Features: Last Updated 6/19/2017 to add SOC Dashboard|
Web Application Firewall: (Optional Addon)
Setup and Install
- Defend your Websites and Web Application Systems, whether they are behind pfSense or not!
- Automatically detect and block SQL injection attempts.
- Automatically detect and block XSS injection attempts.
- Have offending IPs automatically added to your pfSense or OPNSense Firewalls Block List.
- Have offending IPs automatically added to your CloudFlare Block List. (if applicable)
- Easily browse and review logs of the detected hits.
- Standalone Version of our Web Application Firewall is available seperate from PFMonitor.
- Professional Setup and Installation included.
- Contact us for a Demonstration and Quote.
Automatic Config Backups:
- If you can login to the pfSense, you have the skills to setup PFMonitor on it.
- Nothing to type or decypher, Everything you need to enter into the pfSense is a copy/paste.
- Complete Video Install Guides so all you have to do, is exactly what the video depicts.
- pfSense & OPNSense Configs are backed up to our Cloud every 6 hours over secure TLS.
- Backups are indexed in PFMonitor by Firewall, Serial Number, Time of Backup, and Last known configuration change.
- Download your configuration backups with a single click, and restore them using the pfSense or OPNSense Web GUI.
- Ability to roll back a matter of Hours, or longer.
With 1 Click, trigger numerous diagnostic functions without having to remote into the firewall!
- Restart Web Configurator Services.
- Restart PHP-FPM Service.
- Restart OpenVPN Services.
- Reload Filter Rules.
- Reset Admin password back to default.
- Reboot the firewall completely.
- Live visibility of hits from Portscans, Syn Floods, NMap Scans, and other attempts against your pfSense Firewalls.
- Extensive Cross-Referencing of Attackers, Targets, Repeat Offenders, and Target Trends
- Ability to compare your hits against those seen by other PFMonitor users, to see if your being targetted, or just hit like everyone else.
- Ability to Export or Print out reports on the above.
- Add notes to attacking IPs, these notes are visible to all PFMonitor users. All members contribute to the reputation of offending IPs
- When viewing offensive IPs seen by all PFMonitor users, Other users Firewalls IPs are hidden.
- Ability to sort and filter by Firewall Device, and by IP.
Status Monitoring and Inventory Tracking:
- Easily scan all your firewalls for specific open ports!
- Run Portscans against hosts of your choice to aid in identifying potential threatening hosts.
ACL Management/Whitelist and Blacklist Deployment:
- IPSEC VPN Status monitoring and alerting on NOC Dashboard, and Firewall Details page. Alerts on VPN Tunnel Drops.
- NOC Dashboard designed for large screens, to show LIVE stats of your Units, CPU Usage, RAM Usage, Load, Uptime, Firmware Version, Serial #'s, and more.
- SOC Dashboard designed for large screens, to show LIVE attacks against your Units, down to the second, see portscans, etc, as they happen,
and their sources, which unit they have targetted.
- Device Identity automatically indexed in PFMonitor such as: Hostname, Serial Number, Firmware Version, etc.
- Automatic Update of Checkin Agent as needed.
- Reboot any pfSense/OPNSense you manage from PFMonitor with 1 click.
- Upgrade Firmware of any pfSense/OPNSense you manage from PFMonitor in 1 click.
- E-Mail Alert on Failed Logins to any firewalls Web Config, or SSH.
- Manage a Central Whitelist and Blacklist in PFMonitor that auto-deploys to all your PFSense units.
- Manage an individual Whitelist and Blacklist for each PFSense/OPNSense unit in addition to the Central Lists for more granular access control.
- Use these lists as Aliases in PFSense/OPNSense NAT Policies and Rules.
- Lists are auto-updated from PFMonitor to the PFSense/OPNSense Units by our Checkin Agent
- ACL Status List to show the date and time each firewall last updated its lists
- PFMonitor does NOT require ANY open ports on your PFSense/OPNSense Firewalls, PERIOD!
- PFMonitor does NOT require usernames, passwords, or private keys to your PFSense/OPNSense Firewalls.
- All Communication traffic from PFMonitor to your Firewall units goes over TLS, and is initiated from the Firewall itself.
- Source code of our Checkin Agent is available to registered users of PFMonitor for security review.
- No modifications required to any PFSense/OPNSense files for threat tracking.
- Checkin Agent requires only the addition of 1 file, and install of the Cron Package, Thats it!
- Checkin Agent does NOT expose shell access to the PFMonitor backend, It can only trigger pre-defined commands.
- PFMonitor is hosted in a Walled Garden with limited Internet Access, Behind CloudFlare, a PFSense, and a Custom Built WAF(Web Application Firewall).
- PFMonitor utilizes SHA256 for credential security