OPNsense

OPNSense
Developer	Deciso B.V
OS family	FreeBSD (11.0-RELEASE-p12)
Working state	Current
Source model	Open source
Initial release	2 January 2015; 9 years ago as a fork of PfSense
Latest release	17.7.7_1 / 26 October 2017; 6 years ago
Repository	github.com/opnsense/ ;
Available in	10 languages
	List of languages (English, Czech, Chinese(Simplified), French, German, Italian, Japanese, Portuguese(Brazil), Portuguese(Portugal), Russian)
Platforms	IA-32, x86-64
Kernel type	Monolithic kernel
Influenced by	M0n0wall ; PfSense
License	Simplified BSD / FreeBSD License
Preceded by	m0n0wall
Official website	opnsense.org
Support status
	Community & Commercial

Comment: Note to reviewers! This draft is being discussed on the AfC talk page, here. Thanks. ProgrammingGeek^talktome 16:36, 19 November 2017 (UTC)

Comment: Looking in, what we essentially need and therefore consider the best chances here are significant reviews or reception; Notability cannot be inherited either. SwisterTwister talk 23:15, 16 November 2017 (UTC)

Comment: There's still way too heavy of a reliance on primary sources and press releases. The very few third party sources just mention the subject in passing or as part of some list review. We need to see much more substantial coverage than that. Could be a case of WP:TOOSOON, but either way it's likely that this subject simply isn't notable at this time. Sulfurboy (talk) 20:52, 16 November 2017 (UTC)

Comment: Sourcing is entirely primary, PRs or just routine mentions about the company. Sulfurboy (talk) 07:11, 13 November 2017 (UTC)

Comment: Wikipedia requires significant coverage (not just mere mentions) about the subject in published, reliable, secondary sources that are independent of the subject. David.moreno72 06:46, 12 November 2017 (UTC)

Comment: Reference #2 not permitted. David.moreno72 03:20, 12 November 2017 (UTC)

OPNsense ^[4] ^[5] ^[6] ^[7] ^[8] is an "open source, FreeBSD ^[9] based firewall and routing platform". The software is released as images for x-86 and AMD-64 platforms. The images can be installed on either physical hardware or on a virtual machine. The firewall can be administered with almost no knowledge of the underlying FreeBSD platform through a GUI based web interface. OPNSense has been released under the FreeBSD license.

History

OPNSense^[10] has its history from m0n0wall, an embedded firewall distribution built on FreeBSD, created by Manual Kasper and first released on February 15, 2003^[11]. m0n0wall was forked in 2004 to create PfSense, with the aim to create a fully PC compatible installation vs m0n0wall's embedded model. OPNSense was forked from PfSense in 2014 and had it first release on 02 January 2015.^[12] The reason given by the developers of OPNSense responsible for the fork was:- "After the acquisition of PfSense by Electric Sheep Fencing LLC, the subsequent changes to the licensing model were found restrictive, and to improve on some perceived issues with PfSense".^[13] ^[14]. The company behind the fork was Decisco B.V. M0n0wall which was the original project from which both PfSense and OPNSense was derived ceased development on Feb 15, 2015. ^[3]^[15] In the termination announcement, Manual Kasper the maintainer of M0n0wall asked users to consider migrating to OPNSense ^[3].

Comparison with Other Firewalls

As the project has apparently matured since its first release in 2015, many major tech websites^[4] ^[8] ^[16] ^[17] and print publications^[18] have started including OPNSense in their firewall comparisons, and has been listed as one among the top contenders that users and businesses need to consider when choosing an OpenSource firewall.

Software

OPNSense runs on top of FreeBSD^[19] ^[20]with the major programming done in PHP. Since its first release in 2015 the product has been actively maintained with two major releases a year and continuous monthly minor releases. ^[21].^[22] ^[23]As of Nov 2017 the software version is 17.7.7_1 and runs on top of FreeBSD Ver.11.

As OPNSense can operate on the Network layer (Layer 3 and below) and also manage socket based connections, a default installation of OPNSense can be called a Layer 4 / Transport Layer Firewall. By enabling optional modules like Suricata and Web Proxy, administrators can configure OPNSense to work as a Layer 7 firewall. By default all inbound connections and outbound connections on all interfaces other than the LAN (interface) are denied unless explicitly configured in Firewall rules. Administrators can also configure OPNSense to perform many functions^[24] like IDS, IPS, network address translation (NAT) port address translation (PAT), serve as an endpoint for a virtual private network (VPN) to provide secure connectivity between multiple sites or for remote users / Road Warriors, mange network segmentation at Layer 2 (VLAN), act as an DNS server and manage Guest Wireless Access through an authenticated Captive Portal. A list of features can be found on the OPNSense webpage . OPNSense also supports full firewall capabilities (with some known bugs) for IPv6^[25]

OPNSense was one of the first Open Source firewalls to introduce Time Based Two Factor Authentication (TOTP) (TOTP) for both its web interface and for OpenVPN as part of the built-in modules

Administrators can manage the OPNSense via a command line interface (CLI) or via a graphical user interface (GUI). The CLI can be accessed from the serial console and SSH. But almost all the functions can be configured using the GUI.

Hardware

OPNSense images are available for x-86 and AMD-64 platforms and hence can be installed on any COTS devices with Intel or AMD processors with HDD, SSDs of CF cards . Using newer versions of processors which support AES-NI, the performance and throughput for VPNs can be enhanced by offloading AES Encryption to hardware layer instead of being performed in software.

Similar Free and/or OpenSource Products

PfSense : From which OPNSense was originally forked.
IPFire
IPCop
Smoothwall : Open Source project apparently abandoned as no new releases after 2014.
Sophos UTM : Targeted for home users with limitations on number of systems behind the firewall.

References

^ "About OPNSense®".
^ "Latest Release 17.7". 2017-10-26.
^ ^a ^b ^c "m0n0wall - End of the m0n0wall project". m0n0.ch.
^ ^a ^b "What's the best Linux firewall distro?".
^ DistroWatch. "DistroWatch.com: OPNsense". distrowatch.com.
^ "OPNsense: Setting up basic Firewall - Open Source for You". 1 July 2016.
^ "HardenedBSD Teams Up With OPNSense - HardenedBSD". hardenedbsd.org.
^ ^a ^b Yegulalp, Serdar. "Review: 6 slick open source routers".
^ "OPNsense OSI Approved License - Legal Guidelines". opnsense.org.
^ "FLOSS Weekly 361 OPNSense - TWiT.TV". TWiT.tv.
^ "m0n0wall Handbook". doc.m0n0.ch.
^ "About the Fork — OPNsense Wiki & Documentation documentation". wiki.opnsense.org.
^ Comparison of Firewalls
^ B.V, Deciso. "Deciso Launches OPNsense, a New Open Source Firewall Initiative". www.prnewswire.com.
^ M0n0wall comes crashing down
^ Yegulalp, Serdar. "Review: 6 slick open source routers".
^ "6 best free linux firewalls of 2017".
^ Link to Print article Aggregator : Linux Format 12 May 2016
^ [OPNsense 17.1 Released, Based On FreeBSD 11 ]
^ "OPNsense 17.1 Released, Based On FreeBSD 11 - Phoronix". www.phoronix.com.
^ "OPNsense Roadmap - Planned enhancements and innovations". opnsense.org.
^ OPNSense 17-1 Release
^ https://www.heise.de/ix/meldung/Fuer-die-Firewall-und-den-Router-OPNsense-17-1-freigegeben-3613366.html
^ "OPNsense - open source FreeBSD based firewall and routing". 2 February 2017.
^ "OPNsense as an IPv6 Firewall (Testing IPv6 Security Devices, Part 1)". 16 April 2017.