pfSense CE vs OPNsense 2024 ...and that video
Vložit
- čas přidán 31. 07. 2024
- Firewall comparison of pfSense CE and OPNsense, two of the most popular open-source firewall solutions! The debate of pfSense vs OPNsense is long standing and will continue on-going.
From concerns of Netgate pushing their commercial product pfSense+, to licensing and trademarks, where and how you can use these devices, including commercially. Looking at all aspects from history, user experience, performance, hardware requirements and much more!
Whether you're a network administrator, IT professional, or a tech enthusiast, this video is for you.
In the second part of this video, I'll take a look at the recent video from Tom Lawrence / Lawrence Systems: "Why I'm NOT Using OPNsense"; and why this doesn't necessarily mean you shouldn't; including security and updates, Wireguard performance, OpenVPN DCO, FreeBSD 13 vs FreeBSD 14 and Netgate using non-released versions of FreeBSD for pfSense.
Forum post:
forums.sheridancomputers.co.u...
In this video, we delve into:
👉 The history and origins of both pfSense and OPNsense
👉 Key features and security capabilities
👉 User interface and usability comparisons
👉 Performance metrics and scalability
👉 Licensing and cost considerations
👉 Update and change management strategies
👉 Community support and commercial support options
👉 Real-world applications and user feedback
👉 That video...
#pfSense #OPNsense #OpenSource #Firewalls #FreeBSD
=== GET IN TOUCH ===
📣 Hire Us: Hire us for a Project
sheridancomputers.co.uk/contact
📣 Forums: Discussion on Videos
forums.sheridancomputers.co.uk/
📣 Facebook: Follow Us on Facebook
/ sheridancomputers
📣 LinkedIn: Connect with us on LinkedIn
/ 1036033
📣 Twitter: Get in touch on Twitter
/ sheridancompute
📣 Website: Our Website
sheridancomputers.co.uk/
===
Timestamps:
00:00 Introduction
00:52 The Debate
01:56 Brief History
03:04 Ownership and Development
03:58 Core Feature Comparison
05:19 User Interface and Usability
06:24 Performance and Scalability
08:12 Extensions and Customisation
12:24 Licensing, Cost, and Trademarks
17:42 Security and Privacy
19:36 Feature Updates
21:17 Case Studies and Feedback
22:35 Popularity and Trends
27:25 Conclusion
29:44 That Video: Why I'm NOT Using OPNsense
42:01 Leave your feedback
=== AFFILIATES & REFERRALS ===
🛍️ Amazon Affiliate Store: Products We Use
www.amazon.co.uk/shop/sherida...
AUDIO AND VIDEO
🎧 AE Juice: animation tools, plugins and presets
aejuice.com?r=140583
CLOUD HOSTING, SERVERS AND STORAGE
☁️ Digital Ocean: VPS & Storage
m.do.co/c/2002cff5b289
☁️ HostiFi: Cloud UniFi Controllers
www.hostifi.com/?via=sheridan
☁️ Vultr: VPS & Storage
www.vultr.com/?ref=9275492
Patreon
💳 / sheridancomputers
=== - Věda a technologie
I've been running Opnsense for over 8 months non-stop with zero issues. Its running in a virtual environment on Proxmox on an old optiplex with 8gb without any issues.
Glad to hear 🙏
I'm still on pfsense because opnsense takes a long time to add security fixes, some of them take months.
Thank you for the video showing the value that OPNsense brings to the table with Free-BSD feedback and also in your comparison! i will admit that I was a previous user of pfSense for many years, but always had various issues. While minimal, they were still a pain. Having moved to to OPNsense, I have been very pleased...so much so that I've purchased Decisio hardware (DEC850). I acknowledge it is way more power than I truly need, but I looked at it as a way to support the project. Thank you again for the informative comparison!
Thank you for taking the time to leave feedback on this, and I'm glad OPNsense is working for you. Using official hardware is also a massive help supporting the project, similarly to those who buy official pfSense hardware help support that.
I tried to provide an unbiased opinion and reasons different people might find for using both, from homelab to business.
I also tried to defuse some of the misconceptions being thrown around about OPNsense.
Amazing and comprehensive piece of work. Thank you very much.
Thanks for the kind words and feedback!
I really should get around to trying OPNsense, another interesting video, maybe this will spur me on to giving it a go.
Good comparison. I have used your tutorials and Tom's tutorials for many years. I prefer not having to constantly update systems so pfSense CE is a very safe approach in my mind. I think the entire IT industry is imploding with AGILE and now CI/CD methodologies. Banks, Insurance Companies and Telco's are constantly doing what I call Continuous Destruction and Continuous Interference. The root of the problem is that Cloud and Hybrid Cloud architecture enables Devops folks to bust things daily all over the planet. What ever happened to good old Q/A and pilots/staging followed by soaks of software before you go victimising your entire user base.
Don't get me started in cloud lol..
@@sheridans I keep getting sales people trying to sell me on cloud services, I just tell them I'm anticloud and that recurring contracts are difficult to get through my budget process. But it never stops, they will try to push me to this again in a couple of months.
Tell me about it!
I've been running OPNsense on a N3450 8GB ZimaBoard with 4-port Intel i350 PCIE NIC for 5 months now with no issue. I bought a second ZimaBoard as a cold spare.
I have used pfsense for a quite a few years. I have evaluated opnsense a few times over that period, but have always found a blocker to moving across. The last time was about 6 months ago and I found the bgp and frr interface on opnsense lacking compared to CE and especially plus. One of these days there might be alignment and I might actually switch.
Check back when OPN gets to 24.7 which is on BSD 14.1 which might bring some of those features.
Nice video, I learnt a lot from the last chapter, put it to a more consideration when comparing apples and oranges.
I think the CE version will be dropped, and tbh I'm not really willing to pay a recurring licence going forward for the plus version.
I have a simple network setup for media and cctv and have in fact dropped pfsence for a unifi cloud gateway that cost I think £99 + £12 postage, I'm happy with it and will keep pfsence box for spare, but I think after this video I'll be putting Opnsence on it.
Unifi gateway is great if you don't need the extra bells and whistles
I have been trying to create bootable media for OPNsense and can't figure it out. Rufus, Balena Etcher, etc. I made a bootable DVD but it took 45 minutes to boot the live session on my Lenovo ThinkCentre that's been running pfSense for 6 years and then the clone/install takes an hour and is non-bootable. Anyway, I only dabble, obviously I am too stupid to even create an installer.
Nope, not to stupid! The CD installer did not work through Etcher or Rufus for me. I dropped it into Ventoy and it worked. I think you can drop the VGA installer in Ventoy as well.
@@minigpracing3068 ventoy worked! Thanks! 👍
thank you for answering that 😊
Ventoy did the trick! Thanks!
@@psion13 thanks for the update! Glad you got sorted
I'am running OpenWRT
I haven't used it tbh, maybe I should take a look. Never had a need. Thanks for that 👍
I used pfSense for a year and liked it a lot. I opted for a better UI and changed to OpnSense this year at the cost of community and tutorials. I immediately needed stronger hardware due to my elections. Once I got into ZenArmor I found myself overburdening 4 cores and 16 gig of ram. It was not the count of cores though, it was outdated low refresh rate processors that killed it. Literally killed it. I could not log in and the bandwidth was simply gone for my devices. Now I am running AMD Ryzen 5 5600x 6 cores 12 threads and 42 gig of ram with a 250 gig nvme. WAY OVERKILL. I am running one or two threads of that. I am also using about 8 gig of that ram. As far as hard drive it barely touches it I think 15 gig. I purchased the ZenArmor license and that has me locked in. I see no reason to ever go back to pfSense.
Heh, yeah that is way overkill. I have some videos coming up on ZenArmor, which they've graciously agreed to provide me with the full licenses to cover all their features
@@sheridans As a software engineer going on 38 years and working from my home I would rather have tons of headroom than iffy resources. So I tossed the kitchen sink at it.
This isbway overkill. I run an i310100 (4c/8t) with 16gb ram.on a 512hb nvme ssd. No issues with hitting a gigabit up/down with zenarmor/firewall. I have default rules etc, but it doesn't come close to maxing out the i3.
OPNsense on EoL Sophos devices 🎉
Not sure what you mean, I've never installed, or would recommend installing anything on an EoL device.
@@sheridans Software support is EOL on those devices which is what he is referring to. Hardware still works so might as well re-purpose it using the alternative such as pfsense or OPNsense. The large Sophos firewalls are just regular x86 machines so any OS will run it.
Got it, ty
You can use whatever you want, and Tom was very clear on his video. However, If you criticize someone, and have valid points it is ok, you do not have to apologize for it. Statements come BEFORE everything. After the fact it is like an apology, and do not seem honest. You have to be objective and do a full review, not just pick and analyze some points of a video, especially if you potentially commit these errors: You can’t counter a thing with an another (apples with oranges). You cannot give words in other peoples mouth, and criticizing for it, and countering it by doing the “same” (the suggesting thing). You cannot state I am not doing this and that, and than doing that exactly thing (and statement comes BEFORE). Well you can do all above, but you loose credibility. And yes, you should made this to a separate video...
Thanks for the detailed feedback, 👍. This how we improve on constructive criticism