Pfsense L7 tools

I’m currently a user of Unangle and Sophos XG depending on which box is running, I like to explore both. I prefer items from each vendor. I’m in the process of looking at pfsense again following some of Tom’s videos again (Thank you Tom, great content as ever).

This install is for a home setup with about 40 devices on the network, there is already various VLANs separating IOT / AV devices and so forth. I’m looking to separate things further with more home working etc.

What optional features are generally recommended to bring pfsense up to similar L7 capabilities like Sophos or Untangle?

The only thing that also puts me off pfsense is the Netgate fallout etc.

The other reason why I’m interested in the pfsense offering is I’m more likely to see it in the corporate world than Untangle or Sophos XG tbh. Shame PA don’t do home / lab firewalls etc.

pfsense does not have any good layer 7 tools, we sell people Untangle when they need those features.

Makes sense.

Sounds like I should spin up a pfsense to explore again, but stay on Untangle. TBH probably in the home environment Untangle is too much and most stuff is encrypted these days so these tools are becoming less and less useful.

In an ideal world a mash of Untangle and pfsense. One area I really don’t like re Untangle is the rule creation and I think it’s less flexible configuration wise.

Any plans for more Untangle content, although I expect the audience is pretty limited and you won’t get the views required for the content effort etc.

No one is really that interested in Untangle content so I don’t spend as many hours making it for no real return.

Thought that would be the case, no point in content effort for little return. It’s another reason for relooking at pfsense due to Untangle being leftfield in the marketspace.

I’d never heard of them until a few years back when I saw them on your channel. I think the client base in the UK for them is extremely low too.

I haven’t played with this, but I’m seeing info that suggests Snort can do some kind of application detection:

Again, no knowledge of it, just know it exists. Might be an option to play with. I also see people suggesting OPNsense which apparently has this in the core functions, but again no experience.