OPNsense beginner to professional : protect networks and build next-generation firewalls easily with OPNsense / Julio Cesar Bueno de Camargo.

Format:

Book

Author/Creator:

Camargo, Julio Cesar Bueno de, author.

Language:

English

Subjects (All):

Computer networks--Security measures.

Computer networks.

Open source software.

Physical Description:

1 online resource (464 pages)

Place of Publication:

Birmingham, England ; Mumbai : Packt, 2022.

Biography/History:

Camargo Julio Cesar Bueno de: Julio Cesar Camargo is a cybersecurity professional with +15 years of experience working with open-source software. He started with Conectiva Linux and later became the official instructor helping dozens of students. As an aviation enthusiast and airplane pilot, he strives to bring all the aviation best practices to his professional routine. Julio started working with OPNsense in 2016, contributing to the project with code, official forum moderation, articles, Udemy course, and promotions in Europe. He founded Cloudfence in 2018, a cybersecurity startup and a Luso-Brazilian-managed security services firm with an open-source DNA. As its CTO, Julio aims to spread open source security as a service to companies from different parts of the world.

Summary:

Work with one of the most efficient open-source FreeBSD-based firewall and routing solutions to secure your network with ease Key Features Learn end-to-end OPNsense firewall implementation and management Defend against attacks by leveraging third-party plugins such as Nginx and Sensei Grasp hands-on examples and labs to become proficient with OPNsense firewall Book Description OPNsense is one of the most powerful open source firewalls and routing platforms available. With OPNsense, you can now protect networks using features that were only previously available to closed source commercial firewalls. This book is a practical guide to building a comprehensive network defense strategy using OPNsense. You'll start with the basics, understanding how to install, configure, and protect network resources using native features and additional OPNsense plugins. Next, you'll explore real-world examples to gain in-depth knowledge of firewalls and network defense. You'll then focus on boosting your network defense, preventing cyber threats, and improving your knowledge of firewalling using this open source security platform. By the end of this OPNsense book, you'll be able to install, configure, and manage the OPNsense firewall by making the most of its features. What you will learn Understand the evolution of OPNsense Get up and running with installing and setting up OPNsense Become well-versed with firewalling concepts and learn their implementation and practices Discover how to apply web browsing controls and website protection Leverage Sensei to implement next-generation firewall features Explore the command-line interface (CLI) and learn the most relevant FreeBSD commands Who this book is for This OPNsense firewall book is for system administrators, network administrators, network security professionals, and enthusiasts who wish to build and manage an enterprise-grade firewall using OPNsense. A basic understanding of how a firewall works will be helpful to make the most of this book.

Contents:

Cover

Title Page

Copyright and Credits

Dedication

Contributors

Table of Contents

Preface

Section 1: Initial Configuration

Chapter 1: An OPNsense Overview

About the OPNsense project

Project history

A new project with a lot of improvements on old code

Rock-solid FreeBSD

HardenedBSD

FreeBSD

Why OPNsense?

My personal experience

Features and common deployments

Core features

Common deployments

Where to get help?

Some facts

Summary

Chapter 2: Installing OPNsense

Technical requirements

Versions and requirements

Versioning

Hardware

Downloading and installing OPNsense

Configuring VirtualBox to install OPNsense

Mounting the OPNsense ISO file

Installing OPNsense

Unmounting the ISO installation file

Setting up a LAN network

Configuring network interfaces

Updating firmware

Checking for system updates in WebGUI

Checking system updates using the CLI

Installing plugins

Advanced

Accessing the CLI through SSH

FreeBSD packages

PKG basic operations

Chapter 3: Configuring an OPNsense Network

Hardware considerations

FreeBSD NIC names

The ifconfig command

Basic network configuration

WebGUI

network interface configuration

Assigning network interfaces

Overview of the network interface

Types of interfaces

Bridge

GIF

GRE

LAGG

Loopback

VLAN

VXLAN

Proposed exercise

creating another type of network interface

Exploring virtual IPs

IP alias

CARP

Proxy ARP

creating a virtual IP address

Network diagnostics and troubleshooting

True story

how to use ARP Table diagnostics

Common issue

local network hosts can't open websites

Summary

Chapter 4: System Configuration

Managing users and groups

Creating users and groups

External authentication

Certificates

a brief introduction

General settings

The administration page

The General page

About OPNsense logging

Advanced settings

Cryptography settings

Configuration backup

Section 2: Securing the Network

Chapter 5: Firewall

Understanding firewalling concepts

A stateful firewall

The Packet Filter

Firewall aliases

Importing and exporting aliases

The firewall rules

The rule processing order

Rule actions

Firewall settings

Diagnostics and troubleshooting

Troubleshooting

Chapter 6: Network Address Translation (NAT)

NAT concepts

Port forwarding

Caveats

Creating a port forwarding rule

Outbound NAT

NAT outbound modes

Adding an outbound NAT rule

One-to-one NAT

Adding a one-to-one NAT rule

Chapter 7: Traffic Shaping

Introduction to traffic shaping

dummynet and ipfw

Possible scenarios

Notes:

Includes index.

Description based on print version record.

ISBN:

9781801814058

1801814058

OCLC:

1321802387