We work on the technological side of things, systems, automation systems. When it comes to Layer 2, 3, 4, we hit firewalls. We work with a big company in the United States, so we usually use their recommended ones. There is a certain flexibility for products. We are not bound to buy a certain product, so it is flexible.
This is not robotics; that is process automation. It involves DCSs, PLCs, that type of systems.
DCS refers to control systems and PLCs (Programmable Logic Controllers). It is basically automation for processes such as refineries, chemical factories, paper mills, so that is what we do.
We have been using OPNsense in a lab, so we are actually experimenting with it.
YouTube is one of the best features with OPNsense.
In today's world, it is YouTube that stands out. It is just a big game, with someone writing code, putting it in a box, an embedded system and writing the 200-page manual on how to use it. In my opinion, down the road it is plain old TCP/IP, UDP in terms of communications and it is completely overrated. But this is what we have to live with unfortunately, that is what is out there. YouTube provides video explanations, and that brings you to speed, instead of sitting down and reading a 200-page document on the product.
I do not appreciate the pricing or the licensing of this product.
It is more expensive than it should be for what it does. Consider the commercial products - OPNsense offers community editions which are free, and then you have to determine the difference between a licensed version and community version. You have to pay for features. I understand people provide something and you have to pay for that service. But pricing in my opinion is just too expensive. It makes no sense. It moves in the direction of a monopoly. It implies that you depend on that system and have no choice but to spend. With firewalls there is competition. When it comes to operating systems, that is harder. Look at Microsoft - they have a monopoly more or less, so there is almost no alternative.
I have not had that chance yet with OPNsense, but this might be a good point. This is a differentiator. It is not just OPNsense firewalls, it is any other gizmo provider out there. You have Dell, you have Microsoft. Try to get support. The first question they ask you is about your support contract. If you say you do not have one, it is finished. This is where the monopoly starts. I am not sure how it is with OPNsense. If you call for support, it would be a test, actually. I have not done that yet. They might let you hang, saying you need a support contract, and finish. I do not know.
I do not think there is a difference. All these products that are out there are more or less on the same level when it comes to setting up OPNsense initially.
We would have to do testing with OPNsense in an environment doing pen tests using cybersecurity tools that are available to pen test and see what happens. Because I am not in the IT group, and this is not our focus anyway, we have not done this bench testing, benchmarking, firewalls, or whatsoever, on-premises or not, all versions, hardware related, software firewalls.
With OPNsense, I find that you have to actually worry about this. There are two opinions on this. If I were an IT person, I would say it is fine, but I am not. I am an engineer. When I look at this IT stuff, in my opinion, this is in today's world completely overrated for what it is supposed to do. The fact that it is public makes it just not safe. And the rest is just a game. Firewall A, B, C, D, E, F, G, standard 1, 2, 3, 4, 5, 6, 7, 8. It will never be safe as long as it is public.
You want a game changer, you have to make the networks private. And this has to run not through your little company, it has to run through the ISP. It is the internet community that has to handle this. I cannot predict it, but this public stuff over there is public. In the end, whatever is public-facing is not safe. I make sure I have backups in place. When something crashes, I restore as quick as I can.
I do not use OPNsense VPN features.
As a company, this is a big game that is being played. I do not appreciate this because I am actually a chemical engineer and I want to focus my energy on how to make products with better quality, more efficient, using less energy, less raw materials, and so forth. Here you are stuck with running a game just to get simple communications up safely because it is on the public internet, which makes absolutely no sense. Instead of being a boon for remoting and productivity enhancement, I think we have reached the point where it is the opposite.
There are many ways down the road I see that will happen, probably some private type of networks that businesses get from the ISPs, private connectivity, so that you can clearly separate what is public and what is not. All you see happening and this patching up is IP version 4, NATting, PATting, it makes no sense. We try to keep things isolated as much as we can. Whenever it comes to a business-related solution, we will always go with a provider. We are actually outsourcing it; we are not doing it ourselves.
My rating for OPNsense is 5 out of 10.