The growth of internet has prospered unethical practices like hacking and intrusion. The threats and vulnerabilities can prove lethal for companies. No wonder, measures are now taken to secure the network environment and still there are reports on a daily basis about the cracking attempts.
A number of hardware and software are now available to deal with such attempts. High in class firewalls and security devices are used in the MNCs as well as by the Government organisations. But security devices come at a cost, both in terms of annual maintenance as well as for one time capital expenditure.
OPNsense is a powerful and user-friendly firewall as well as a routing platform for network security. The open source software is free and available under the FreeBSD licence, which makes it to more reliable. It has excellent features to guard the network against assorted attacks and malicious intrusions.
OPNsense stands out as most secured modules and features available only to the very expensive proprietary and commercial firewall systems are accessible with it. Bootstrap framework based GUI offers web based interface to enable and deliver the user friendly platform without any complications.
Other powerful features of OPNsense include:
a. Rule based traffic transmission
b. Forward caching proxy and blacklisting
c. Supports IP-less firewalls
d. Traffic shaper
Integration with OpenSSL / LibreSSL
The OPNsense images are integrated with OpenSSL and can be selected on demand. LibreSSL is usable and selected from the GUI as System -> Settings -> General.
The default user name in OPNsense is root and the password is opnsense.
Key components and the GUI of OPNsense
Lobby: Click on the OPNsense logo on the interface and navigate the Lobby as well as the dashboard directly.
From OPNsense Lobby, the following options can be selected:
Dashboard
Widgets
Licence information
Change password credentials
Logout
Menu: From the Menu, the network administrator can select various security and configuration features to be changed and customised.
There are three levels of layers in Menu:
Category level
Function level
Configuration level
The depiction directs the user to change the settings and then select from the firewall.
Settings -> General
Setting up the IDS and intrusion prevention system
To enforce and enable the IDS/IPS, select Services -> Intrusion Detection and then enable the IPS mode.
The set of rules can be configured for different modules.
Scheduling: Scheduling is very important in network monitoring and control, so that a regular and timely fetching or sync can be done with the server.
Click on Schedule. A new pop-up window is generated with options.
Setting up an anti-virus engine with OPNsense
OPNsense provides an excellent and powerful standard ICAP (Internet Content Adaptation Protocol) for protection of HTTP as well as HTTPS traffic connections against assorted malware including trojans, botnets, malware, viruses and many others. It has an effective communication layer with third party engines including the Symantec Protection Engine.
After selecting the anti-malware engine, configuration is required. To encrypt the traffic with ICAP, there is a need to implement VLAN because the traffic in ICAP is not encrypted by default.
To configure ICAP, the navigation is Services->Proxy->Administration. Then select ICAP Settings for the Forward Proxy tab.
