After playing with several open firewall solutions in a virtualized sandbox I decided that pfSense was the platform for me. I started looking into my hardware options and wanted something with enough CPU/Memory to start but could be upgraded if needed. I also wanted something that would run cool (or could easily be cooled), not consume much power, and didn't sound like a jet while running.
I decided upon an HP Thin Client T610 Plus with a Dell Intel PRO/1000vt PCI-E Quad Port NIC after reading this article and doing a bit more research. Both pieces were located and purchased on eBay. The solution came in at approximately $145.00 but I decided to buy a brand new T610 and went with a more reputable seller for the NIC which did increase my spend by a few dollars.
Nothing here is a revelation and has been documented many times before but I did hit a bit of a snag. When loading pfSense (pfSense-CE-memstick-2.4.2-RELEASE-amd64.img ) via USB I could not get the boot process to complete, it would almost immediately hang with no indication of a traceable error. The T610 came with embedded Windows 7 which worked fine, even with the Quad Port NIC installed so I didn't believe I had a hardware issue. After several different BIOS re-configurations, I decided to try a previous pfSense build (pfSense-CE-memstick-2.3.5-RELEASE-amd64.img) which loaded without incident. Once loaded I was able to upgrade to the latest version via the network, again without issue.
At this time I'm still learning and really like this platform. My first project will be the use of pfSense to segment all of the home automation, entertainment, and other miscellaneous devices off my primary network for security sake. I'm not overly worried about these devices but would prefer they do not interact with my personal data network. Once complete I plan to use pfSense to monitor the flow data on my network and remove anything I deem insecure.
Some last thoughts about pfSense. It is a network toolbox, you can basically do or test anything network related. The interface is clean and packages can be added or removed for additional functionality with little effort. Needless to say, I'm impressed.
No comments:
Post a Comment