Netify for OPNsense Now Available
February 11, 2019
Netify is now available for OPNsense 19.7.x and 20.1.x. The Netify package and cloud service provide complete network traffic visibility and analysis - know what's happening on your network.
Two Packages for OPNsense
Netify provides full transparency into what's happening on your network.
- Is an employee using VPN or proxies to bypass network policies?
- Are any devices using weak encryption? That needs to be fixed!
- Why is my video conference call so crappy today?
- Are any TVs, printers, or IoT devices connecting to unexpected countries?
- It looks like an old router was hacked, do we have historical forensic data?
- Who is uploading all that data to Instagram? (Karen… it’s always Karen)
Netify can answer these types of questions. It is a network visibility and intelligence tool that helps you manage your network. It starts by detecting and classifying devices on your network - a process we call Device Discovery. Devices are identified and classified as printers, mobile phones, tablets, laptops, etc. so you can start understanding your network. Here's a screenshot:
From there, Netify uses its cloud-based network intelligence engine to help you with bandwidth accounting, cybersecurity analysis, compliance, policy enforcement, network troubleshooting, and more. Features include:
- Device Discovery
- Application Detection
- Protocol Detection
- Risk and Reputation Analysis
- Bandwidth Monitoring
- Hostname Visibility
- Geolocation Information
- Connection Tracking
Netify is more than a reporting tool. Our goal is to help provide insights into your network.
Cloud is not for everyone, that’s understandable. But it's strange to think that your ISP, DNS provider, Google, Facebook and online marketers may know more than you about the networked devices and traffic patterns inside your organization.
At every step of the Netify development cycle, we have had security and privacy in mind. Deep packet inspection (DPI) sounds intrusive, but it's actually less intrusive when used responsibly. Netify only looks inside the first 5-10 packets of data, not the entire payload. In addition, DPI cannot decrypt your encrypted communications: no SSL interception, no certificate deployment headaches, no breaking end-to-end encryption. It provides a balance that gives you the power to manage your network without compromising encryption and security. We encourage you to learn more about Netify's privacy features and data silos.
In addition, the underlying netifyd deep packet inspection agent is open source (GitLab), so you can see exactly what metadata is being processed. Feel free to poke around and see what happens under the hood.
For large deployments, we also have the option for hosting the infrastructure in a private cloud or data center.
Installation and Configuration
You can find installation and configuration instructions here: