OPNsense Forum

English Forums => Zenarmor (Sensei) => Topic started by: tuatara on October 10, 2022, 11:18:48 am

Title: First Impressions
Post by: tuatara on October 10, 2022, 11:18:48 am
As a CyberSecurity Engineer I really like ZenArmor,

Here are my First impressions..

Using the Free version for trailing, these were some things that I've noticed:

- Only Credit card and WePay as payment options, so no PayPal or Ideal
- Very difficult to find the cancellation method or period on their website
- No Reverse IP resolving of hosts on your private networks, so you manually have to do that, each time when investigating traffic for one of your devices.
- Unworkable amounts of False Positives on the following Security Policies:
- - Block potentially Dangerous sites =>  for many of VirustTotal verified safe Dutch websites
- - Block Firstly Seen Sites          =>  many websites and domains older than 2 years are blocked
- - Block undecided Not Safe Sites   
- - Blocking ads sometimes break websites without ads.
- It would be nice to have a bit more flexibility in the web control categories in the Free version.

As already discussed in this forum, you have to trust the vendor, but that is always the case
for each Security product. Especially when private data can be uploaded to the cloud or to the vendor.
I have no reason to doubt the reputation of Sunny Valley, but it is fair to mention this in general, just for awareness.

The Dutch saying says: “don’t look a gift horse in the mouth”.
And I think that the free version delivers a lot of value for free / bang for no buck,
I am really impressed with the amount of information it provides and it's rich feature set.

so I will continue to test for a while and give another update soon.


Tuatara
Title: Re: First Impressions
Post by: athurdent on October 10, 2022, 12:37:40 pm
Reverse DNS lookup works fine here, not sure if it’s a payed feature though.
I have trialed Zenarmor and kept paying it, it’s awesome and worth every penny.
Title: Re: First Impressions
Post by: tuatara on October 10, 2022, 02:36:23 pm
You are right, I think it is because of the free version:

in zenarmor, Configuration:

at DNS Enrichment for Reports   
DNS server IP addresses to do reverse IP lookups: 192.168.122.254 (is wrong and greyed out)
 
the "Perform real-time DNS reverse queries for local IP addresses " switch is not usable in the free version

Nice to hear it is working in the paid version..