4 of 4 people found the following review helpful
Great book on more than pfSense,
This review is from: pfSense: The Definitive Guide (Paperback)
I have to admit that pfSense: The Definitive Guide (pTDG) caught me off guard. I expected the book to mainly discuss installing and using the pfSense firewall appliance, which would have been enough for me to enjoy the book. However, I was pleased to see coverage of many issues related to network security and firewall design and operation. For me, these features elevated the entire book to five star status. If you're interested in learning how pfSense can help your organization, and what it means to deploy firewalls, pTDG is the right book.
One aspect of pTDG that immediately impressed me was the level of detail in the book. I liked the section on sizing pfSense appliances in ch 2. Ch 4 includes very thorough commentary on time keeping issues with FreeBSD, such as sysctls for kern.timecounter. This section also demonstrated the value of pTDG to general FreeBSD users like myself. I learned a lot about the workings of the OS by reading how pfSense works.
Another area where pTDG shines is its discussions of general firewall design and deployment. Rather than just make recommendations on "blocking or rejecting," for instance, the authors explain why administrators might make their decisions. The book also extends beyond firewall issues, such as when it discusses VLANs in ch 10. I also appreciated coverage of related topics outside pf, such as client VPN setups for IPSec, PPTP, and OpenVPN in chs 13, 14, and 15 respectively. I especially liked the section on troubleshooting IPSec where the authors reproduced log entries from IPSec components.
When I got the book I wondered how applicable it might be to pfSense 2.0, which is in RC1 status as of this review. While I haven't tried RC1 yet, I was pleased to see many references to 2.0 in pTDG. For example, the authors note that while the 1.x series doesn't support TFTP, 2.0 will (and does, according to the RC1 feature list).
Overall, I highly recommend pTDG for those who rely on firewalls, VPN concentrators, and related network security systems as part of their overall defensive strategy.