We just raised a $30M Series A: Read our story

OPNsense Room for Improvement

OT/ICS Information Security Specialist at SANS

I have some issues with OPNsense. I have created a virtual machine that I've lost connection at times and I am not able to connect to the gateway or ping the internet. When I started with OPNsense, it worked right away. It may be an issue with the virtual machine itself. I am currently setting up the protection on all of the virtual machines so they will connect to OPNsense and the internet, or anywhere they need to access.

I have tried to download some malicious files or a virus and it should dump the files and prevent the download, but I don't seem to get any notification or warnings.

It may be an issue with the configuration but I am not sure.

I would like to see improvements made to connectivity and alerting.

I wanted to deploy this solution in our organization and some of the workstations from remote sites but it's not reliable enough to do that yet.

In the next release, I would like to see real traffic monitoring and more visibility. Also, for the antivirus, I would like to see the files protected by ClamAV. 

I would like to see intelligence in OPNsense and have the option to apply it or not.

They need a threat intelligence tool similar to the one they would find with Cisco. It will show you the file hashes, all of the IFCs, the niches, the address information, and more.  With all of this information, you can be proactive and block the malicious file hashes, all of the malicious IP addresses, and the public IP addresses. It should help you be proactive.

It would be helpful to have OPNsense be one of the plugins, and they should include traffic capturing. With Palo Alto, you can monitor and specify which interface you want to monitor, the source IP, or you can specify the network and see the traffic that is coming from the VLAN, the destination, and any files being transferred over the network.

If you apply security profiles you can see the signatures.

View full review »
HP
Senior Network Architect at Virtua Technologies

The vendor should offer compatibility-approved boxes, or at least stock one with OPNsense already installed. This would make it a one-stop-shop, and people would not have to worry about sourcing the hardware separately.

I would like to see better SD-WAN performance. I think that could be a very good bonus because SD-WAN is all the rage these days. That is probably the big thing that people need to improve upon, in terms of combining two, three, or four links.

The interface should continue to improve, which would make things a bit easier. For me, it was already easy, but nonetheless, it is quicker to install a FortiGate firewall.

View full review »
CA
Owner and business consultant at networks srl

The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform.

View full review »
Learn what your peers think about OPNsense. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
554,586 professionals have used our research since 2012.
Support Engineer at Techaccess Pakistan

The solution can't compete with next-generation firewalls.

The solution would not be suitable for anything large-scale.

View full review »
FF
Cloud and Infrastrcture manager at a venture capital & private equity firm with 1,001-5,000 employees

The interface needs to be simplified. It is not user-friendly.

The bandwidth management is easy to use, but very hard to implement. The multi-provider internet is protected by OPNsence but the features are limited, and not stable.

The high availability feature is not feasible when the hardware fails.

View full review »
ST
Senior Network Engineer at a comms service provider with 11-50 employees

While they do have paid options that actually give better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet.

They should make it so that it's easier to reverse proxy integration.

View full review »
System Administration Specialist at a tech vendor with 1-10 employees

The feature that I would like to see in the next release, I think, would be to improve the VPN (Virtual Private Network) selection. Specifically, I would like to improve the section where you can set the VPN IP address to high availability.  

View full review »
JL
Director at a comms service provider with 11-50 employees

The solution could be more secure. 

View full review »
Senior Solution Manager at a comms service provider with 501-1,000 employees

The logging could improve in OPNsense.

View full review »
Vice President at Jagils egypt

There should be more technical documentation. 

View full review »
Business Development Advisor at a tech services company with 1-10 employees

The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs.

View full review »
Learn what your peers think about OPNsense. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
554,586 professionals have used our research since 2012.