pfSense
Version: pfSense version 2.3.1.
pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint.
Netsurion Open XDR collects the logs, helps administrator to analyze the events and generate the reports for the defined firewall rules and monitors the configured alerts.
Netsurion Data Source Integration for pfSense allows you to visualise the following components:-
- Security – Traffic allowed and blocked details.
Once pfSense is configured to deliver events to Netsurion Open XDR; alerts, dashboards and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | pfSense – IPsec tunnel down | This alert is generated when IPsec tunnel goes down. |
Reports
| Type | Name | Description |
|---|---|---|
| Security | pfSense – Traffic allowed and blocked details | This report provides the information related to traffic details. It consists of columns such as EventTime, Computer, Source IP, Source Port, Destination IP, Destination Port, Interface, Direction, Action, Protocol and Protocol Number. |
Documentation
The configuration details are consistent with Netsurion Open XDR 7.x or later, and pfSense.
Download Integration Guide for configuration instructions and more information.