OPNsense is easy to use and open-source built on HardenedBSD, It includes most of the features that are currently available on commercial firewall solutions. OPNsense provides the features of these more expensive offerings with the added benefit of being open source.

This lightweight but very powerful firewall can be installed on just about anything, requiring a minimum spec of just a 1GHz dual-core processor and 2GB ram, the storage minimum requirement an SD or CF card with a minimum of 4GB.

The recommended hardware requirement is still quite low at a 1.5GHz processor and 8GB ram with 120GB SSD drive, making this firewall a great option for small business and home lab environments.

OPNsense has these features built in :-

• Firewall, with a stateful firewall supporting IPv4 and IPv6 and live view on blocked or passed traffic.
• Multi Wan Support capable, including load balancing and failover support.
• VPN support for IPsec (including route-based), OpenVPN as well as pluggable support for Tinc (full mesh VPN) and WireGuard.
• Web Filtering, Fully integrated web proxy with access control and support for external blacklists to filter unwanted traffic.
• Intrusion Detection and Prevention, utilizing Suricata and Proofpoint’s emerging threat rules using either the commercial optional ET Pro or the ET Pro Telemetry List (requires free signup)

But what really stands out about this software, is that it’s integrated with the free version of Sensei, by Sunny Valley Networks. This plugin provides network analytics, application control, blocks adverts, and provides DNS based content filtering along with many many other features, and the free version will certainly provide the features that many home labs require, but more advanced features can be subscribed to with commercial licenses starting at just $39 per month.

For me, it’s the network analytics that sets this firewall apart from the competition, the feature set is vast, it’s rock-solid, frequently updated, and has an active community that provides all the support and guidance you could need, business support is available at an additional cost.

I really haven’t touched the surface of what OPNsense can do or the features that it offers, as this post would ramble on for ages, but if your looking for a more advanced firewall/router honestly you could do a lot worse than looking at this, it’s simply fantastic.