Have you looked at the capabilities of Suricata? It’s an open source IDS/IPS available in the pfSense package manager. It takes some setting up and rule adjustment to suppress false positives, but it’s fairly straightforward. There’s plenty of documentation available for it. I think this might add some peace of mind. Also take a look at Quad9. It’s a public recursive DNS service that blocks queries for known malicious destinations aggregated from a bunch of public block lists. https://www.quad9.net
In the end I think pfSense is going to offer you the most in terms of security capabilities compared to the commercial home network solutions out there. It just depends upon how much time you’re willing to put into configuring and tuning the various tools. -- Geoffrey Wolf AB3LS On May 13, 2018, 3:44 PM -0400, Richard A. Relph <rich...@relphs.com>, wrote: > Hi, > I’ve been using a SG-2440 for a couple of years now, but only as a > well-maintained basic NAT router. I know I’m not using all the capabilities > the box offers. > I’m increasingly concerned about ‘infected’ IoT devices inside my firewall. I > don’t have any specific concerns. But confidence is continuously declining > that everything I implicitly trust is really worthy of that trust. I’m > looking for a tool that will provide me some evidence that my network is > behaving well, and identify devices that might be betraying my trust. > > I’ve been tempted by the McAfee Secure Home Platform built in to certain > Arris Cable Modem/Routers. https://securehomeplatform.mcafee.com > I’d be interested in this groups thoughts on that product… but I’m even more > interested in thoughts on what pfSense offers that could detect “unusual” > traffic. > > Thanks in advance, > Richard > PS. Also looking for recommendations to replace my aging Access Point… An > Apple TimeMachine (in Bridge mode). > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
