Firewalls. Everyone needs one and buying a linksys, Netgear or D-link router just doesn’t give you the capabilities that you’ll eventually need. I’m an enterprise technologies architect with over 17 years experience and I’ve worked with all the major firewalls out there including Cisco PIX, Checkpoint, Sonicwall, etc.
There’s one firewall that everybody doesn’t even think about. It’s open-source, has the ability to give you VPN access, Site to Site VPN inclusive, Load Balancing, SIP Proxying, and all of the functionality and performance of a Multi-Thousand Dollar solution without the cost. All of this running on PC Hardware with no licensing fees. I’ve replaced every customer’s firewall with pfsense. Why? Because, simply, it gives you all the flexibility and extensibility + more of the big box solutions for FREE.
Properly configured, they are extremely secure and can do more than all the big box solutions without the ridiculous licensing fees.
I run Site to Site VPNs between my offices and my houses all over the world. Completely secure, completely redundant, and completely (nearly free). After all, I actually pay for the hardware (I buy used Dell Desktops).
So this article will discuss exactly what it takes to make it happen for your home setup, business, or enterprise. If you’re not an enterprise customer, the cost of the hardware is minimal. If you’re an enterprise, a set of redundant, load balancing firewalls should cost you less than $2000.00 USD if even that much.
So Let’s get started.
pfsense is one of the unknown firewall distributions out there that is easy to install and extremely robust with over millions of installations worldwide. It provides everything from transparent firewalling to proxying and more. VPN capabilities, dynamic dns, VOIP proxying, Network Intrusion, Network Statistics reporting, thousands of connections capacity, high throughput, and did I mention my favorite? Support from experienced experts and a community that is very active!!!!
If you run into any problems, I’m available to consult (at very reasonable fixed fees). Advice will always be free, but consulting is what I charge for.
I can even set up a pre-configured firewall for you and ship it out to you or I can come on location to do the job. (Your preference), but telephone advice will always be free.. Just contact me via my contact page on this blog with your information and I’ll be in touch with you very quickly.
So let’s get down to the nitty gritty. You can read about pfsense at the following link: http://pfsense.org
I recommend using an old PC you have laying around if you’re a small business. You can always use a netgate pre-configured appliance, but it won’t handle the p2p traffic or the throughput you’re really looking for unless it’s for an external employee, although, it would still be cheaper to put in a refurbished PC and you’ll get more power and throughput.
If you don’t have an old PC laying around, I recommend the following (please use these links as they actually provide me with a small commission). Buy a used Dell PC (refurbished) and add a couple of cheap Ethernet Cards. You only need two for a simple setup, although you can add as many as you want. I use Intel Based chipset ethernet cards, because they lower the CPU utilization on the machine and perform the best.
Download the pfsense distribution iso and burn it to a CD. The installation is self guided and will allow completely automate the installation for you. Just remember to install it on the hard drive *anything with 20 GB or more is plenty*. Then it’s just a matter of configuring the options you want and it just “works”.
I will be writing a how-to on rules and setting up pfsense properly for a variety of situations, but if you have something special, please feel free to drop me a line and I’d be more than happy to entertain writing a blog post about how to do it.
If you’re in need of a pfsense box and don’t feel comfortable setting one up, I can do it for you. Just click on the Hire me link and let me know. We’ll talk about your needs and within a week or so, you could have your very own pfsense box doing all the magic you need it to do.
**Update**
I’ve opened up a new webstore called cheappfsensefirewalls.com
The concept is to sell pfsense firewall appliances. Let me know what you think. Also, for any purchase from the store, I will donate $5.00 towards to the pfsense developers. So hopefully, some of you will be interested in purchasing a firewall from me.
I will help you configure the firewall completely and to your specifications as well. One of the nice things about the firewall is that you will gain alot of extra throughput and features your current router probably doesn’t have.
Comments and suggestions would really be appreciated.
Cheers.
Of-course instead of getting paid firewalls there are many free downloads available in the market now and its better to utilize these resources to be more secured.
Is pfsense is licensed one?,does it applicable for every browsers and OS?, in what way it is different from other firewalls?….
The pfsense license is located at: HERE. It is free for commercial use, but I always suggest that my commercial clients make a donation to the pfsense organization if they use it and like it. It keeps the product going. It works with most major browsers (IE, firefox, chrome, safari).
The main difference with pfsense vs. the commercial firewalls is really the fact that you get all the functionality you would normally pay “upgrades and license fees” you could get with the commercial options.
Let’s put it this way, for every major technology, (IPSEC, VPN, PPTP, Proxying, Captive Portals, Rules Based Firewalls, Stateful Inspection, Intrusion Detection, etc), there is an open source project that supports the exact same thing. Pfsense offers these technologies in their distribution for free vs. paying the “per license” or “per seat” fee.
Pingback: Seriously Speeding up Windows 7 and other Computers [Bootcamp compatible] | Swimming In Thought