When you first get started on your cybersecurity journey, you quickly come in contact with firewalls, and you soon learn about things called “Next Generation Firewalls” (NGFW). Now, the notion of NGFW’s leads into discussions on just what an NGFW is, and whether or not it’s just a buzzword used to sell firewall appliances and enterprise gear. That doesn’t really matter here, what matters is that they’re really cool, and they have a lot of “wow” factor.
Then you learn about something called “pfSense”, which, while not having all the features that what goes for a NGFW does, it DOES happen to have a lot of advanced features under the hood (such as the capability to run a VPN), and the use of packages can allow you to install the popular Snort or Suricata IDS/IPS systems. Oh, and it’s free. So there’s a lot there to be attracted to.
Installing pfSense is incredibly simple. I installed mine on a hardware firewall appliance, a Sophos XG 115, without any complications or hiccups. There were some tweaks that that had to be applied for installation to take place, but these are all easy to find on the internet. You can google “reddit sophos pfsense” and immediately see posts that outline these methods of installing pfSense on a Sophos XG 115. All in all, it was a painless procedure to go from wiping the Sophos of its proprietary OS to having a working pfSense firewall which successfully routed traffic from my local network over the internet. Yep, it replaced my router too.
I was able to run some quick experiments involving installing the Snort packages and setting up a VPN to allow local network access from my phone that was connected via cellular data. Both took very little time, and there are a lot of tutorials on how to do both, no problem.
I think that working with the pfSense firewall can give a budding cybersecurity enthusiast a good taste of what it’s like to configure and manage an NGFW. Even if some things like layer 7 packet inspection are missing, there’s plenty there that can easily transfer to full scale commercial NGFWs, such as IDS/IPS and VPN installation and configuration.