In Part One of this series, we established a working definition of our target, i.e. what has to be done, and in what order, to Cerberus the lowly IDS firewall to make it a UTM Appliance. In Part Two, we started the conversion by installing and configuring multi-WAN support, Squid, IDS and anti-virus features. In Part 3, we added and configured Content Filtering, Traffic Control, Load Balancing and Failover.
In this last part, we'll wrap things up with Monitoring and Logging configuration, performance testing, final grading and reflection on the whole process.
Monitoring and Logging
There are numerous packages for logging and interfaces to external monitoring packages, summarized in Table 1.
| Capability | Explanation | Features |
|---|---|---|
| Built-in Logging | Protocols for logging system events | SNMP, Syslogd, WebGui |
| RRD Graphs | System Resources Graphic Monitoring Tool | CPU Load, Traffic Throughput, Quality Handling, and Shaping Queues |
| Snort | Alert Tracking and Status | Barnyard2 package interface, Dashboard Widget |
| Squid | Web and Cache statistic | LightSquid |
| System Status | Hardware and Package Status | Dashboard, PHPsysinfo, WebGui, BandwidthD |
| External Interfaces | Monitoring and Management Agents | Zabbix, Radius, ntop |
Table 1: Logging and monitoring packages
Several of these are built in, RRD Graphs are available is available from the Status menu, SyslogD can be configured there too, under Status->System Logs->Settings. SNMP is a built-in, find it under Services->SNMP.
Installing the others is straightforward, and can be found in the packages menu, these include LightSquid, BandwidthD, PHPsysinfo, and the Dashboard, including several dashboard widgets (Snort, Havp status). The interface to Barnyard2 is included with Snort.
The only issue with a couple of these packages, LightSquid, ntop and BandwidthD, is that they are not fully integrated into the pfSense webGui - the pfSense banner and menus disappear, but backing out of the reports will lead you back to the web GUI.
Here are some screenshots of some of the logging and reporting options:
Figure 1: RRD Graphs
Figure 2: BandwidthD add-on Package
Figure 3: Dashboard
Figure 4: Light Squid
Related Articles
-
Build Your Own UTM With pfSense - Part 2
- Build Your Own UTM With pfSense - Part 1
Support Us!
If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!Don't Miss These
-
Wi-Fi 6 Performance Roundup: Five Routers Tested
Read More
We take a look at how five Wi-Fi 6 routers perform with a Wi-Fi 6 client. -
First Peek At Wi-Fi 6: ASUS RT-AX88U & NETGEAR RAX80
Read More
Updated - Our first look at the performance of NETGEAR's RAX80 and ASUS' RT-AX88U shows little benefit functioning as AC routers. -
160 MHz Wi-Fi Channels: Friend or Foe?
Read More
Updated - 160 MHz channel bandwidth is an essential feature of 802.11ax. We take a look at whether it means trouble for your 11ac network. -
Wi-Fi Roaming Secrets Revealed
Read More
Ever wonder what happens behind the scenes when Wi-Fi devices roam, or more likely don't? We'll show you why the "seamless" roaming Wi-Fi gear makers promise is still as elusive as a Yeti.
- 1
- 2
› ‹ - Build Your Own UTM With pfSense - Part 1