Trusting Zenarmor (fka Sensei) / Sunny Valley Networks

Started by firewall, May 25, 2021, 11:18:39 PM

Previous topic - Next topic
Print
Go Down Pages1 2 3
User actions
May 25, 2021, 11:18:39 PM Last Edit: May 11, 2022, 06:04:08 PM by firewall
Hi,
I poked around with Sensei when it was originally released for OPNsense. Cool product but I ended up uninstalling due to the closed source aspect of certain components.

In the time since, has anyone monitored WAN ingress/egress traffic of their Sensei installation to gauge frequency or (better yet) type of data being shared?

Thanks!


Edit: Subject revision to reflect change of product name. Concerns still not addressed 1 year after initial post.
May 26, 2021, 02:12:05 AM #1 Last Edit: May 26, 2021, 03:28:14 AM by mb
Hi @firewall, thanks for bringing this up. I think we can also spare some time and help with such an effort.

[Disclaimer: I'm from the Sensei team]
May 26, 2021, 02:46:03 AM #2
I use sensei but dont monitor what it does. Its a very useful layer 7 filtering tool though.
May 26, 2021, 11:55:13 PM #3
I'm neither a security expert, nor a paranoid dabbler. So for me Sensei protection is optimal.
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
June 02, 2021, 09:11:09 PM #4
I use Sensei from the beginning (September 2018) and can't say a single bad word for anyone from the Sunnyvalley team. Worked mostly with Murat and Matt. If I don't trust them, who to trust then? Cisco? Fortinet? Sophos? Zyxel?
This is the best NGFW solution for me. Worldwide. Period.
Proxmox enthusiast @home, bare metal @work.
June 03, 2021, 01:25:14 AM #5
Quote from: Antaris on June 02, 2021, 09:11:09 PM
I use Sensei from the beginning (September 2018) and can't say a single bad word for anyone from the Sunnyvalley team. Worked mostly with Murat and Matt. If I don't trust them, who to trust then? Cisco? Fortinet? Sophos? Zyxel?
This is the best NGFW solution for me. Worldwide. Period.

this isn't about individuals but i'm glad you've enjoyed your experience using their products.  we clearly have different needs.

@mb any updates?
June 04, 2021, 01:50:53 AM #6
@Antaris, @almodovaris, @allebone, many thanks for your trust. This will only increase our commitment and responsibility.

@firewall, we understand your concern and totally respect the need for a double-check. If someone signs up for this, we'll be happy to spare time and help.
July 17, 2021, 12:19:50 AM #7
I'm not overly concerned with privacy, I just need something that works. My websurf data are boring rather than sensitive.
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
July 17, 2021, 06:00:43 PM #8 Last Edit: July 17, 2021, 06:03:18 PM by almodovaris
I mean: just by analyzing publicly available data you would have a better knowledge of what I do on the internet and what my views are than by merely analyzing my Sensei logs.
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
July 26, 2021, 01:33:56 AM #9
I use Linux, I use FreeBSD, I use Android, I use Windows, but I'm not scared that Microsoft or Google might know what I type.
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
August 12, 2021, 11:46:46 AM #10
I asked this question too, but then came to the conclusion that even if it was open source i personally would not be fully able to code review it and be 100% sure.

Then again, something like ubiquiti´s firewalls... can you really trust them any more than the sensei guys? *shurg*
August 13, 2021, 08:31:46 PM #11
Hi,

what would you trust then?  Everything in your network stack can be flawed (regardless of the big brands or not).

How much do you value your privacy and information you store in your network? If the answer is 'most than everything' then unplug the cable connecting to the internet and enjoy a 'solo' experience.

Best wishes..
November 17, 2021, 10:51:46 PM #12
In summary: a handful of responses from people who "have nothing to hide" concerning data collection and privacy threats.


Great, you do you.


As @mb seemed willing to cooperate when this topic was first posted, I'd like to circle back to the intent.



If the "Cloud Management Portal" is disabled via Zenarmor-Sensei configuration options, what data is sent to systems operated by or affiliated with Sunny Valley; be it during installation, post-deployment operation, or otherwise?
November 19, 2021, 03:57:30 PM #13
Hi,

After disabling the Cloud Portal, Zenarmor queries web traffic for Threat intel and sends the heartbeat. You can configure both on Configuration - Cloud threat Intel and Configuration - Updates & Health.
November 19, 2021, 05:34:40 PM #14
If privacy is such a concern to you then dont use sensei. I has to have some data collection to manage licensing, sync with the cloud portal etc. Thats a fact of life for commercial products. Dont use Azure, dont use O365, dont use AWS, dont use anything where some data has to be stored elsewhere. IE nothing useful since everything is using cloud these days. Good luck but you will find it impossible integrating useful products like this if you cannot have a single bit of your data leave your site. Simple fact of life. Ship has already ailed on this. No turning back now.
Print
Go Up Pages1 2 3
User actions