I've been using a vanilla pfsense install with minimal configuration changes, and now with my circuit upgraded I'm looking to get a bit more granular in terms of utilization graphs, caching and other security type add-ons.
What are you using in pfsense and how do you like it? Tips/Tricks?
I'm considering:
- Squid + reporting package to view hits/misses/ip usage/etc
- Snort
- Anti-Virus (ClamAV or ?)
- Something to analyze bandwidth / where it's going. Ideally would like to see a graph similar to how vmware does utilization for CPU so you can view 'entire usage %' and then per-core. I'd like to see WAN, LAN, and then each local IP utilization currently / over time and history.
- Security Tweaks (blocking entire countries, and other suggestions?)
- Is there built-in IP list to 100% deny IPs on that list? IE: Using some type of spam or security back-end to populate this list? (Maybe pfBlockerNG)
- What about 'access blocker' for my family... ie: list of sites I can maintain + package for 'not good for kids' sites?
I take it it's not advised to use pfsense as a syslog server too, even though that is a package I see on the list?
Looking forward to hear what everyone else is using, etc...
What are you using in pfsense and how do you like it? Tips/Tricks?
I'm considering:
- Squid + reporting package to view hits/misses/ip usage/etc
- Snort
- Anti-Virus (ClamAV or ?)
- Something to analyze bandwidth / where it's going. Ideally would like to see a graph similar to how vmware does utilization for CPU so you can view 'entire usage %' and then per-core. I'd like to see WAN, LAN, and then each local IP utilization currently / over time and history.
- Security Tweaks (blocking entire countries, and other suggestions?)
- Is there built-in IP list to 100% deny IPs on that list? IE: Using some type of spam or security back-end to populate this list? (Maybe pfBlockerNG)
- What about 'access blocker' for my family... ie: list of sites I can maintain + package for 'not good for kids' sites?
I take it it's not advised to use pfsense as a syslog server too, even though that is a package I see on the list?
Looking forward to hear what everyone else is using, etc...