[Snort-users] Is pfSense the Best Open Source Firewall/IDS/IPS in the World?

Joel Esler (jesler) jesler at cisco.com
Thu May 31 13:26:26 EDT 2018



On May 31, 2018, at 10:00 AM, Turritopsis Dohrnii Teo En Ming via Snort-users <snort-users at lists.snort.org<mailto:snort-users at lists.snort.org>> wrote:

My questions are:

(1) Is pfSense, coupled with Snort, the best open source
firewall/IDS/IPS in the world?

It certainly is the number one from our (Snort.org<http://Snort.org>'s) perspective (in terms of users).


(2) Is pfSense on par with commercial network security appliances,
including but not limited to
Cisco ASA, Cisco Sourcefire, Fortigate, SonicWall, etc?

No.  Those commercial platforms provide far more.


(3) Is Snort able to detect malware and ransomware before they reach
the endpoints?

The blanket statement of "able to detect malware and ransomware" is quantifiable as "all malware and ransomware". Nothing can detect "all".

Seems like Emerging Threats Pro (ET Pro) signatures at
proofpoint.com<http://proofpoint.com/> are able to. How much are you required to pay for these
signatures?

As is the Snort Subscriber Rule Set available on Snort.org<http://Snort.org>.  As for how much ET Pro is,  I have no idea.  Our pricing is here: https://www.snort.org/products, and as far as we know, is the lowest in the industry, commercial or otherwise.


(4) Where can I get quality guidance on configuring Snort in pfSense?

The pfsense forums I hear are pretty good.  Or here.

--
Joel Esler
Sr. Manager
Open Source, Design, Web, and Education
Talos Group
http://www.talosintelligence.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20180531/4aa758f5/attachment.html>


More information about the Snort-users mailing list