Netify Network Intelligence on OPNsense - Now Available

[pbaldwin]

Hi OPNsense Community,

We're a Canadian company that has developed two bits of technology that can help with managing networks at the edge of the Internet.

• An open source deep packet inspection (DPI) engine that is ready to be integrated with the OPNsense firewall, QoS engines and other tidbits.
  
• A cloud-based network intelligence and visibility solution.  The solution provides full transparency into what’s happening on your network.
  

These are really two different topics, so we have separated the announcements into different forum posts.

This one is about the second topic - the cloud-based network intelligence and visibility solution.  You can find the open source DPI topic here.

What is Netify?

Netify provides full transparency into what’s happening on your network.

• Is an employee using VPN or proxies to bypass network policies?
• Are any devices using weak encryption?  That needs to be fixed!
• Why is my video conference call so crappy today?
• Are any TVs, printers, or IoT devices connecting to unexpected countries?
• It looks like an old router was hacked, do we have historical forensic data?
• Who is uploading all that data to Instagram?  (Karen… it’s always Karen)

Netify can answer these types of questions.  It is a network visibility and intelligence tool that helps you manage your network.  It starts by detecting and classifying devices on your network - a process we call Device Discovery.  Devices are identified and classified as printers, mobile phones, tablets, laptops, etc. so you can start understanding your network.  Here’s a screenshot:



From there, Netify uses its cloud-based network intelligence engine to help you with bandwidth accounting, cybersecurity analysis, compliance, policy enforcement, network troubleshooting, and more.  Features include:

• Device Discovery
• Application Detection
• Protocol Detection
• Risk and Reputation Analysis
• Bandwidth Monitoring
• Hostname Visibility
• Geolocation Information
• Connection Forensics

Netify is more than a reporting tool.  Our goal is to help provide insights into your network.   

Privacy First

Cloud is not for everyone, that’s understandable.  But it's strange to think that your ISP, DNS provider, Google, Facebook and online marketers may know more than you about the networked devices and traffic patterns inside your organization.

At every step of the Netify development cycle, we have had security and privacy in mind.  Deep packet inspection (DPI) sounds intrusive, but it's actually less intrusive when used responsibly.  Netify only looks inside the first 5-10 packets of data, not the entire payload.  In addition, DPI cannot decrypt your encrypted communications: no SSL interception, no certificate deployment headaches, no breaking end-to-end encryption.  It provides a balance that gives you the power to manage your network without compromising encryption and security.  We encourage you to learn more about Netify's privacy features and data silos.

In addition, the underlying netifyd deep packet inspection agent is open source (GitLab), so you can see exactly what metadata is being processed.  Feel free to poke around and see what happens under the hood.

For large deployments, we also have the option for hosting the infrastructure in a private cloud or data center. 

Installation and Configuration

That’s enough of the sales pitch.  You can find installation and configuration instructions for OPNsense here:

Netify for OPNsense

We have a 7-day no obligation free trial. 

Feel free to post comments or questions!

[ab5g]

The UI looks slick and nice. Gives me the right kind of reports at a glance. Congratulations on a well thought of and made product.
Any change you can offer a Home subscription (with reduced features?). At 25$ a month it may be beyond the reach of the home users .

[pbaldwin]

Thanks!  Unfortunately, we don't have any current plans for the home user.  We have certainly discussed it and it's on our wish list.  The big hurdle: pushing some of the machine learning features from the cloud to the agent (OPNsense box).  That will make it possible to get a nice feature set that wouldn't need to connect to the cloud (except for signature updates).

[ab5g]

Sorry I wasn’t very clear before. I meant do you have plans for people who have an Opnsense for home use (like me). I’d love to subscribe to the service but 25$ a month is a bit steep. I don’t mind a reduced feature set (a lesser retention time for the logs perhaps 3 days for live and a month for archive).

[pbaldwin]

I was the one that wasn't very clear!  Unfortunately, we don't have any plans for home users today, but we might something in the future.