Sensei on OPNsense - Application based filtering

Started by mb, August 25, 2018, 03:38:14 AM

Previous topic - Next topic
Print
Go Down Pages 1 ... 37 38 39 40 41 ... 79
User actions
October 25, 2019, 12:19:34 AM #570
Hi @actionhenkt,

Quote from: actionhenkt on October 24, 2019, 10:47:40 PM
When browsing the session explorer, I wanted to block a website directly from the session explorer, is it possible block single
websites without blocking the whole web/app control from the session explorer ? 

Good catch!. We'll add this to the upcoming release. Hopefully will ship with 1.1.

Quote
Is it possible to bulk import websites into the "white/black-list" ?
Can I add my own webcontrols/appcontrols ?

Not yet. Both roadmap items.

Quote
Redirect to the "block page" doesnt work when connecting over https. Do I need TLS inspection for this ?

Correct, since TLS session preceeds the HTTP session. Yes, with TLS, this would be possible.

October 25, 2019, 12:29:24 AM #571 Last Edit: October 25, 2019, 01:52:23 AM by mb
Dear Sensei users,

Some good news from a super-busy month working on the upcoming 1.1 release. Here are some of the major goodies that are shipping with 1.1.

The most notable one is the support for low-end devices. We're now able to install on low-end devices with weak CPUs and with memory as low as 2GB. Yes!, with reporting.

Please find the detailed list below.

We're targeting early November for the release.

In the meantime, just PM me if you'd like to test drive before it's made publicly available.

What will be coming up with Sensei 1.1

Better low-end device support

  • Support for low-end devices with weak CPUs. Try Sensei on your Deciso A10 / Pcengines APU devices: Yes! with reporting :)
  • Minimum RAM requirement lowered to 2GB

More interface support

  • lagg(4) and bridge(4) interface members can be protected now

New Cloud Servers Infrastructure goes live

  • New less-latency cloud servers for US-West, US-East, Asia and Australia regions
  • New web category/threat intelligence database
  • Improved/faster cloud query mechanism
  • Better availability
  • Status screen now shows uptime in a prettier format

Reporting

  • Reporting Performance Improvements (Reports load faster (a lot faster ;))
October 25, 2019, 09:18:34 AM #572
Quote from: mb on October 25, 2019, 12:29:24 AM
Dear Sensei users,

Some good news from a super-busy month working on the upcoming 1.1 release. Here are some of the major goodies that are shipping with 1.1.

The most notable one is the support for low-end devices. We're now able to install on low-end devices with weak CPUs and with memory as low as 2GB. Yes!, with reporting.

Please find the detailed list below.

We're targeting early November for the release.

In the meantime, just PM me if you'd like to test drive before it's made publicly available.

What will be coming up with Sensei 1.1

Better low-end device support

  • Support for low-end devices with weak CPUs. Try Sensei on your Deciso A10 / Pcengines APU devices: Yes! with reporting :)
  • Minimum RAM requirement lowered to 2GB

More interface support

  • lagg(4) and bridge(4) interface members can be protected now

New Cloud Servers Infrastructure goes live

  • New less-latency cloud servers for US-West, US-East, Asia and Australia regions
  • New web category/threat intelligence database
  • Improved/faster cloud query mechanism
  • Better availability
  • Status screen now shows uptime in a prettier format

Reporting

  • Reporting Performance Improvements (Reports load faster (a lot faster ;))

great news :-) an sensei widget would be also great! thx regards rené
Supermicro A2SDi-4C-HLN4F
Team Rebellion Member (sidebar / themes: tukan, cicada & vicuna)
October 25, 2019, 09:32:46 AM #573
Great!
October 29, 2019, 12:44:56 AM #574
Quote from: opnsenseuser on October 25, 2019, 09:18:34 AM
great news :-) an sensei widget would be also great! thx regards rené

Hi rené,

What would you like to see in the widget?
October 29, 2019, 02:53:28 AM #575
Quote from: mb on October 29, 2019, 12:44:56 AM
Quote from: opnsenseuser on October 25, 2019, 09:18:34 AM
great news :-) an sensei widget would be also great! thx regards rené

Hi rené,

What would you like to see in the widget?

network interface with the throughput
(as a scale of time of possible)

maybe...
recent security blocks
(no idea yet if in graph or test)
October 29, 2019, 05:29:38 PM #576
I guess throughput is already available in OPNsense widgets?

Quoterecent security blocks

Got it. Any other ideas?
October 29, 2019, 05:58:56 PM #577
Quote from: mb on October 29, 2019, 12:44:56 AM
Quote from: opnsenseuser on October 25, 2019, 09:18:34 AM
great news :-) an sensei widget would be also great! thx regards rené

Hi rené,

What would you like to see in the widget?

maybe some of the status informations of sensei as widget?
Supermicro A2SDi-4C-HLN4F
Team Rebellion Member (sidebar / themes: tukan, cicada & vicuna)
October 29, 2019, 06:16:12 PM #578
Quotemaybe some of the status informations of sensei as widget?

Good idea. Got it.
November 03, 2019, 04:30:12 AM #579
Dear Sensei users,

We've made release 1.1 available for LibreSSL users. LibreSSL flavor users can now do a fresh install for / update to Release 1.1.

Tests underway for OpenSSL flavor. Hope to ship this one on Tuesday.

November 05, 2019, 04:53:54 AM #580
Just wanted to say it's a very nice interface and works well. Very user friendly. Ran into an issues where the reports are getting corrupted and I have to fix them. How far away on the roadmap is importing custom whitelist/blacklist and will it be on the free tier? Maybe even a page to add url's to pull our favorite lists and a few popular ones preloaded to enable? With the new update taking away more control I'm going to have to whitelist some porn sites ;)
November 05, 2019, 03:47:52 PM #581 Last Edit: November 05, 2019, 03:50:44 PM by JohnDoe17
I just updated from 19.1.10 to 19.7.6.  Now I'm getting the following message every time I click on the Dashboard:

QuoteElasticsearch service is not running!  In order to view reports, you need to start Elasticsearch service. Do you want to start it?

And when I click "Yes," it doesn't seem to start.  I just get a

QuoteWaiting for database service to come up
bar.

This used to work fine.  Any ideas?
November 05, 2019, 03:55:32 PM #582
I just noticed some messages on the console that don't look good either.  I don't know if they are related to my Sensei issue or not, but I thought I'd post them in case they were.

See attachment.
November 05, 2019, 04:47:41 PM #583
Quote from: JohnDoe17 on November 05, 2019, 03:47:52 PM
I just updated from 19.1.10 to 19.7.6.  Now I'm getting the following message every time I click on the Dashboard:

QuoteElasticsearch service is not running!  In order to view reports, you need to start Elasticsearch service. Do you want to start it?

This used to work fine.  Any ideas?

@JohnDoe17,

Messages on the console are related to HardenedBSD's SEGVGUARD. It detected that syslog-ng process crashed several times. This does not seem to be related to Sensei.

There was a major python upgrade from 2.7 to 3.7 in OPNsense 19.7. We have mechanisms to handle this, though it's possible to miss something.

Can we have a look at your system together? I'll be contacting you.
November 05, 2019, 06:12:48 PM #584
Dear Sensei users,

Can anyone who is experiencing Elasticsearch issue contact me? We can't reproduce this in our test/PoC systems.

Any help is much appreciated.
Print
Go Up Pages 1 ... 37 38 39 40 41 ... 79
User actions