Meetings and Events

PFSense II, Rocking The Datacenter, Isaac (.ike) Levy
2010-03-03 @ 17:45 EST (22:45 UTC) - Suspenders Bar and Restaurant
In 2006, ike gave an overview on PFSense and it`s mother project
m0n0wall, which were new and exciting router platforms back then.

Quote from that first talk, (4 years ago):
  "throw your Linksys/SoHo/WiFi router in the garbage where it belongs";SUBM=10027

Quote for this talk:
  "You might wanna` put your Sonicwall/Juniper/Cisco routers up on Ebay."

pfSense is a free, open source customized distribution of FreeBSD
tailored for use as a firewall and router.

pfSense has matured into a full-fledged routing platform which fits 
right in at the datacenter.  As all the big router vendors now tout
fully browser-based administration- (over IOS, I2J, etc...) so the
stigma of using pfSense in the enterprise is gone.

Our speaker has been using pfSense in datacenter deployments for over 4 
years, and will be describing how pfSense was used to save and secure
several "organically dysfunctional" corporate networks, and maintain
business continuity.

Throughout the talk, these points will be emphasized:
- Deploys: "Performing an Oil Change at 80mph" (quoting Michael Lucas)
- Corporate Office/Colo Life with pfSense
- Quickly/Safely Training Junior/Senior Network Sysadmins on pfSense
- Taking the Magic/Macho out of HA networking
- Networking can be Reliable/Understood/Fun

Half of this talk is a quick pfSense bootstrap:
- What *is* pfSense? (A Terrific Routing Platform!)
- Hardware (Embedded and Regular x86 Systems)
  - The reality of recycling servers, (Go Green! and other buzzwords)
- Install, basic setup- focused on typical multi-zone networks

The other half of the talk will go through the incredibly advanced tools 
and features that make pfSense an excellent platform for
High-Availability and Security at the datacenter:

- CARP, Physical Redundancy, (and living with HSRP/VRRP/GLBP 
  from your ISP)
- Fully Redundant Load Balancing, 2 common roles:
  - (inbound) Load Balancing to scale Web Servers
  - (outbound) Load Balancing for multi-wan redundant networking
- "Deep Packet Inspection" and other infosec buzzwords, done the 
  PF/BSD way

- Missing your IOS shell?  pfSense gives you a UNIX Shell- infinite 
  - pfSense/embedded shell specifics, (read-only filesysem on CF?)
    - NanoBSD/implementation notes...
  - Using pf from the shell
    - interacting with system firewall/traffic-shaping/etc..
    - dancing a tango with the GUI
- Syslog, SNMP, and all fixin`s
- Config Management for Network Scaling/Sanity

As Sr. Infrastructure Engineer at the emerging startup Proclivity Systems, Isaac (.ike) Levy is ob sessed with high-availability systems and transparent failover, mostly because he likes to sleep a t night. Standing on the shoulders of giants, his background includes partnering to run a Virtual Server ISP before there was ever a cloud in the sky, as well as having a long history hacking int ernet-facing applications on UNIX systems.

.ike has been a part of NYC*BUG since it was first launched in January 2004. He was a long-time me mber of the Lower East Side Mac Unix User Group, and is still in denial that this group no longer exists. He has spoken frequently on a number of topics at various venues, particularly on the issue of FreeBSD's jail(8).