Pfsense is geared more towards being a firewall so it is not quite a UTM but not quite the router that cisco is either. On pfsense you cant really configure the NIC like offload rules to it as the drivers take care of the task. The other thing about cisco is that it is designed more towards the network hardware architecture so when you're configuring cisco IOS (for professional cisco stuff), you can set things up based on the hardware from the firewall rule logic, even configure the switch chip as well if the device has one. Neither ubiquiti or mikrotik can do cisco stuff as well as cisco not even with mikrotik's CCR line. Others who tried to copy cisco cant do it as well as cisco. So both of them are similar in how they work, the difference is that cisco has cisco specific stuff that related to protocols and routing whereas pfsense doesnt as cisco stuff is closed source. Infact facebook uses PCIe cards with 100 core TILE CPUs in their servers to run the firewall and apache web server. Hardware acceleration exists on x86 in various forms from GPUs for graphics, dedicated sound cards for sound to lower CPU usage when you have multi channel high quality audia (used to with windows xp), dedicated NICs that supported DMA and had its own chip to do processing. On pfsense using realtek uses more CPU than using an intel server NIC.
a pfsense router is a common desktop architecture running a BSD based OS. Essentially a cisco router is a piece of custom made hardware running cisco ios. There is hardware acceleration in pfsense but thats to do with the hardware same with cisco. Regarding hardware acceleration you guys are wrong. Only special cisco hardware have their own chips like those used in multi terabit exchanges. They're both good but you will find a lot of cisco running on common hardware. There are exceptions of course and price is always going to be attractive to people.
That's why you will find people will stick to big name, tried and tested solutions. When it comes to firewalls, you don't want to be messing about and you certainly don't want to get caught with your trousers round your ankles. I should also actually add, its understandable for people in business to take the risk on something like that also.
PfSense is starting to become more business ready now however and they sell some decent hardware appliances that you can buy from them. There are two side to that argument however. However, the problem you will run into in the enterprise is you will find some hard opposition where people are very against it, because it doesn't have a proven track record, and also because it's opensource people who aren't in the know but are responsible for making big decisions will say "It's opensource, that means its easily hacked". It's also actually good in the enterprise, in theory.
0 kommentar(er)
