Topics

Dear Beloved Zenarmor Users,

OPNsense allows you to create Let's Encrypt certificates using the ACME client, a plugin included in the repository. Let's Encrypt certificates are advantageous due to their cost-free nature and the ease with which they can be created for your domains.

The primary aim of Let's Encrypt and the ACME protocol is to facilitate the establishment of an HTTPS server that acquires a browser-trusted certificate autonomously, without requiring any human intervention. This is achieved through the implementation of a certificate management agent on the web server.

In this tutorial, we will explain how you can change a self-signed certificate with a Let's Encrypt certificate on your OPNsense firewall.

https://www.zenarmor.com/docs/network-security-tutorials/how-to-change-self-signed-certificates-with-ca-signed-certificate-on-opnsense

Best Regards,

Zenarmor Team

Dear OPNsense Community,

Certificates on OPNsense are used to establish confidence between peers. OPNsense enables the creation of certificates directly from the front end to simplify their use. Furthermore, it enables the creation of certificates for many uses without using the "openssl" command line program.

In this guide, we outline OPNsense certificate management topics.
https://www.zenarmor.com/docs/network-security-tutorials/how-to-manage-certificates-on-opnsense

Best Regards,

Zenarmor Team

Dear Beloved Zenarmor Users,

DDclient is a Perl client that is used to update dynamic DNS entries for accounts on a Dynamic DNS Network Service Provider. This software operates on a wide range of UNIX operating systems and has undergone testing on GNU/Linux and FreeBSD. The supported capabilities include functioning as a daemon, both manual and automated updates, static and dynamic updates, optimized updates for multiple addresses, MX records, wildcards, abuse avoidance, retrying unsuccessful updates, and transmitting update status to syslog and via e-mail.

In this tutorial, we will guide you through dynamic DNS configuration on the OPNsense firewall using ddclient plugin and Cloudflare.

https://www.zenarmor.com/docs/network-security-tutorials/how-to-configure-dynamic-dns-on-opnsense

Best Regards
Zenarmor Team

[The Beginner's Guide for OPNsense]

Hello OPNsense enthusiasts and cybersecurity professionals,

We're thrilled to announce the release of "The Beginner's Guide for OPNsense", a comprehensive ebook designed to help both newcomers and seasoned users maximize the potential of their OPNsense setups. Brought to you by Zenarmor, this guide is a testament to our commitment to the OPNsense community and our belief in open-source security solutions.

What's Inside?

• Step-by-step instructions on configuring and optimizing OPNsense.
• Best practices for network security and performance.
• Insights into advanced features to elevate your OPNsense experience.

Whether you're setting up OPNsense for the first time or looking to deepen your understanding of its capabilities, this guide is packed with valuable information to enhance your cybersecurity strategy.

Download your free copy here:

https://www.zenarmor.com/opnsense-beginner-guide-form?utm_source=website&utm_medium=opnsenseforum&utm_campaign=beginnersguide

We're excited to contribute to the OPNsense community and look forward to your feedback. Dive into the ebook and let's strengthen our networks together!

Zenarmor Team

Dear beloved Zenarmor Users,

All DNS queries are routed in plaintext. Your ISP or a hacker can intercept transmissions via UDP and TCP protocol 53 in plaintext to compromise the site's DNS queries and responses. For this reason, we should encrypt our DNS queries for security purposes. DNS over TLS (DoT) is a security protocol that utilizes Transport Layer Security (TLS) to encrypt DNS traffic and is one of the most common DNS security solutions.

This tutorial will help you configure the OPNsense DNS resolver to encrypt all DNS queries in order to prevent surveillance and enhance your online privacy and security.

https://www.zenarmor.com/docs/network-security-tutorials/how-to-configure-dot-on-opnsense

Best Regards,

Zenarmor Team

Dear beloved Zenarmor Users,

IPSec is a collection of communication protocols that provide secure connections over a network. The phrase "IPsec" is an abbreviation where "IP" represents "Internet Protocol" and "sec" represents "secure."

OPNsense provides VPN connectivity for both branch offices and remote users (Road-Warrior). Setting up a single, secure private network that connects several branch offices to a central location is simply accomplished using the OPNsense web user interface.

This guide will explain the process of configuring an IPsec site-to-site VPN tunnel using an OPNsense firewall.

https://www.zenarmor.com/docs/network-security-tutorials/how-to-configure-ipsec-site-to-site-vpn-tunnel-on-opnsense

Best Regards,

Zenarmor Team

Dear Beloved Zenarmor Users,

CrowdSec is a lightweight, open-source program that identifies individuals exhibiting violent tendencies and prevents them from accessing your systems. The design of the system is user-friendly and provides easy access while still offering strong security measures.

In its most fundamental configuration, the CrowdSec module functions exclusively on a single server, safeguarding only the services hosted on the OPNsense system. Furthermore, it restricts the barring of malicious IP addresses, which are curated by the CrowdSec community.

In this tutorial, we will do basic CrowdSec installation on a single OPNsense system.

https://www.zenarmor.com/docs/network-security-tutorials/how-to-install-and-configure-crowdsec-on-opnsense

Best Regards,

Zenarmor Team

Dear Beloved Zenarmor Users,

High availability (HA) refers to the capacity of an IT system, component, or application to function consistently and without interruption at a superior level for a certain duration. The high-availability architecture is designed to provide optimal performance and effectively manage various workloads and faults while minimizing or eliminating any interruptions in service.

An impressive capability of OPNsense is the ability to establish a redundant firewall with an automated fail-over option. OPNsense employs the Common Address Redundancy Protocol (CARP) to enable hardware failover.

This tutorial will explain how to configure high availability on OPNsense firewall systems.

https://www.zenarmor.com/docs/network-security-tutorials/how-to-configure-ha-on-opnsense

Best Regards

Zenarmor Team

[device identification and management]

Dear  valued Zenarmor users,

We have reached the end of another successful year at Zenarmor, with the third and final major release of Zenarmor for 2023 ready for you to download. Like with all the previous major releases this year, Zenarmor 1.16 includes new, fresh capabilities and tools that will ultimately help you create a formidable defense against bad actors and improve your overall network security posture, regardless of where you choose to deploy Zenarmor, on-prem or in the cloud.

In this release, we are proud to introduce a new device identification and management capability, giving you improved visibility and control of the devices using your network, as well as Community ID flow hashing support to easily correlate device logs with connection logs, giving you full end-to-end visibility of the process on the device initiating the connection on your network to its final destination on the internet.

For more, read the blog post: https://www.zenarmor.com/post/not-just-an-update-zenarmor-1-16

Best Regards
Zenarmor Team

Dear beloved Zenarmor users,

We are delighted to hear about your enthusiasm for our upcoming release and are excited to share it with you. Rest assured, the wait will be rewarding. Our dedicated team has devoted countless hours to perfecting this new version, ensuring that it exceeds your expectations. Prepare to be amazed by the significantly improved functionality, performance, and user experience.

While the software is still in the final stages of development, we are almost ready to bring you a product filled with innovative features that will surely enhance your experience. Additionally, this release will introduce fundamental features of a next-generation firewall, marking a significant step forward in our technology. Stay tuned for the imminent arrival of our most advanced and user-friendly version yet!

The upcoming release of Zenarmor 1.16, with its advanced features like Device Identification, Device Access Control, and Community ID flow hashing, promises to elevate network security.

However, to fully leverage these enhancements and mitigate potential misconfiguration issues, this guide outlines essential best practices for administrators to effectively implement and optimize the new configuration settings.

https://www.zenarmor.com/post/getting-ready-for-zenarmor-1-16

Best Regards

Zenarmor Team

[ZENARMOR23U]

Special offer for new subscriptions!
Use the code ZENARMOR23U at checkout and get 20% off on new annual Zenarmor plans.

This offer is valid until December 7th, 23:59 PT, and is non-refundable.

Please note:

• Valid only for new annual plans, not existing subscriptions or renewals.
• Non-refundable once purchased.

Seize this opportunity to enhance your cybersecurity at a special rate!

https://dash.zenarmor.com/checkout?utm_source=website&utm_medium=opnsns&utm_campaign=bf&utm_term=discount&utm_content=form

Dear valued users,

The official release of Zenarmor 1.16 is just around the corner, promising some exciting new capabilities. Today, we will take a sneak peek at one of the new capabilities introduced in this release called Community ID Network Flow Hashing, or Community ID for short.

In this article, we are going to show you exactly how to do this by using Community ID to match the network traffic session logs created by Zenarmor with the Sysmon event logs generated on a Windows client in order to build a complete end-to-end picture of a network connection, from the application or process initiating the connection on the Windows client to its final destination endpoint.

https://www.zenarmor.com/post/threat-hunting-with-zenarmor-community-id-feature

Bests,
Zenarmor Team

Dear valued Zenarmor users,

To continue with the series of Zenarmor SIEM integration guides that we have created over the last few months, today we are going to look at how we can integrate Zenarmor with Datadog. Datadog is slightly different from the previous SIEMs we have covered because it's the only one that is a SaaS-only solution, meaning we can't self-host this solution as we covered in the Wazuh, ELK, and Splunk Enterprise guides.

Regardless of the differences, Datadog is a popular and powerful monitoring and security platform, and it only makes sense to include it in this Zenarmor SIEM integration series.

So without further ado, let's get to the fun part and dive into the configuration guide.

https://www.zenarmor.com/post/integrating-zenarmor-with-datadog-an-mssp-and-business-user-guide

Zenarmor Team

Dear valued Zenarmor users,

Splunk is a popular unified security and observability platform used by businesses and MSSPs to detect, investigate, and respond to potential security threats. Today, many enterprises use it as their preferred Security Information and Event Management (SIEM) solution.

In this guide, we are going to show you how Splunk Enterprise and Zenarmor can easily be integrated, giving MSSPs and businesses an easy starting point to ingest Zenarmor event log data into Splunk Enterprise.

https://www.zenarmor.com/post/how-to-integrate-zenarmor-with-splunk-enterprise-using-splunk-connect-for-syslog-sc4s

Have a good read...
Zenarmor Team

Dear Valued Zenarmor Users,

Zenarmor 1.15 has just been released, offering some important new and improved capabilities with a focus on providing a better-performing dashboard experience overall while introducing useful features that enterprises and MSPs can leverage to more efficiently manage administrative users and their roles across multi-tenant and large enterprise Zenarmor NGFW deployments.

A brief list of the updates included in this release are as follows:

• Full-featured role-based multi-tenancy support, including account and project sharing
• An improved and more performant dashboard frontend built using the Vue.js 3 JavaScript framework
• The addition of new web and application filtering categories
• General bug fixes and minor UI improvements

Eager to explore the latest features of our new release? Our recent blog post provides an in-depth walkthrough of ZenArmor 1.14.

https://www.zenarmor.com/post/introducing-zenarmor-1-15-new-zenconsole-dashboard-features-and-improvements-for-a-better-enterprise-and-msp-user-experience

If you have encountered any problems or have any questions, please don't hesitate to reach out to our support team at [support@zenarmor.com].

We are here to help you every step of the way.

Warm regards,

Zenarmor Team

Dear valued Zenarmor user,

The ELK stack (Elasticsearch, Logstash, and Kibana), also known as the Elastic stack is a popular platform used by organizations to collect, search, analyze, and visualize data from any sources. In the context of cybersecurity, it can be used as a Security Information and Event Management (SIEM) solution with the correct integrations. Based on its popularity and the advantages it offers, it makes sense that enterprise-ready products like Zenarmor prioritize offering direct and easy integration to this platform.

In this post, we are going to explore how to set up Zenarmor to offload and stream its log data to an ELK stack.
https://www.zenarmor.com/post/integrating-zenarmor-with-your-elk-stack-elasticsearch-logstash-and-kibana

Have a good read...
Zenarmor Team

[Intuitive Design]

Hello,


We hope this post finds you well. We are writing to provide you with some important information about the recent Zenarmor 1.14 upgrade.

First and foremost, we would like to acknowledge that the release of this upgrade did not go as smoothly as we had hoped. This was a major upgrade and had been in quality assurance and testing for the past 5 months. Despite all care and attention, several users have reported issues, and we want to extend our sincerest apologies for any inconvenience this may have caused.

However, we want to emphasize that the Zenarmor 1.14 upgrade is a fundamental step forward in the evolution of our product. This new version introduces a completely revamped interface that has been designed to significantly enhance user experience and efficiency.

Here's what you can look forward to with Zenarmor 1.14:

• Intuitive Design: Our team has worked hard to create an interface that's more user-friendly, enabling you to navigate with ease and accomplish tasks faster. The new design offers the much-loved user experience of Zenarmor's Cloud Management Console Zenconsole.
  
• Improved Performance: The underlying architecture has been optimized to provide you with a more responsive and efficient experience.
• New Features: We've introduced several new features that we believe will streamline your workflow and make your day-to-day usage of Zenarmor more enjoyable.
  

Eager to explore the latest features of our new release? Our recent blog post provides an in-depth walkthrough of ZenArmor 1.14 and how it enhances the OPNSense interface through ZenConsole integration.

https://www.zenarmor.com/post/introducing-zenarmor-1-14-opnsense-interface-improvements-through-zenconsole-integration

You asked, and we listened! Our FAQs section now includes a guide on how to effectively drill down into traffic analytics in the new interface.

https://www.youtube.com/watch?v=ugcLk7d1cGs

We understand that the transition to this new version may have been less than ideal, but we assure you that our team is actively working on resolving the identified issues. Your satisfaction is our priority, and we are committed to making Zenarmor 1.14 a success.

Now that you have a streamlined user interface, which also allows Zenarmor team to ship new features faster, please take a moment  to visit our Roadmap page to see the list of new enterprise security capabilities Zenarmor is set to deliver in the coming months:

https://www.zenarmor.com/roadmap

If you have encountered any problems or have any questions, please don't hesitate to reach out to our support team at [support@zenarmor.com].


We are here to help you every step of the way.


Warm regards,

Zenarmor Team

Dear valued Zenarmor user,

In the world of cybersecurity, having a robust and efficient Security Information and Event Management (SIEM) system is crucial. SIEM systems provide real-time analysis of security alerts generated by applications and network hardware.

In the following guide, you can explore how to integrate Zenarmor, a powerful network security solution, with Wazuh, a free and open-source SIEM and XDR solution, using the easy-to-configure Syslog event messages automatically generated by Zenarmor, for seamless and efficient security incident management.

https://www.zenarmor.com/post/integrating-zenarmor-with-wazuh-a-guide-to-siem-integration-using-syslog

Have a good read...

zenarmor Team

Dear valued Zenarmor users,

Even though it has been rigorously tested by the Zenarmor team and upgrading to Zenarmor is a simple procedure that allows you to upgrade your system without incident, it is best to be prepared for Murphy. It is crucial to proceed with caution to avoid disruptions and data loss.

In this post, we will give you a hand in upgrading your Zenarmor NGFW smoothly. If you follow the advice below, the process can be relatively straightforward and have minimal impact on your business.

https://www.zenarmor.com/blog#best-practices-for-upgrading-zenarmor-to-v1.14

Have a good read...
Zenarmor Team

Dear valued Zenarmor user,

You're not unfamiliar with Zenarmor. Until now, when searching for us, you mostly used the term 'Zenarmor' in search engines. We have rebranded our corporate company name, Sunny Valley Networks, to Zenarmor. After the domain name change, you will be able to access all the services we previously provided on sunnyvalley.io through zenarmor.com.

Join us on this transformative journey as we continue to innovate, protect, and empower. Visit our revamped website at https://www.zenarmor.com/ to explore our enhanced range of services.

But don't just take our word for it! Our CEO, Murat Balaban, shares his insights and the reasons behind this transformative decision in our latest Zenarmor YouTube video: https://www.youtube.com/watch?v=XH6ETsC4oDI. 🎥

Stay tuned for exciting developments!