Features:
Setup and Install
- If you can login to the pfSense, you have the skills to setup PFMonitor on it.
- Nothing to type or decypher, Everything you need to enter into the pfSense or OPNSense is a copy/paste.
- Complete Video Install Guides so all you have to do, is exactly what the video depicts.
Automatic Config Backups:
- pfSense & OPNSense Configs are backed up to our Cloud every 6 hours over secure TLS.
- Backups are indexed in PFMonitor by Firewall, Serial Number, Time of Backup, and Last known configuration change.
- Download your configuration backups with a single click, and restore them using the pfSense or OPNSense Web GUI.
- Ability to roll back a matter of Hours, or longer.
Dynamic DNS Service:
- PFMonitor now includes its own Dynamic DNS service free with a PFMonitor Subscription, utilizing Cloudflares Global DNS Network.
- If you have Multi-WAN/Failover/etc our system will automatically update to the correct IP seamlessly if one of your links drops.
- Adding a Dynamic DNS name to a firewall is as simple as assigning a name, and waiting 60 seconds.
- You can also over-ride the IP Address to set one of your choosing if the need should arrise.
- Firewalls that are setup on PFMonitor properly require no additional config to work with out Dynamic DNS, you dont even have to set it up in the firewall.
- No additional software or setup is required for firewalls already fully setup on PFMonitor.
Centralized Troubleshooting:
With 1 Click, trigger numerous diagnostic functions without having to remote into the firewall!
- See your Interface Statistics right in the PFMonitor GUI.
- See the console status screen right in the PFMonitor GUI.
- Restart Web Configurator Services.
- Restart PHP-FPM Service.
- Restart OpenVPN Services.
- Reload Filter Rules.
- Reset Admin password back to default.
- Reboot the firewall completely.
Threat Monitoring:
- Live visibility of hits from Portscans, Syn Floods, NMap Scans, and other attempts against your pfSense Firewalls.
- Extensive Cross-Referencing of Attackers, Targets, Repeat Offenders, and Target Trends
- Ability to compare your hits against those seen by other PFMonitor users, to see if your being targetted, or just hit like everyone else.
- Ability to Export or Print out reports on the above.
- Add notes to attacking IPs, these notes are visible to all PFMonitor users. All members contribute to the reputation of offending IPs
- When viewing offensive IPs seen by all PFMonitor users, Other users Firewalls IPs are hidden.
- Ability to sort and filter by Firewall Device, and by IP.
Security Auditing:
- Live view of your ARP Tables to identify devices that should, or should not be there.
- Easily scan all your firewalls for specific open ports!
- Run Portscans against hosts of your choice to aid in identifying potential threatening hosts.
Status Monitoring and Inventory Tracking:
- IPSEC VPN Status monitoring and alerting on NOC Dashboard, and Firewall Details page. Alerts on VPN Tunnel Drops.
- NOC Dashboard designed for large screens, to show LIVE stats of your Units, CPU Usage, RAM Usage, Load, Uptime, Firmware Version, Serial #'s, and more.
- NOC Map Dashboard allows for a logical or topographical layound of all your devices on a graphical map of your choosing. Alerting devices flash red, and show info on mouseover.
- SOC Dashboard designed for large screens, to show LIVE attacks against your Units, down to the second, see portscans, etc, as they happen,
and their sources, which unit they have targetted.
- Device Identity automatically indexed in PFMonitor such as: Hostname, Serial Number, Firmware Version, etc.
- Automatic Update of Checkin Agent as needed.
- Reboot any pfSense/OPNSense you manage from PFMonitor with 1 click.
- Upgrade Firmware of any pfSense/OPNSense you manage from PFMonitor in 1 click.
- E-Mail Alert on Failed Logins to any firewalls Web Config, or SSH.
ACL Management/Whitelist and Blacklist Deployment:
- Manage a Central Whitelist and Blacklist in PFMonitor that auto-deploys to all your PFSense units.
- Manage an individual Whitelist and Blacklist for each PFSense/OPNSense unit in addition to the Central Lists for more granular access control.
- Use these lists as Aliases in PFSense/OPNSense NAT Policies and Rules.
- Lists are auto-updated from PFMonitor to the PFSense/OPNSense Units by our Checkin Agent
- ACL Status List to show the date and time each firewall last updated its lists
Security Footprint:
- PFMonitor does NOT require ANY open ports on your PFSense/OPNSense Firewalls, PERIOD!
- PFMonitor does NOT require usernames, passwords, or private keys to your PFSense/OPNSense Firewalls.
- All Communication traffic from PFMonitor to your Firewall units goes over TLS, and is initiated from the Firewall itself.
- Source code of our Checkin Agent is available to registered users of PFMonitor for security review.
- No modifications required to any PFSense/OPNSense files for threat tracking.
- Checkin Agent requires only the addition of 1 file, and install of the Cron Package, Thats it!
- Checkin Agent does NOT expose shell access to the PFMonitor backend, It can only trigger pre-defined commands.
- PFMonitor is hosted in a Walled Garden with limited Internet Access, Behind CloudFlare, a PFSense, and a Custom Built WAF(Web Application Firewall).
- PFMonitor utilizes SHA256 for credential security
Web Application Firewall: (Optional Addon)
- Defend your Websites and Web Application Systems, whether they are behind pfSense or not!
- Automatically detect and block SQL injection attempts.
- Automatically detect and block XSS injection attempts.
- Have offending IPs automatically added to your pfSense or OPNSense Firewalls Block List.
- Have offending IPs automatically added to your CloudFlare Block List. (if applicable)
- Easily browse and review logs of the detected hits.
- Standalone Version of our Web Application Firewall is available seperate from PFMonitor.
- Professional Setup and Installation included.
- Contact us for a Demonstration and Quote.
|
