Zenarmor, Squid, "Man in the middle" and antivirus
I would like to install Zenarmor on OPNSense.
A discussion recently arose around Squid that led pfSense to remove it and OPNSense to only offer it as a plugin.
Consequently I would also like to remove it from my installations.
I wonder if Zenarmor uses it and if it should therefore be maintained.
I would also like to know how it is possible to filter HTTPS traffic without having to manage the "Man in the Middle" and the distribution of certificates, which is instead necessary to do with Squid.
What interests me is blocking access to categories of websites in a different way for each category of users.
What lists are used?
How are accesses to reserved websites, for example banks, managed?
Finally, does Zenarmor also work as an antivirus or should it be installed on OPNSense anyway?
-
Official comment
Zenamor does not use Squid. Currently, it performs light TLS Inspection. It categorizes based on the IP address or the domain name within the certificate that passes through the traffic. With the upcoming 1.17 version, it will start performing Full TLS Inspection.
We do not use different URL lists. We have two different providers for Business licenses and other license types.
To access secure websites without any issues, you can use the Exclusion White list feature within the policy.
Zenarmor does not have antivirus features. You can use a different plugin on OpnSense.
Comment actions
Please sign in to leave a comment.
Comments
1 comment