PFSense VS Endian VS IPCop - some thoughts - TechRepublic
General discussion
August 12, 2008 at 06:12 AM
dumphrey

PFSense VS Endian VS IPCop — some thoughts

by dumphrey . Updated 17 years, 5 months ago

I am always poking and looking at firewall distros. I like them. They have potential to make the lives of many people and smaller businesses much more comfortable. The trick is finding the release for you and your environment.
IPCop, my old stand by. Its easy to install, works well, and can be “extended” to do dern near anything. Pros: nice web interface, and port forwarding a simple process. Very nice traffic/cpu graphing. Drawbacks: the “extending” is not always easy, and can break the system or ruin its stability. Traffic shaping and firewall rules are port based only.
Endian firewall. Looks to me to be a refined IPCop. Easy install, nice web interface. Pros: smooth package, full feature out of the box. AV, snort, squid proxy… no real need to “extend”. CONS: Minimal traffic shaping and port based only.
PFSense: Wow, im impressed. A bit more technical install then the others, but worth it. Nice web interface, nice terminal menu. Pros: The terminal menu (at first I saw this as a minus until I caught on to the disable gui enable ssh over serial) the pftop is nice, a constant “top” of net usage. The traffic shaping is massive, and protocol aware. They added a routine to figure which of the many cards on the back of a box is wan/lan/opt based on noticing the interface coming up as you plug them in, one by one.
Cons: The install was more technical, not exactly plug and play, but still should be well in grasp of any technically inclined (defaults work well). Default “extra” packages are a very small selection (though well chosen and they work). No auto update feature. You have to manually update based on “firmware” downloads.
Overall, my recommendations have changed from IPCop, to PFsense followed by Endian. Ther is a new IPCop out that may rival the Endian, but somehow I doubt will rival PFSense and its amazing qos/shaping.
What firewall distro have you all used, and do any of you use them in a production environment? home environment?

This discussion is locked

All Comments