Netify for OPNsense

Requirements

Netify is designed to run in tight spaces, so the memory requirements are modest and generally not a concern for OPNsense deployments. As for CPU, the underlying Netify deep packet inspection engine requires about the same amount of horsepower as an intrusion detection/prevention system - the busier the network, the more CPU cycles required.
Netify on Firewalls and Routers

Installation

OPNsense 64-bit - Versions 19.7.x, 20.1.x

Up-to-date Netify packages are maintained in our FreeBSD repository. To install the package, run:

pkg add http://pkg.freebsd.org/freebsd:11:x86:64/release_3/All/libunwind-20170615.txz
pkg add http://pkg.freebsd.org/freebsd:11:x86:64/release_3/All/google-perftools-2.7.txz
pkg add http://download.netify.ai/netify/freebsd/11.2/netifyd-2.99_1.txz

OPNsense 32-bit and other versions

Sorry, we do not support 32-bit or other versions of OPNsense.

Configuration

Netify will automatically detect the network interfaces and roles defined in OPNsense.

Start

With the installation and setup completed, you can now start and enable Netify:

netifyd --enable-sink
echo 'netifyd_enable="YES"' > /etc/rc.conf.d/netifyd
service netifyd start

Provisioning

With the Netify service installed, configured and running, it is time to provision your unique install. You will first need to fetch the provision code from your Netify Agent install using the following command:

# netifyd -p
Agent UUID: AA-BB-CC-DD

Once you have the provisioning code, you will need to create a Netify account (if you don't have one already) and run through the simple provisioning wizard. Once complete, metadata and analysis will start to be available in under a minute.

Provision Agent


What is OPNsense

OPNsense

OPNsense is an open source, FreeBSD-based firewall and routing software solution. If you have or are thinking of using OPNsense as your firewall/gateway to the Internet, you can be up and running in under minutes!

OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources. OPNsense features include:

  • Web-based Interface
  • Firewall
  • VPN
  • IDS/IPS
  • Captive Portal
  • Traffic Shaping/QoS
  • High Availability
  • Load Balancing
  • and more