Iyo nyowani vhezheni yekugovera kwekugadzirwa kweFirewalls OPNsense 20.7 yave kuwanikwa

Mazuva mashoma apfuura iyo nyowani vhezheni ye iyo inozivikanwa Firewall kugovera OPNsense 20.7 uye imomo hukuru hukuru iyo inomira pachena ndiyo kugadzirisa kwe kuiswa kweiyo network kupindirwa kwekuona uye yekudzivirira system Meerkat 5.

Kune avo vasingazive OPNsense vanofanira kuziva kuti izvi forogo yeiyo pfSense chirongwa, yakagadzirwa nechinangwa chekuumba kugoverwa kwakazara zvachose kunogona kuve nekushanda padanho remhinduro dzekutengesa kuita firewalls uye network magedhi.

Nezve OPNsense

Kusiyana pfSense, eIyo purojekiti yakaiswa seisingatariswe nekambani, yakagadzirirwa pamwe nekutora chikamu chaiko kwenharaunda uye ine yakajeka chose nzira yekuvandudza.

Kugoverwa kwechigadziko kunobva pane YakaomeswaBSD 12.1 kodhi, iyo inochengeta yakawiriraniswa forogo yeFreeBSD, iyo inosanganisa yakawedzera nzira dzekudzivirira uye matekiniki ekurwisa kushandisa kusasimba.

Pakati pezviitiko izvo OPNsense inogona kusiyanisa zvizere kuvhura chishandiso chekuvaka kugona kwacho gadza semapakeji pane yakajairwa FreeBSD, mutoro balancer, web interface yemasangano ekubatanidza vashandisi kunetiweki (inotapa

Kune zvakare mamiriro ehukama hwekubatanidza (pf-based stateful firewall) seti bandwidth miganhu, sefa traffic, gadzira VPN yakavakirwa IPsec, OpenVPN uye PPTP, kusangana neLDAP neRADIUS, rutsigiro rweDDNS (simba DNS), inoonekwa uye yakajeka graphic system.

Uyewo, kugovera kunopa maturusi ekugadzira kukanganisa kushivirira kumisikidzwa zvinoenderana nekushandiswa kweiyo CARP protocol uye inokutendera iwe kuti utange imwe yekuwedzera node kuwedzera kune huru firewall, iyo inozozvimiririra otomatiki padanho rekumisikidza uye inotora mutoro mune chiitiko chekutanga node kutadza.

Zvemutungamiri, iyo inopa yemazuva ano uye yakapusa interface yekugadzirisa iyo Firewall, Yakagadzirwa uchishandisa iyo Bootstrap webhu fomati.

Kodhi yekodhi yezvinhu zvekuparadzira, pamwe nemidziyo inoshandiswa kuvaka, inoparadzirwa pasi pezenisi reBSD.

Kana zvakadaro iyo system mifananidzo iyi inogadzirwa seyakabva LiveCD, kunyangwe chimiro chemufananidzo chinogoverwawo kunyora kuFlash drives.

Chii chitsva muPNPenseense 20.7?

Iyi vhezheni nyowani inosvika iine mashoma shanduko, asi ichiri chakakosha vhezheni, sezvo iyo system base mune iyi nyowani vhezheni yakagadziridzwa neHardenedBSD 12.1, forogo yeFreeBSD 12.1, iyo inosanganisa yakawedzera nzira dzekuchengetedza uye nzira dzekurwisa-kushandisa.

Zvakare, sezvakambotaurwa pakutanga, chinonyanya kukoshesa vhezheni iyi idzva ndiko kugadzirisa kweSuricata kune yayo vhezheni 5

Nedzidzo iyi tinogona kuwana nyowani kuongorora uye kunyoresa ma module yezvibvumirano RDP, SNMP uye SIP.

Pamusoro pekuve muHTTP yekuongorora maitiro, ese mamiriro akatsanangurwa muHTTP Evader bvunzo suite yakafukidzwa zvizere.

Kumwe kumutsiridzwa kwakagamuchirwa neZuricata 5 ndiko kutsigirwa kwenzira yekusimbisa yevatengi TLS JA3 Tsigiro yeJA3S nzira inowedzerwa.

Uye zvakare zvinoratidzika kuti kodhi yacho yanyorwa zvekare kutora traffic uchishandisa fomu neNetmap uye neicho chakawedzerwa kugona kushandisa epamberi mabasa eNetmap, senge chaipo VALE switch.

Pane dzimwe shanduko dzinobuda pachena:

  • Wakawedzera rutsigiro rweDHCPv6 Multi-WAN yekubatanidza kuburikidza nenzira dzakawanda.
  • Izvo zvinokwanisika kutsanangura ako ega mapeji akaratidzirwa mune yekukanganisa yekubatanidza kuburikidza newebhu webhu.
  • Wakawedzera mushumo nemumiriri-wakaita semumiriri yeruzivo nezve network yekubatanidza.
  • Yakagadziriswa API ye firewall manejimendi.
  • Yakagadziridzwa sarudzo dzekusefa zvinyorwa pane nhunzi.

Dhawunorodha vhezheni itsva ye OPNsense 20.7

Si unoda here kuwana iyi nyowani vhezheni solamente Iwe unofanirwa kuenda kune yayo yepamutemo webhusaiti uye muchikamu chekutora unogona kuwana iyo batanidzo kuti utore iyi vhezheni itsva.

Mifananidzo yacho yakagadzirirwa nenzira ye LiveCD uye system system yekunyorera kuFlash drives, saizi yemufananidzo ingangoita 420MB.


Mhinduro, siya zvako

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako

  1.   luix akadaro

    OPNSense vs pfSence? ndosarudza ipi?