What do you get when you cross an enterprise-class packet filtering subsystem with a graphical front-end for easy configuration and maintenance?  A throbbing headache for commercial vendors like SonicWALL, that’s what.

pfSense is a FreeBSD-based firewall distribution that uses the excellent packet filter (PF) subsystem ported from OpenBSD.  pfSense started as a fork of the m0n0wall project but has evolved beyond their focus on embedded hardware to be well suited for a wide variety of PC systems.  One of the founders, Chris Buechler, will be coming to DCBSDCon to present a new talk entitled Network Perimeter Redundancy with pfSense.

This session will first provide an introduction and overview of pfSense and its common uses. It will then go on to cover means of providing redundancy for the critical portions of your network perimeter using pfSense, including redundancy for your Internet connections, firewalls and DNS. Live configuration examples will be shown for as many of these topics as the session’s length permits. This session will cover pfSense 1.2.1, but will also offer an overview of some of the enhanced capabilities in this area that pfSense 2.0 will provide in the future.

As a firewall nerd, I’ve been pleased to see pfSense bring the PF codebase to a wider audience.  I’m looking forward to seeing the new features they’ve released in 1.2.1 as well as the upcoming features in 2.0.  This talk should be of interest to network and systems administrators alike.

News Chris Buechler, FreeBSD, networks, OpenBSD, PF, pfSense, security