OPNsense: the "open" firewall for your datacenter

Werner Fischer

Playlists: 'denog10' videos starting here / audio / related events

OPNsense is an open source and easy-to-use FreeBSD based firewall and routing platform. In this talk Werner will give an insight into the features and architecture of this firewall, which is being developed with a strong focus on security and code quality.

OPNsense has started in January 2015 as a fork of pfSense® and m0n0wall. Now - almost four years later - OPNsense brings the rich feature set of commercial offerings with the benefits of open and verifiable sources. It's feature list ranges from basic features like the Stateful Firewall and Caching Proxy, over Unified Thread Management functions (Suricata-based IDS/IPS, Virus Protection, VPN, ...) up to enterprise features like High Availability clustering or an API for automation purposes. A modern and intuitive web interface makes configuring firewall rules also for beginners funny.

In this talk, Werner Fischer will outline OPNsense's FreeBSD/HardenedBSD-based architecture and how you can take advantage of additional features using OPNsense plugins. He will also show how to initially setup an OPNsense firewall, and how you use datacenter-features like High Availability & Hardware Failover or Dual Uplinks.

Open (source) makes sense - also for your firewall :-)