Which is the better firewall distro?

[Sheldon]

Hi guys,

 

So I wanted to know what you guys think of Clearos and Pfsense, I have used both of them but I have set up a site to site vpn tunnel with pfsense using IPSec and I was thinking which is really better? Clearos or Pfsense, remember adding in all the other things that come with the firewall os. The market place on Clearos is a lot better and has a cleaner gui. What do you think?

 

Thanks Sheldon.

[rufee]

The one that has the feature you need and the hardware support that you need. But this is coming from a guy that never used any of these. There are other distros as well: smoothwall, monowall, untangle.

 

Just don't make Lawlz go crazy with this pfSense talk all day (no offence).

[LAwLz]

Just don't make Lawlz go crazy with this pfSense talk all day (no offence).

This might be one of the very few times where pfSense might actually make sense.

 

Anyway I haven't used Clearos so I won't comment on that.

[Sheldon]

The one that has the feature you need and the hardware support that you need. But this is coming from a guy that never used any of these. There are other distros as well: smoothwall, monowall, untangle.

 

Just don't make Lawlz go crazy with this pfSense talk all day (no offence).

 

I have an untangle box that is used for normal internet usage. Ahh they both seem really good to me since I've tested both.

 

Thanks 

[Sheldon]

This might be one of the very few times where pfSense might actually make sense.

 

Anyway I haven't used Clearos so I won't comment on that.

 

What do you think of pfSense? :lol:

[LAwLz]

What do you think of pfSense? :lol:

I dislike when people who has very limited knowledge about networking recommends it left and right just because they heard someone else talk about it.

For 99.9% of the people on this forum, it's far worse than a normal consumer grade router for what they are going to use it for.

 

The idea and the developers behind it are good, but it's like with Xeon processors. It's not something you should recommend left and right, because it's for a very niche market.

If you need a VPN concentrator and want full control over which algorithms are used in IPsec then it makes sense to use. People recommending it as home routers to the average Joe drives me nuts though.

[Sheldon]

I dislike when people who has very limited knowledge about networking recommends it left and right just because they heard someone else talk about it.

For 99.9% of the people on this forum, it's far worse than a normal consumer grade router for what they are going to use it for.

 

The idea and the developers behind it are good, but it's like with Xeon processors. It's not something you should recommend left and right, because it's for a very niche market.

If you need a VPN concentrator and want full control over which algorithms are used in IPsec then it makes sense to use. People recommending it as home routers to the average Joe drives me nuts though.

 

I do agree with that. pfSense isn't made for home users, It isn't easy to use or get set up with the real rules, I also don;t understand why people need to be running computers (running some firewall os) for just normal internet usage in the home. How does that help you? I don't just use pfSense for IPSec, I use it for client vpn as well. That is why there are companies like Netgear and linksys that make routers for consumers. One more thing is when people want the computer to have 4GB ram or more! I don't get it. I have 2GB in my untangle box that runs anti spam, and other little things for my lab and it doesn't even use more than 900mb.

[rufee]

As far as distros go i would recommend RouterOS, but only to people who know how networking works because its a pain to set it up the first time.

But once you get the hang of it you probably won't want anything else. It has a great firewall implementation, supports L7, everything is real time and no restarts needed.

Though its not free, but you can get it pre-installed on normal routers, and even their lowest end ones have the same features.