pfsense OR OPNsense? YOU DECIDE!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi I'm Willie welcome to my channel thank you for being here I appreciate each and every one of you and if you need IT consulting you can go to Willie Hakam fill out that contact form and someone will be with you as soon as possible if we can't help you we'll get you to someone who can that's our promise to you if this is your first time here go down and click subscribe click that little Bell notification icon as well so you'll be notified when new videos do come out I want to thank everybody for being here whether you're new or returning I do appreciate each and every one of you what we're talking about tonight is a question that I get a lot ah a couple years back I talked about how I preferred open sense vs. pfSense and I got a lot of questions and so I thought well maybe it's time because I still prefer open sense over PF sense now I do run them both and I do have clients that run them both and I do support them both but one of the major differences for me as you'll see is the web UI and kind of the intuitive Ness of the system of open sense but first I've got this nifty spreadsheet that I put together and I got this information from both of their websites from the pfSense website and from the open sense web site so let's take a look at the features and I'm just hitting some kind of high notes here and you'll see that both of the systems today kind of they kind of fill the same void so let's take a look at this so 2fa for the user interface both pfSense and open sense support that and i'm gonna go down these issues and/or down these features and we'll kind of see where they're parallel we'll talk about where we diverge kind of at the end and then we'll actually go around and go and poke around in and you can kind of judge for yourself so they both support 2fa for captive portal for Open VPN IPSec VPN and web proxy they do both have captive portals they support site to site IPSec VPN site to site Open VPN PPTP client IPSec client open VPN client you should not be running PPTP client but it is still listed and apparently maybe there's some legacy systems that need that so we'll keep that on the list they both support high availability in the hardware you know if you have you can run two appliances in high availability mode they can both be caching proxy caching proxies they both do intrusion detection and Prevention and can do that in a transparent mode kind of in line and I just deployed one of those so look for that video here pretty soon they both do dynamic DNS you can backup to the cloud backup locally they both have stateful firewalls both support VLANs both projects have really nice constantly updated documentation and that is super super important especially for open source projects to have documentation sometimes you'll get a really powerful piece of open source software but the documentation sucks not the case with either of these either of these projects they both have dashboards you can do cap chip cap pack packet capture they both support net flow you can do firewall rules based on fully qualified domain names that's super powerful right there both have traffic shaper SSL fingerprinting quality of service web filter they do both have updates but that's going to be one of the differences that you're going to see here they both support forwarding one to one NAT outbound NAT hairpin NAT IGMP proxy universal plug and play DNS filtering via Open DNS and you can do DNS filtering with more than just Open DNS you can do it with any DNS filtering company that you want to use and put the firewall rules in place they both do multi wham load balancing / and aliases they can both be NTP servers they both support SMTP they have full Diagnostics you can get awesome community support you can get paid commercial support now here's where some of the differences start coming in and this is originally why I started using open cents so we talked about modern modern web UIs and if you remember when pfSense was kind of forked from mono wall the firewall itself is super powerful so I can't knock that but the web UI left something to be desired especially if you were used to using mono wall mono wall was awesome in fact I think just for nostalgic sake I need to find mono wall download that an IP cop and an IP fire and a couple of those older ones IP fire and I pick up I think are still updated I don't run either those anymore I just took my last IP firebox out of production less than a year ago but if you saw mono wall and the original pfSense you'd be like what who did this right so you're gonna see so open sense to me the interface has always been cleaner than PF sense and I think that might have been one of the things where they they kind of diverged and then as far as quick updates open sense actually has a pretty steady stream of quick updates quick patches and things like that and pfsense doesn't put those updates out as fast as open sense now you could look at that as a good thing or a bad thing I look at it as a good thing as long as the updates aren't breaking the system and so far I haven't had any complaints about those updates break in the system or making it unusable so the other thing is open sense has taken some of the modules and I was actually talking to the developer and some of the modules are the the subsystems that had issues in the past logging captive portal traffic shaper limiter web proxy ids/ips they actually rewrote those subsystems scratch for open sense open sense so those are different than PF sense so he also told me the plug-in framework has a better rewrite and offers better extensibility without having to deal with core modifications so I am not so much on that side of it I don't do any development really for the system I just take what they've given us and use it right so and the other thing that I'm not sure about a PF sense but I know for sure with open sense is that that the two-factor authentication will work with a remote radius server so that's kind of the highlights you can go look this up I'll leave a link to this spreadsheet I don't know how much good it'll do you but I'll leave a link to the spreadsheet down below now here we are we're gonna put PF sense and open sense side by side so what I've done is these are vanilla systems they're installed in VMs and we're logging into the land interfaces default passwords and everything so just looking at the system here's the dashboard for PF sense and here is the dashboard for open sense I'm a I I don't know what's hardwired in me for what but I like those menus on the left hand side instead of those drop-down menus and I will tell you that the reason you know that I originally started using open sense is because this system looked and looked it was to me it was more it was better organized and it was easier to use so what I don't do is I don't sell a system unless you want it you specifically request it where you have to keep calling me for support every time right I'm gonna package solutions together for you so that if you want to manage us on your own it's easy it's intuitive it takes very little training we can get you up and rolling take the training wheels off and you're set I didn't feel like I could do that with pfsense the menuing system if we look over here on open sense it's very nice and clean and even though they have changed this on pfsense we still just have these menus up here and I just I don't feel good about the menus and it's just something about taking this and put it in front of a customer it can be very daunting whereas you have this nice clean layout and kudos to open sense yes let's be realistic something as small as the way the menus look to an end user who's not someone technical can make a world of difference in the way that they use a product so you know when I have more technical people and they want you know pfSense not a big deal because that person's technical they're gonna get in the weeds they're gonna get in there they're gonna learn it you know if somebody wants to manage their network open sense is gonna do everything pfSense is gonna do but me it in my opinion it's got a fancier bow on it it looks better it's more intuitive as you're walking around or as you're navigating the the menu structure so right under system you can see we've got all this advanced we've got and then so advanced admin access NAT firewall networking miscellaneous system tune of system tunable notifications so if we go down to system here we kind of get that exact same thing but it's presented in a different it's presented in a different way I don't get this I get this nice menu over here I can click on access that menu so they've they've put a lot of thought and how-to it's it's basically the same menu really if you look at it but it's presented to the user in a different way and user manager will do users so user manager and then users I was I just clicked users so here it's called you know I got to go to user manager as in here it's just users little things like that they compound and they they add up you might think it's silly but I've seen it in practice over a lot of years that something as simple as the UI for someone that I'm gonna hand this off to and they're gonna manage it it makes makes a world of difference what else can we go to let's see we'll go to interfaces let's take a look at interfaces and assignments so here's the interfaces and assignments here is our interfaces here we can go to an overview of the interfaces here we have our land and our land and the UI is is just it's more appealing you're gonna hear me say that over and over and over again here's our assignments so you can see interface assignments to get to the same place this is the PF sent screen this is the open sense screen and we could go through the whole thing but do yourself a favor if you want to see the difference just download open sense download pfsense throw it in a VM and play around with it so I've got some PF sense an open sense of videos coming and we're actually gonna put a VPN between the two and and all that good stuff to show you how I mean it really is once you understand the systems and how they how they work how they want to be configured to make things work properly it's just like you can you know you saw the videos where we took a PF sense box and we you know made a VPN to an edge router well we can do that to a microchip we can do that to a SonicWALL we could do that to a WatchGuard to a Palo Alto and you know we're gonna do it to an open sense box so those are the kinds of videos we got come on we're gonna delve into some of this stuff especially the two-factor authentication is definitely something in 2020 that if you haven't done it yet you should be thinking about so you know let me know what you think about the interfaces you know try to keep the comments positive but let me know what you think about the interfaces down below I'm a huge fan of the open Sense interface so I am going to support both of these but for end users who are not super technical that want an easy and managed system I'm gonna go with open sense every time I've not been burned with it yet so I don't see any reasons you know I I was actually was talking to somebody and they said that those updates that come out so quickly is part of the reason they don't use it but as long as the updates aren't causing problems and they're tested got no problem I'd rather be up-to-date than waiting for someone to turn around now pfSense does when there's a critical issue they do get those updates out very quickly so I'm not saying anything negative about that what I'm saying is the reasons why I use this and why I am you know driven to use it and and give it to my users so I've got some open Sense content coming it's a more pfsense content so hang in there it is gonna be a week or so or week or two I've got some green stream videos coming out but definitely look for this this is gonna be on deck along with some other Cisco videos we're gonna take open sense and PF sense and we're gonna connect them to a Cisco and we're gonna connect them to an edge router so and maybe we'll connect them all together we'll have to see how that works out so let me know what you think about the difference in the interfaces and if you use PF sense or open sense down in the comments and if you like this video please give me a thumbs up please subscribe please comment share please follow me on Twitter and Instagram if you need IT consulting the link is down below we'll ehow.com fill out that contact form and we'll be in touch if you'd like to support the channel by becoming a patron on patreon and thinking to those folks that link is down below and as always our Amazon affiliate links and other affiliate links are down below don't feel pressured to use those it's totally optional but when you do use those it doesn't change your price and it does kick a couple of bucks over to the channel and that is always appreciated to keep some of this gear rolling in once again my name is Willie I want to thank you for being here and as always I'll see you in the next video

Info

Channel: Willie Howe

Views: 50,956

Rating: 4.750248 out of 5

Keywords: pfsense, opnsense, pfsense vs opnsense, pfsense vs ubiquiti, pfsense vs untangle, opnsense vs ipfire, opnsense vs pfsense, opnsense vs untangle, firewall overview, willie howe, willie howe technology, what firewall should i use

Id: YyL25wyvsks

Channel Id: undefined

Length: 15min 4sec (904 seconds)

Published: Wed Mar 04 2020