Sensei 1.9 brings Cloud Centralized Policy Management

One of the features long-awaited by our MSP partners and Enterprise users, Cloud Centralized Policy Management is now available with Sensei 1.9 Release. This release also brings support for two additional platforms; FreeBSD 13 and AlmaLinux 1.

Cloud Centralized Policy Management

Create per-firewall or centralized policies and assign them to selected group of firewalls. All with a few clicks and without having to log in to individual firewalls.

Policy restore points provide you with the ability to create backups of policy configurations and revert to a specific configuration within seconds.

Centrally Managed Policies

All of your local and cloud policies are instantly synchronized so that you don’t need to worry about manually configuring the other side when you do a policy configuration either in the cloud or in the local OPNsense user interface.

Works for all platforms

Same policy configuration works for all firewalls regardless of their platform, be it an OPNsense, a FreeBSD or a Linux box. It does not matter if you have them on prem or in the Cloud.

Note: For Linux based platforms, you need the netmap kernel module installed if you’d like to have the filtering capabilities. Related documentation will shortly follow.

Whitelist/Blacklist IP Addresses

We’ve moved the Blacklists/Whitelists to a dedicated tab under Policy Management. You can now create IP/Network address based blacklists/whitelists. CIDR format is accepted.

Policy ExclusionsPolicy Exclusions – Blacklists and Whitelists

Full 1.9 Release Notes

New Platforms

  • FreeBSD 13

  • AlmaLinux 1

Cloud Central Management

  • New Feature: Centralized policy management of firewalls

  • New Feature: Per-firewall policy management

  • New Feature: Whitelist/blacklist exclusions

  • New Feature: Automatic policy synchronizations between on-prem and cloud.

  • New Feature: Policy Restore Points to backup and restore policy configurations

  • New Feature: Remember me option is added for Two Factor Authentication (2FA).

  • Improvement: Both purchased and installed Subscription information is displayed. You’ll get a warning if they are not the same.

  • Improvement: CPU information is now displayed in the CPU widget.


  • New Feature: You can now whitelist/blacklist IP/Network Addresses (CIDR format is accepted)

  • Improvement: Blacklists / Whitelists have been moved to a dedicated tab in Policy Configuration for better user experience

  • Improvement: Whitelist/Blacklist now takes precedence over Application Controlrules

  • Improvement: Policy Configuration: Time Schedules are now a distinguishing criteria between otherwise two identical policies.


  • Bug-Fix: Elasticsearch service refusing to start due to an old config file.

  • Bug-Fix: Duplicate dependency error for the java packages is fixed.

  • Bug-Fix:Cloud node status info doesn’t appear in the wizard.


  • Bug-Fix: Chart error in Interfaces & VLANs report fixed.

  • Bug-Fix: Live Blocked Session Explorer – Live Security Events Monitor filter area

  • Bug-Fix: Report filters appearing multiple times.


  • Improvement: Batch blacklist/whitelist import from file: can now filter out invalid IP / Domain values.

  • Improvement: Cloud Threat Intel: You can now define multiple local domain to be excluded from cloud queries.

  • Improvement: Wizard: Stay in touch: Email address now uses a better regex filter to filter out fake domains.

  • Improvement: Child VLAN interfaces can be added along with their parent interfaces. You’ll now get a warning if we suspect a netmap incompatibility.

  • Bug-Fix: Missing cloud nodes status check is fixed.

  • Bug-Fix: Stream to the Elasticsearch: Empty values are properly handled and accepted where allowed.


  • Improvement: Heartbeat mechanism now utilizes a more improved algorithm to handle hypervisor-originated time synchronization problems.

  • Bug-Fix: IMAP classifier error is fixed.

  • Bug-Fix: Empty password issue for encrypted backup file is fixed.

  • Bug-Fix: Sensei and Cloud agent health check error due to a missing file is fixed.

Try Sensei’s Premium Features for free

Did you know that you can try all of Sensei’s Premium Subscription Tiers; 7 days for free.

Just sign-in to your Cloud Portal account at and request a trial subscription. It takes 30 seconds:

Academic, educational, and non-profit organizations enjoy generous discounts: Edu Discounts

To learn how Premium Subscriptions compare to Free Features, see: Premium vs Free

Become a Sensei Ambassador Earn 10% Credit!

The more friends you refer to, the more credit you earn! Get Started, Earn Credit