: text
Description: RE Alternative to pfSense Timestamp: 2014-09-23 19:02:14 +0000
View raw paste Reply
  1. Hi Chris / Matt
  2. Further to your plea for an alternative to pfSense, I ran linux based firewalls in our enterprise for years from ipcop, smoothwall, firewall-builder & just iptables. The grow your own options became troublesome to administer and the linux FW distros several years ago all seemed to go to a commercial model with the community versions somewhat lacking in features or no updates.
  3.  
  4. I think your quest for a linux based box is a bit misguided. You need to find the right application for the job irrespective of the hardware or OS it is sitting on (obviously steering clear of proprietary solutions). You shouldn't need to go tweaking at the command line when every function is available in the gui with validated sense checking. In fact tweaking on the command line in a firewall distribution could potentially compromise the security of the firewall and cause problems with upgrades.
  5. To that end, does it matter if it is running linux or bsd if you never interact directly with the OS, so long as it is open? Stop searching for the holy grail when you have found it in pfSense.
  6.  
  7. We have numerous support staff who don't do linux command line stuff so a gui was imperative. We switched to pfSense at version 1.2.1 and are currently running 2.1.5 in 30 office dotted around the world. It has every feature I need and runs on very modest hardware. We run a HA fail-over pair of 8 nic boxes at each site on modest fanless/atom/SSD hardware.
  8.  
  9. Keep up the good work guys!
  10. Gordon
View raw paste Reply