Public Service Announcement:
Have you checked out Sophos XG Firewall for home use lately?
It’s basically an enterprise firewall fully licensed for personal use.
- All the firewall stuff
- Normal IPS
- Built-In easy transparent SSL/TLS proxy
- Web Application Firewall
I like it better than PF/Open Sense right now.


Nope. I’ll stick with OPNsense which is open source.
I like OPN also. I’ve always appreciated the stability of the BSDs.
My only personal complaint with OPN/PF was the TLS inspection.
I’ve read about adding the modules to *Sense, but I haven’t figured out the configuration pieces.
It just works with Sophos UTM and XG firewall, and the configuration was super easy.
You always use what you like though.
What do you use TLS inspection for?
Knowledge primarily, since I’m not running a business.
At this point, like they say in Chips, TLS inspection is standard…
If your enterprise isn’t doing TLS inspection on everything other than banks, medical, gov, they’re doing it wrong.
Some times people think the hard part is getting the CA trust setup, but I find it’s far more tedious to deal with certain sites and mobile apps especially that do certificate pinning.