I have posted in the past about all the great things you can do with DDWRT or with PFsense. After a few years with PFsense I have changed to iPfire. If you have not heard of iPfire I would suggest reading about this awesome firewall platform. The main focus of iPfire is for Security. This is my simple review of the two systems
The hardware for my firewall is a small ASUS dual core Intel Atom computer. It is configured with 2 gigs of RAM and a 64gig SSD drive. Both firewall versions ran very well on this platform.
From a hardware perspective it is probably an overkill for a router but you never know. Here is a quick view of “top” from my ipfire firewall – Note that squid and snort are only using about 9%. This is a reason that I enjoy iPfire vs other platforms.
PFsense vs IPfire
As for a comparison of PFsense vs ipfire it has been interesting. Overall I prefer ipfire, but pfsense has a lot of good features:
User Interface: IpFire is the winner. The GUI is both easy to use and intuitive. PFsense has everything but can sometimes be confusing with the vast options. The UI for reporting in iPfire has been pretty good. There are a lot of options but once you get comfortable you can get great overview and detailed information.
Performance: I think this is a tie in overall usage performance. For what we do at my house, 20-30 ish devices things work well. This Thanks Giving we had over 50 devices and kids were steaming Netflix, youtube and other games and the firewall was not taxed at all. When using PfSense I could see a spike in the memory / CPU when using snort and a proxy.
Configuration: If you like to just get into the setting pfsense is the winner. I think the end result for me after using Pfsense many times I can say that iPfire seems a bit refreshing. Once you determine the usage of colors : Red (external), Green (internal), and Blue (wireless) it becomes pretty easy. Since pfsense uses FreeBSD I find any custom configuration harder. IPfire is built on Linux and I have better background in using that. The configuration add-on section for IPfire is the Pakfire system. It is a secured and encrypted app store of sorts. Pfsense has a package manager, it worked well but I found it somewhat confusing.
Features: Both Pfsense and iPfire have similar features. I really liked the entire range of features that Pfsense has for router/firewall/ network appliance. I think that iPfire has as many features if not more, but it is hard to tell. I feel that ipfire with add-ons could be a small business server, file server, and much more. In the end, I found that I don’t use many of those features; basically firewall, reporting, proxy, ids, and vpn.
Security: I think this is a close race. Both devices use Clam AV , SNORT, webproxy ,and other process. Pfsense was harder to configure and setup these processes. I really do find the reporting from ipfire to be a winner in the end to allow you to see what is happening with your device. The openVPN setup for ipfire was great, and easy to configure. PFSense is a challenge to setup openVPN but works all the same.
Proxy and reporting – One main reason I initially chose a new firewall over ddwrt was to implement a transparent proxy. I think both ipfire and pfsense do this very well. The reporting from ipfire is about equal to pfsense when using SARG. I do like the Proxy Log viewer that ipfire has available that lets you get a look a recent traffic.
Overall the past few firewalls I have used and tested have all been really good. I have had opportunities to use Untangle, Pfsense, Zentyal, Endian and ipfire. Each device has it’s benefits and I would suggest that you test each. I have selected ipfire for my device to protect and run the connection to my house.
The overall conclusion I can bring regarding PFsense vs IPfire is that both have similar features. I think that ipfire appears to have a more frequent update cycle and security patches. I would have no issue with recommending IPFire to anyone. It has proven to have great performance and very reliable.
I have tried a lot of features using IPFire from the TOR proxy. One nice feature for IPfire is the WIKI pages are really easy to follow.
- Transparent Proxy: http://wiki.ipfire.org/en/configuration/network/proxy
- SNORT: http://wiki.ipfire.org/en/configuration/services/ids
- OPEN VPN: http://wiki.ipfire.org/en/configuration/services/openvpn
- ClamAV: http://wiki.ipfire.org/en/addons/clamav/start
- SARG: http://wiki.ipfire.org/en/addons/sarg/start
- TOR: http://wiki.ipfire.org/en/addons/tor/start
- OwnCloud: http://wiki.ipfire.org/en/addons/owncloud/start
- IMspector: http://wiki.ipfire.org/en/addons/imspector/start
If you have any questions drop me a line. I love talking about firewalls and performance. Also the expectations you can get from each.