Netgate SG-1000 microFirewall

Author Topic: PFSense Monitoring, Logging, Alerting Service  (Read 4671 times)

0 Members and 1 Guest are viewing this topic.

Offline kapara

  • Hero Member
  • *****
  • Posts: 836
  • Karma: +14/-0
    • View Profile
Re: PFSense Monitoring, Logging, Alerting Service
« Reply #90 on: April 24, 2017, 12:25:37 pm »
Yes very interesting project.  Something I have been asking for since 2008 https://forum.pfsense.org/index.php?topic=7949.0

For something put together so quick it is really great so understand my comments are not meant to be negative but suggestions to improve....

Several items which I think are important.

1. Encrypted transmission of syslog data. (Critical when dealing with customers with compliance issues.
2. Agent based.  (Client firewall initiates connection to Central pf Monitor)  Does not require client firewall to open ports and also reduces complexities with dynamic WAN and or multi-wan issues.  Multi-Wan monitoring.  Similar to Xabbix agent but this is a better solution!
3. Ability to monitor and or centralize the creation of VPN  tunnels as templates.  Monitor VPN tunnels
Skype ID:  Marinhd

Offline MasterX-BKC-

  • Full Member
  • ***
  • Posts: 117
  • Karma: +16/-2
  • FBI Infragard Member
    • View Profile
    • PFMonitor
Re: PFSense Monitoring, Logging, Alerting Service
« Reply #91 on: April 24, 2017, 04:19:46 pm »
1. Encrypted transmission of syslog data. (Critical when dealing with customers with compliance issues.
2. Agent based.  (Client firewall initiates connection to Central pf Monitor)  Does not require client firewall to open ports and also reduces complexities with dynamic WAN and or multi-wan issues.  Multi-Wan monitoring.  Similar to Xabbix agent but this is a better solution!
3. Ability to monitor and or centralize the creation of VPN  tunnels as templates.  Monitor VPN tunnels

1.  Encrypted transmission of the syslog data is already an option, there is a downloadable crypto tool that handles it.

2.  pfMonitor is agent based, requires no open ports, and even works on Dynamic IPs.

3.  For the moment, for security reasons, we do not alter the configuration of units from inside pfMonitor, it can do reboots, upgrade the firmware, and regenerate URL Tables from a single button press, and there is a button to open the devices web admin right on the menu.  We recommend that if you want to have full remote administrative control of the units, to open a port, and whitelist protect the port using an alias, to your Office or NOCs static IP only.  Thus it remains secure.  You can then insert into pfMonitor what Port you openned, and its web admin button will simply open a new tab automatically to the correct ip and port when clicked.  And you will still have the safety and security of having the firewalls username and password be required to get into it.

If i create a system that can control every aspect of a firewall, it will become one of the most attacked systems on the internet, because a successful breach would mean they could control every firewall there was.  I believe this to be a bad idea.  Instead the system can monitor them, control parts of them, and do reboots and upgrades, but it cannot actually issue shell commands, or change the config.
17 x SG-2220
14 x SG 2440
1 x SG 4860
1 x SG-1000
9 x VMware Virtual pfSense's
Member of FBIs Infragard Program
Partner of Arizona Cyber Warfare Range
PFMonitor Remote Management & Live Monitoring for PFSense

Offline MasterX-BKC-

  • Full Member
  • ***
  • Posts: 117
  • Karma: +16/-2
  • FBI Infragard Member
    • View Profile
    • PFMonitor
Re: PFSense Monitoring, Logging, Alerting Service
« Reply #92 on: April 28, 2017, 06:17:55 pm »
Added buttons to update all firewalls, reboot all firewalls, re-sync all ACLs to all firewalls, etc.

Added feature to secure dashboards, and enable sales people to use dashboards, without access to the rest of pfmonitor.
17 x SG-2220
14 x SG 2440
1 x SG 4860
1 x SG-1000
9 x VMware Virtual pfSense's
Member of FBIs Infragard Program
Partner of Arizona Cyber Warfare Range
PFMonitor Remote Management & Live Monitoring for PFSense

Offline MasterX-BKC-

  • Full Member
  • ***
  • Posts: 117
  • Karma: +16/-2
  • FBI Infragard Member
    • View Profile
    • PFMonitor
Re: PFSense Monitoring, Logging, Alerting Service
« Reply #93 on: May 08, 2017, 12:37:52 am »
Updated PFMonitor to index units bios information into the inventory data, updated checkin agent to support such features in pfsense 2.3.4
17 x SG-2220
14 x SG 2440
1 x SG 4860
1 x SG-1000
9 x VMware Virtual pfSense's
Member of FBIs Infragard Program
Partner of Arizona Cyber Warfare Range
PFMonitor Remote Management & Live Monitoring for PFSense

Offline MasterX-BKC-

  • Full Member
  • ***
  • Posts: 117
  • Karma: +16/-2
  • FBI Infragard Member
    • View Profile
    • PFMonitor
Re: PFSense Monitoring, Logging, Alerting Service
« Reply #94 on: May 09, 2017, 11:08:25 pm »
Added features for portscanning, fixed some views in several modules.
17 x SG-2220
14 x SG 2440
1 x SG 4860
1 x SG-1000
9 x VMware Virtual pfSense's
Member of FBIs Infragard Program
Partner of Arizona Cyber Warfare Range
PFMonitor Remote Management & Live Monitoring for PFSense

Offline MasterX-BKC-

  • Full Member
  • ***
  • Posts: 117
  • Karma: +16/-2
  • FBI Infragard Member
    • View Profile
    • PFMonitor
Re: PFSense Monitoring, Logging, Alerting Service
« Reply #95 on: May 11, 2017, 12:07:18 am »
Added VPN Status monitoring and Dashboard alerting on VPN drop.
17 x SG-2220
14 x SG 2440
1 x SG 4860
1 x SG-1000
9 x VMware Virtual pfSense's
Member of FBIs Infragard Program
Partner of Arizona Cyber Warfare Range
PFMonitor Remote Management & Live Monitoring for PFSense

Offline uenal10

  • Newbie
  • *
  • Posts: 15
  • Karma: +0/-1
    • View Profile
Re: PFSense Monitoring, Logging, Alerting Service
« Reply #96 on: May 11, 2017, 03:53:20 am »
How can I add my pfsense in this system. If I try to add my device under " Manage My device", I get a Message like " Not Available in this Demo yet". Can you Help me

Offline MasterX-BKC-

  • Full Member
  • ***
  • Posts: 117
  • Karma: +16/-2
  • FBI Infragard Member
    • View Profile
    • PFMonitor
Re: PFSense Monitoring, Logging, Alerting Service
« Reply #97 on: May 11, 2017, 08:10:16 pm »
The demo is just that, a demo, would you like a 1 month trial to use with your pfsense?
17 x SG-2220
14 x SG 2440
1 x SG 4860
1 x SG-1000
9 x VMware Virtual pfSense's
Member of FBIs Infragard Program
Partner of Arizona Cyber Warfare Range
PFMonitor Remote Management & Live Monitoring for PFSense

Offline MasterX-BKC-

  • Full Member
  • ***
  • Posts: 117
  • Karma: +16/-2
  • FBI Infragard Member
    • View Profile
    • PFMonitor
Re: PFSense Monitoring, Logging, Alerting Service
« Reply #98 on: May 11, 2017, 09:20:59 pm »
All screenshots on first post updated to latest!  Some added to show new features.
17 x SG-2220
14 x SG 2440
1 x SG 4860
1 x SG-1000
9 x VMware Virtual pfSense's
Member of FBIs Infragard Program
Partner of Arizona Cyber Warfare Range
PFMonitor Remote Management & Live Monitoring for PFSense

Offline uenal10

  • Newbie
  • *
  • Posts: 15
  • Karma: +0/-1
    • View Profile
Re: PFSense Monitoring, Logging, Alerting Service
« Reply #99 on: May 12, 2017, 08:13:17 am »
Oh yes I want a 1 month trial to test it. Can you send me an account?

Offline meruem

  • Jr. Member
  • **
  • Posts: 68
  • Karma: +2/-1
    • View Profile
Re: PFSense Monitoring, Logging, Alerting Service
« Reply #100 on: May 13, 2017, 06:39:42 am »
i'd like to try a demo

Offline MasterX-BKC-

  • Full Member
  • ***
  • Posts: 117
  • Karma: +16/-2
  • FBI Infragard Member
    • View Profile
    • PFMonitor
Re: PFSense Monitoring, Logging, Alerting Service
« Reply #101 on: May 18, 2017, 02:13:07 pm »
The Static Demo has largely been updated to the current build level, which adds a crap ton of fixes, changes, features, and such visible that were not before.
17 x SG-2220
14 x SG 2440
1 x SG 4860
1 x SG-1000
9 x VMware Virtual pfSense's
Member of FBIs Infragard Program
Partner of Arizona Cyber Warfare Range
PFMonitor Remote Management & Live Monitoring for PFSense

Offline MasterX-BKC-

  • Full Member
  • ***
  • Posts: 117
  • Karma: +16/-2
  • FBI Infragard Member
    • View Profile
    • PFMonitor
Re: PFSense Monitoring, Logging, Alerting Service
« Reply #102 on: May 18, 2017, 02:49:45 pm »
Tested and now can confirm PFMonitor 100% functionality on SG-1000 mini pfsense units.
17 x SG-2220
14 x SG 2440
1 x SG 4860
1 x SG-1000
9 x VMware Virtual pfSense's
Member of FBIs Infragard Program
Partner of Arizona Cyber Warfare Range
PFMonitor Remote Management & Live Monitoring for PFSense