Not rendering correctly? View this email as a web page here.
Newsletter
pfsense tnsr banner

April 2021

This Month's Topics

TNSR® Software
  • IT Pros Share Their VPP Journey with TNSR
  • TNSR Application Spotlight: Port Mirror
  • TNSR Configuration Recipes: TNSR Remote Office With Existing IPsec Hub

pfSense® Software

  • pfSense Plus 21.02.2-RELEASE and pfSense CE 2.5.1-RELEASE Now Available
  • Free Self-Paced, Online Training & Certification for pfSense Plus
  • pfSense Video: How to Run a File System Check

Other News

  • Introducing a New Store Experience 
  • We Would Love Your Feedback
  • Netgate Tech Tip of the Month
 

tnsr divider
 

IT Pros Share Their VPP Journey with TNSR

In a recent blog Jerry Wilson, with Region 5 ESC, shared the following on how he got started with VPP and TNSR.

We have to keep costs down and offer services that are just as good as an ISP. Our previous solution used a device that had a limited number of 10 gig ports. Increasing that would cost more with licensing fees and support maintenance costs.

I was actually kind of surprised, I thought VPP was just code that vendors would use to build a product from and that it wasn’t anything you could really approach. TNSR helped me see it as a product, something that you could take and put into practice really quickly.

You can learn more about Region 5 ESC by reading their case study

 

TNSR Application Spotlight: Port Mirror

port mirror

Do you have a network location where you'd like to copy all traffic for network analysis or security inspection purposes? If so, you're probably already familiar with network taps - systems that monitor events on a network to aid administrators in analysis. Most taps are dedicated hardware devices - which are expensive. There are also port mirrors, which typically reside on a network switch - but, under heavy traffic scenarios can be performance compromised. There is a better answer. Deploy TNSR on a cloud VM or inexpensive commercial-off-the-shelf (COTS) hardware. 

TNSR software, when configured as a Port Mirror, provides businesses fast, flexible, inexpensive network traffic copies for security and network monitoring applications. Deployed on-premises or in the cloud without cumbersome agents or proprietary hardware, TNSR software acts as a "software TAP" with built-in traffic monitoring - enabling high volume traffic copying with ease. Key capabilities include:

  • High-speed traffic copies: Deliver traffic to 3rd party security analysis/inspection tools at rates up to 100 Gbps - on-premises or in the cloud
  • Low cost: Fraction of the price of legacy solutions
  • Flexible management: Familiar CLI or automated management via RESTCONF API
  • Flexible on-premises deployment options: Bare metal or VM
  • Cloud-Ready: Available on Amazon AWS and Microsoft Azure

Whether the network traffic copying need is on-premises or in the cloud, TNSR software provides multi-gigabit level performance at the lowest cost, least deployment complexity, and easiest scale.

For more TNSR use cases, videos, and datasheets, please visit our TNSR resource page. To get started with TNSR, visit our subscriptions page.

 

TNSR Configuration Recipes: TNSR Remote Office With Existing IPsec Hub

Setting up and configuring new software can often be challenging. To aid our customers in getting up and running quickly with TNSR software we include several configuration recipes in TNSR documentation. The use cases covered by these recipes are real-world challenges encountered by Netgate customers.

In this latest recipe, we provide guidance for planning and configuring a site-to-site VPN connection between a Netgate SG-5100 appliance running TNSR software and an existing IPsec head end at a headquarters location.

Ready to try TNSR software? Visit our subscription page and get started today.

 

pfsense divider
 

pfSense Plus 21.02.2-RELEASE and pfSense CE 2.5.1-RELEASE Now Available

We are pleased to announce that pfSense Plus 21.02.2. and pfSense CE 2.5.1 are now available for new installations and upgrades! For more information on these releases, please see our blog or release notes.

Always take a backup of the firewall configuration prior to any major change to the firewall, such as an upgrade.

Do not update packages before upgrading! Either remove all packages or do not update packages before running the upgrade.

The upgrade will take several minutes to complete. The exact time varies based on download speed, hardware speed, and other factors such as installed packages. Be patient during the upgrade and allow the firewall enough time to complete the entire process. After the update packages finish downloading it could take 10-20 minutes or more until the upgrade process ends. The firewall may reboot several times during the upgrade process. Monitor the upgrade from the firewall console for the most accurate view.

If the update check fails, or the update does not complete, run 'pkg install -y pfSense-upgrade' to ensure that 'pfSense-upgrade' is present.

 

Free Self-Paced, Online Training & Certification for pfSense Plus

Training

Netgate is pleased to announce the immediate availability of our flagship training offering, pfSense Plus Fundamentals and Practical Application in a free, self-paced, online format.

Access to the training course is free. We encourage everyone interested in learning more about pfSense Plus or about firewalls and routing in general, to work through the curriculum at their own pace. At the end of the course, an optional multiple-choice test with labs is available for those seeking certification for a small fee.

For more information on this announcement, please read our blog

 

pfSense Video: How to Run a File System Check

In some cases, pfSense software may detect a file system issue and print an error on the console at boot time. The most common occurrence is with an unclean shutdown - such as a power loss. In most cases this is harmless and the self-check will complete and correct the error. However, in rare cases, the firewall may need to be booted into single-user mode where "fsck" can be run manually until no problems are found. We created a short video to walk users through this process with pfSense software.

   

blank divider

 

Other News 

Introducing a New Store Experience

New Netgate Store

While our prior store has served us well for many years, our business continues to grow and evolve. We’re excited to announce a new store - one that provides our customers with a clean, modern, and streamlined shopping experience.

Read this blog to get for a quick how-to on starting your first order and see new appliance options!

 

We Would Love Your Feedback

review


Our customers purchase through different channels, including the Netgate store, our worldwide Partners, and the US Amazon marketplace. Regardless of where you purchased, we'd love to have your review, feedback, and rating directly on Amazon if you are using a Netgate SG-1100, SG-2100, SG-3100SG-5100, or XG-7100 DT. Amazon's retail marketplace is obviously highly-visible, and customer reviews posted there help us spread the word about Netgate appliances and pfSense software - which ultimately helps us continue progressing the open-source project.

Beyond public reviews, we're always open to feedback and suggestions to improve our products and processes. There are many ways to reach out and talk with us!  Our sales team, TAC engineers, product management & marketing team, and customer care engineers are all passionate, knowledgeable and happy to hear from you.

 

Netgate Tech Tip of the Month: Site-to-Site IPsec Tunnel

A site-to-site IPsec tunnel interconnects two networks as if they were directly connected by a router. Systems at Site A can reach servers or other systems at Site B, and vice versa. This traffic may also be regulated via firewall rules, as with any other network interface. If more than one client will be connecting to another site from the same controlled location, a site-to-site tunnel will likely be more efficient, not to mention more convenient and easier to support.

With a site-to-site tunnel, the systems on either network need not have any knowledge that a VPN exists. No client software is needed, and all of the tunnel work is handled by the tunnel endpoints. This is also a good solution for devices that have network support but do not handle VPN connections such as printers, cameras, HVAC systems, and other embedded hardware.

  

blank divider

 

Thanks for subscribing to the Netgate newsletter. For more information on Netgate and its products, engage with us on social media, or visit our forum. We're always looking for ways to improve. Want to share feedback? You can contact us here. Find the newsletter informative? Recommend it to a friend or colleague and direct them here

 

Join our Social Media Community!

LinkedIn circle logoTwitter Circle LogoFacebook circle logoReddit Circle LogoNetgate forum icon 

 

Contact Us!

Have a question? Contact us here.

 

See you next month!

Netgate

 

© Copyright 2021 Rubicon Communications, LLC
Netgate is a registered trademark of Rubicon Communications, LLC
TNSR is a registered trademark of Rubicon Communications, LLC
pfSense is a registered trademark of Electric Sheep Fencing, LLC
Other trademarks are the property of their respective owners.