Skip to main content

Welcome to the Zenarmor (Sensei) User Guide for OPNsense


Zenarmor (Sensei) is an all-software instant firewall that can be deployed virtually anywhere.

It can be implemented easily onto any platform with network connectivity because to its appliance-free, all-in-one, all-software, lightweight, and simple design. Whether virtual or bare metal. On-premises or in the cloud? Any Cloud...

Zenarmor on OPNsense

Figure 1. Zenarmor Plugin on OPNsense

For open source firewalls; this technology delivers state-of-the-art, next-generation features not currently available in products such as OPNsense. If you are running an L4 firewall (all open source firewalls fall into this category) and need features such as Application Control, Network Analytics, and TLS Inspection, Zenarmor provides these features and more.


The product's underlying technology is a lightweight yet powerful packet inspection core that can perform a wide range of enterprise-grade network security operations.

Unique Appliance-free Technology

Lightweight and powerful appliance-free technology enables enterprises to instantly install instant firewalls and easily safeguard environments as small as home networks or as large as multi-cloud deployments. It's as simple as launching an application.

The packet inspection core is robust enough to guard against encrypted threats while remaining lightweight and agile enough to work in resource-constrained environments.

Zero-latency Security Stack

Deploy zero-latency security without backhauling data packets back and forth between POPs and data centers.

Zenarmor’s single-pass architecture processes packets once and for all security controls.

The same security stack runs wherever deployed for an unprecedented level of consistency when applying security policies.

Deploy Anywhere, Rule from the Cloud

Inspect locally, analyze and manage centrally.

Cloud-based management provides a control for all policies and network deployments.

Design policies independent of locations and devices and enforce them across all IT environments.

All security telemetry can be aggregated and seen through a single pane of glass. Begin with an enterprise-level view and drill down to individual connection details.

Next-generation Firewall Features

  1. Application Control
  2. Cloud Application Control (Web 2.0 Controls)
  3. Advanced Network Analytics
  4. All-ports full TLS Inspection (for every TCP port, not just HTTPS) *Coming soon
  5. Cloud Threat Intelligence
  6. Web Filtering and Security
  7. Encrypted Threats Prevention
  8. User-based Filtering and Reporting
  9. Active Directory Integration
  10. Application / Web category based Traffic Shaping and Prioritization
  11. Policy based filtering and QoS
  12. Cloud based centralized management & Reporting

Supported Platforms

Zenarmor is currently available for:

  • OPNsense ® (OPNsense 19.x - 21.x, fully integrated into the OPNsense WebUI)
  • FreeBSD ® (FreeBSD 11,12,13)
  • pfSense ® software (pfSense 2.5.x)
  • Ubuntu Linux (Ubuntu 18.04 LTS, 20.04 LTS)
  • Debian Linux (Debian 10)
  • Alma Linux (AlmaLinux 1)
  • Centos Linux (Centos 7, 8)

Zenarmor deployments on all Linux platforms as well as on FreeBSD-based firewalls can be managed together and seamlessly from the same pane of glass: Centralized Cloud Management Portal


Zenarmor provides a free edition as well as three paid subscription levels based on your demands and budget:

Free Edition

The Free Edition is free of charge.

The paid subscriptions listed below give a full set of next-generation firewall features:

  • Home Edition
  • SOHO Edition
  • Business Edition

You can purchase a Business Edition through Sunny Valley Networks Cloud Portal or through one of our authorized partners.

For a complete feature comparison see: Subscription Plans.


Sensei is re-branded as Zenarmor.