Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Free Learning

You're reading from Mastering pfSense Manage, secure, and monitor your on-premise and cloud network with pfSense 2.4

Product type Paperback

Published in May 2018

Publisher

ISBN-13 9781788993173

Length 450 pages

Edition 2nd Edition

Tools

pfsense

Concepts

Networking

Author (1):

David Zientara

View More author details

Table of Contents (15) Chapters

Preface

1. Revisiting pfSense Basics FREE CHAPTER

2. Advanced pfSense Configuration

3. VLANs

4. Using pfSense as a Firewall

5. Network Address Translation

6. Traffic Shaping

7. Virtual Private Networks

8. Redundancy and High Availability

9. Multiple WANs

10. Routing and Bridging

11. Extending pfSense with Packages

12. Diagnostics and Troubleshooting

13. Assessments

14. Another Book You May Enjoy

Leave a review - let other readers know what you think

Firewall best practices

From these fundamental principles, we can distil a set of best practices for implementing our firewall. Some of these practices are fairly obvious; some may not be quite so obvious:

When you create your firewall rules, the principle of least privilege should apply. In many cases, firewall rules have been too permissive. You should try to avoid creating pass-through rules which have any in the destination field, or at least limit the range of ports to which these rules apply. pfSense blocks all network traffic by default, and you'll want to take advantage of that.
You should periodically check your firewall rules and delete rules that are out of date. For example, in our example network, we had a printer on the MARKETING subnet that was to be shared and therefore a firewall rule would have to be created granting access to this printer. If the printer...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

David Zientara

David Zientara is a software engineer living in northern New Jersey. He has over 20 years of experience in IT. In the mid-1990s, David became the lead software engineer for Oxberry LLC, a digital imaging company headquartered in New Jersey. In this capacity, he played a major role in developing a new software package for the company's equipment. In the mid-2000s, David took an interest in computer networking, an interest that led him to learn about m0n0wall and, eventually, pfSense. David currently is employed with the Prasad Corporation in a consulting position and is also the author of Learn pfSense 2.4 and Mastering pfSense 2.4, also available from Packt Publishing.

See other products by David Zientara