Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - RedeyeAce

#1
Development and Code Review / Re: e2guardian Plugin
April 20, 2021, 06:05:22 PM

Did this progress?

I keep coming across e2guardian and pretty much everyone says it's the bee's knees.
Thanks,
Jon
#2

I sent them an email a couple of times, and they never responded.

It's baked into ClearOs and literally the very first thing in the menu. My concerns were that the cost for a home user at that time was $480 per year.

It seems to be $660 for the same thing now, neither of which is appealing to a home user. Given the inspection engine is free, I would of paid a small fee to host it my end. I don't know many home users that would pay $660 to provide their data and get fancy pictures from their website.

Shame as it looked good, tis also a shame that they don't answer people's questions.

#3
@ JasonJoel

Surely the easiest option is to swap houses with me fella, i've got just below 50, so you'll have no problems here at all :)

Joking aside, I would of thought that 150 should be standard nowadays given the working from home and kids having more kit for homeschooling.

I do agree with mb but also would point out that if SV is marketing the product to people who are running OPNSense, PfSense, Centos, etc etc. that this demographic is NOT an atypical home and therefore a normal home average would not be sufficient for us?

Doing the survey now :)

Just do something like every 50 block required above that at a modest upgrade cost?
#4
There are several posts concerning speed tweaks, none of which are collated. The one that made a difference for me (going from a 50% drop in bandwidth performance to 30%) was IDS-Administration-Settings-Pattern Matcher = Hyperscan , if you have a good CPU.

Your question was: Is there a goto page?  Unfortunately there doesn't seem to be one. There's a huge thread on "App control" which seems to have gotten out of hand and has all-sorts in it.

I would also like to have a sticky for this topic as a "Guide to more speed". Compared to other platforms, I seem to have lost around 30% of my bandwidth (my isp may be having a bad time atm, it can happen) and this is a comparison against competitors.

I'm running OPNSense via a vm using a quad-core i7, 28GbRam allocation; I have inconsistencies in Ram reporting with the largest report showing 15gb :o , and a 500gb ssd. There is nothing but the hypervisor on this box atm.
#5
Hi Guys,

Background

I have been evaluating differing platforms that my wife and brother can easily administer, and I think that 'Home' could fit our needs. However, after a couple of days, I have come to realise (Whilst chasing problems down) that the Installation instructions and Forum could be tweaked to aid the user experience.

So far, I confess to liking Untangle for it's ease of use; so you can see why Sensai peaks my interest and I think, and hope, that this project is going to get there. I also believe that it could potentially have the edge, given time, for the ability to; install more modules, have more customisation in general, and access to a larger 'tinkerer' community i.e having the best of both worlds.

I like OPNSense as it's slightly easier than PfSense (past user) and also given the partnership with ProofPoint for ET Pro telemetry and now Sensai's central interface.

  • Which I assume means that my wife and brother will be able to use the 'Cloud Management Portal' e.g. if a rule goes wrong or to check 'what's wrong' whilst keeping the Firewall fully closed off from the world?
If my wife needs support it needs to be remote as our families are hundred's of miles away.

My Original Assumptions 'D'oh'; due to lack of information

After installing OPNSense, I immediately setup the usual suspects of IDS (with ETPro telemetry) and Unbound. I had a gut feeling not to install web proxy as presumably Sensai would be doing a lot of tinkering with it, so I didn't want another package interfering.

I'm beginning to realise that I had made incorrect assumptions where I thought: If I installed Sensai last, Sensai would check the usual directories, see the databases already in use, append and dedupe; leading to one database instance per function (module), with Sensai then having full control and reporting for DNS, threats etc. I also Assumed that if the user wished for seperation, that they would have to do so by way of seperate instancing of dns / pihole/ etc. somewhere else which in turn provides users with both options.

Purely due to the headaches of chasing things down and seemingly where adding things to whitelists are not working despite checking the format ".domain.com" where normal formatting also failed (in the varying places). I couldn't get my head around firewall aliasing to bypass everything.

Would it be possible to:


  • Get a sticky for OPNSense with Sensai 'Handy hints and tips' or 'Read me first'?
  • Make it clear that Sensai does not overview everything and any modules added to OPNSense would also require checking should issues arise. This should include the hierachy for white and blacklisting ( I believe Sensai is last?)
  • Include what modules can be installed that Sensai can control?
  • Include modules can be installed that Sensai can view and report on?
    These modules probably need an inclusion tickbox or something in config for selecting? i.e. information Sensai can 'read only' on these modules and include in the reporting as to which module information was from, to enable better hunting.
  • Whether the modules should be installed before or afterward?
  • Which modules are common to run alongside in  spite of Sensai not being able to control or view them.
  • Consider or change the evaluation period. Realistically and in part due to the below, 7 days is no where near enough time to evaluate the product? 

I get that you could use free for a while then convert, however there are those of us that need the paid features to make an informed choice when comparing the competition. You pretty much have to try the 7 day paid evaluation off the bat. This certainly doesn't allow for new users to OPNSense, nor the chasing down of issues, nor the working out module hierachy.

I personally would like to see the AD Connector included in home or have the option for a modest upgrade to gain the function. Whilst i've not played with AD for a decade, most of us have the capabilities to implement it, or similair. In my case; keeping with the theme of making things easier, it is something I am considering.

Thanks ever so much,
Jon