Sensei for OPNsense​

OPNsense open source firewall on the best next generation firewall out, especially if you integrate Sensei plugin, you have the best ngfw.


Empower your open source firewall with Next Generation Features

How it Works
Sensei for education dashboard view


OPNsense Recommended Hardware

Processor1.5 GHz multi core CPU
Install methodDownload or USB
Install target120 GB SSD

Next-generation vs. Traditional Firewalls

Next-generation firewalls utilize VPN support, plus dynamic and static packet filtering to make sure that connections between the internet, firewall, and network are secure.

NGFWs can also filter different types of packets depending on the use case. They provide network traffic visibility and controls for matching signatures and analysis. Additional features include IPS signatures or whitelists to tell the difference between traffic sources using SSL decryption, antivirus capabilities, filtering protocols, and data loss prevention with real-time, detailed traffic inspection.


Sensei is a plugin that provides next-generation firewall (NGFW) capabilities for the OPNsense HardenedBSD-based firewall and routing platform. The Sensei plugin enables packet classification and visibility as well as an advanced policy enforcement engine. The additional packet intelligence provided by Sensei helps organizations identify and defend against a wide range of cyber-attacks.

Sensei for OPNsense

The Sensei OPNsense plugin provides advanced persistent protection that includes the industry’s first packet inspection engine that can do native TLS inspection, packet classification and fine-grained policy enforcement for any type of internet traffic. Sense also  includes a rich application database that identifies thousands of communication protocols and data attributes, creating the most accurate picture of real-time data activity and drill-downs to per-connection details.

Sensei can easily integrate with Microsoft Active Directory or Captive Portal to have user based reporting and filtering for anomaly detection. Cloud Application Controls provided by Sensei create granular access policies for Cloud services including Google, Dropbox, Amazon, and Twitter. Sensei’s commercial grade cloud-based web categorization database provides real-time classification for unknown sites in under five minutes. The plugin’s Web provides filtering policies for more than 140 Million web sites under 120+ different Web Categories and  the ability to create custom categories to blacklist or whitelist sites.