In Part One of this series, we established a working definition of our target, i.e. what has to be done, and in what order, to Cerberus the lowly IDS firewall to make it a UTM Appliance. In Part Two, we started the conversion by installing and configuring multi-WAN support, Squid, IDS and anti-virus features. In Part 3, we added and configured Content Filtering, Traffic Control, Load Balancing and Failover.
In this last part, we'll wrap things up with Monitoring and Logging configuration, performance testing, final grading and reflection on the whole process.
Monitoring and Logging
There are numerous packages for logging and interfaces to external monitoring packages, summarized in Table 1.
| Capability | Explanation | Features |
|---|---|---|
| Built-in Logging | Protocols for logging system events | SNMP, Syslogd, WebGui |
| RRD Graphs | System Resources Graphic Monitoring Tool | CPU Load, Traffic Throughput, Quality Handling, and Shaping Queues |
| Snort | Alert Tracking and Status | Barnyard2 package interface, Dashboard Widget |
| Squid | Web and Cache statistic | LightSquid |
| System Status | Hardware and Package Status | Dashboard, PHPsysinfo, WebGui, BandwidthD |
| External Interfaces | Monitoring and Management Agents | Zabbix, Radius, ntop |
Table 1: Logging and monitoring packages
Several of these are built in, RRD Graphs are available is available from the Status menu, SyslogD can be configured there too, under Status->System Logs->Settings. SNMP is a built-in, find it under Services->SNMP.
Installing the others is straightforward, and can be found in the packages menu, these include LightSquid, BandwidthD, PHPsysinfo, and the Dashboard, including several dashboard widgets (Snort, Havp status). The interface to Barnyard2 is included with Snort.
The only issue with a couple of these packages, LightSquid, ntop and BandwidthD, is that they are not fully integrated into the pfSense webGui - the pfSense banner and menus disappear, but backing out of the reports will lead you back to the web GUI.
Here are some screenshots of some of the logging and reporting options:
Figure 1: RRD Graphs
Figure 2: BandwidthD add-on Package
Figure 3: Dashboard
Figure 4: Light Squid
Related Articles
-
Build Your Own UTM With pfSense - Part 2
- Build Your Own UTM With pfSense - Part 1
Support Us!
If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!Don't Miss These
-
How Much Total Throughput Can Your Wi-Fi Router Really Provide?
Read More
It's harder than you think for that expensive router of yours to deliver all the throughput the big number on its box promises. We show you why. -
Router Or Wi-Fi System: How To Choose
Read More
Trying to decide between a router and a Wi-Fi System? This experiment should help you choose wisely. -
Wi-Fi 6E: The Basics
Read More
Updated: Here's a quick primer on Wi-Fi 6E. -
Wi-Fi Ping Spikes: Causes and Fixes
Read More
Wi-Fi ping spikes aren't always caused by a poor connection. Your router settings could be to blame. -
Wi-Fi Roaming Secrets Revealed
Read More
Ever wonder what happens behind the scenes when Wi-Fi devices roam, or more likely don't? We'll show you why the "seamless" roaming Wi-Fi gear makers promise is still as elusive as a Yeti. -
How To Fix Wi-Fi Roaming
Read More
We reveal the secrets of why your devices don't always connect where you want them to and what you can do to fix it.
- 1
- 2
› ‹ - Build Your Own UTM With pfSense - Part 1