RCC-VE Earns “Kick Ass” Award
Maximum PC today gave the open-soruce pfSense SG-2440 security gateway based on ADI Engineering’s RCC-VE board its“Kick Ass” award. By combining ADI’s high-performance Intel Atom C2000 RCC-VE board with the open-source pfSense firewall and gateway software and commercial support, the SG-2440 is a complete, highly extensible, high performance commercial-grade firewall at a very attractive price point – all built on free open-source software.
The SG-2440 (along with the higher performance 4-core SG-4860 and 8-core SG-8860 and the lower cost SG-2220) are available from the pfSense Store pre-built and ready to deploy, and include support. Users wishing to build their own open pfSense security gateways can also purchase ADI Engineering boards and systems from Netgate and load pfSense themselves.
Read the Maximum PC review here.
The pfSense project is a free network firewall distribution, based on the FreeBSD operating system with a custom kernel and including third party free software packages for additional functionality. pfSense software, with the help of the package system, is able to provide the same functionality or more of common commercial firewalls, without any of the artificial limitations. It has successfully replaced every big name commercial firewall you can imagine in numerous installations around the world, including Check Point, Cisco PIX, Cisco ASA, Juniper, Sonicwall, Netgear, Watchguard, Astaro, and more.
pfSense software includes a web interface for the configuration of all included components. There is no need for any UNIX knowledge, no need to use the command line for anything, and no need to ever manually edit any rule sets. Users familiar with commercial firewalls catch on to the web interface quickly, though there can be a learning curve for users not familiar with commercial-grade firewalls.
A partial list of pfSense features includes the following:
- Firewall with stateful packet inspection
- Easy to use Web Based Graphical Interface
- Installation Setup Wizard
- Configurable Dashboard with many available widgets
- IPv4 and IPv6 support
- Wireless Access Point (must install a wireless interface which supports hostap mode), including VAP/MBSS support on certain chips.
- Wireless Client Support (802.11 and 3G/4G with supported devices)
- Ability to setup and filter/isolate multiple interfaces (LAN, DMZ, etc.)
- [[Category:Traffic_Shaping|Traffic Shaping] (ALTQ, Limiters, 802.1p match/set, DiffServ/DSCP matching)
- State Table controls (per-rule / per-host limits, timers, etc.)
- NAT (Port Forwards, 1:1 NAT, Outbound NAT, NPt)
- Redundancy/High Availability – CARP+pfsync+XMLRPC Config sync allows for hardware failover. Two or more firewalls can be configured as a failover cluster.
- Multi-WAN Support
- Server Inbound Load Balancing
- Network diagnostic utilities such as ping, traceroute, port tests via the GUI (more with packages, such as nmap)
- VPN – IPsec (including Phase 2 NAT), OpenVPN, L2TP
- PPPoE Server
- RRD Graphs
- Real-time interface traffic graphs
- Dynamic DNS
- Captive Portal
- DHCP Server and Relay (IPv4 and IPv6)
- Command line shell access (Via console and SSH)
- Wake on LAN
- Built in packet capture / sniffer
- Ability to backup and restore the firewall configuration via the web GUI
- Edit files via the web GUI
- Virtual interfaces for VLAN, LAGG/LACP, GIF, GRE, PPPoE/PPTP/L2TP/PPP WANs, QinQ, and Bridges
- Caching DNS Forwarder/Resolver
- Can be run in many virtualization environments
- Proxy Server (using packages)