A few weeks back, I’ve ditched my Netcomm adsl modem/router/firewall/voip and added a small modem in bridge mode. At the same time, reconfigured my switching on my core network to support VLANs, thus enabling me to fully take advantage of my ESX hosting with a iscsi SAN (freenas) backend.
One of the things that I’ve fundamentally changed was the introduction of pfSense, a FreeBSD firewall distribution. I am still speechless about all the plugins and enteprise-level functionality, and I am not even done 50% taking advantage of all the (free, as in free beer) features.
3 main add-in modules have caught my attention: Squid transparent proxy, SNORT Active IDS and Varnish HTTP/S accelerator. While the first two I’ve know for QUITE a while and have run in various configurations, Varnish was completely new to me and took a bit of configuration.
However, the ability to respond with cached objects OUTSIDE the webhost itself, and the ability to use advanced load balancing and failover have truly impressed me.
If you don’t believe me, check the bellow screenshot…