CubelaPetar/notes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1f9564ca6ab744f5215c3101e5ca58fe0fca6bf3
notes/projects/OPNsense/Initial-Notes/OPNsense-approxminated-service-time.md
Petar Cubela 1f9564ca6a first commit
2025-02-08 21:56:24 +01:00

44 lines
2.0 KiB
Markdown
Raw Blame History

---
title: "OPNsense - Maintenance time estimate"
author: Petar Cubela
date: July 03, 2024
geometry: margin=1.5cm
output: pdf_document
---
## Intro
Let us roughly calculate the time needed to maintain a OPNsesne firewall.
Here we assumer that the firewall is already configured. Thus we are looking at standard maintenance of the device.
## OPNcentral
We are using OPNcentral which is able to monitor arbitrary numbers of OPNsense firewalls:
- it manually/automatically creates backups of all integrated firewalls
- backups can be read and compared for any firewall integrated in OPNcentral
- firmware, services and resources status of each OPNsense firewall can be managed via OPNcentral
- plugin configuration can be managed and send to each firewall via OPNcentral
## Time Consumption
- updates have to been done regularly which can be checked and updated for all firewalls simultaneously via OPNcentral (~ 1h per month for all firewalls!)
- in general the firewall will run flawlessly once setup without much interaction as long as nothing complicated has to be changed.
- changes in the configuration for known features should be in general simple (~1h per month for all firewalls!)
- changes for new plugins should take longer depending on the plugin but happens seldom (few/many days depending on plugin once each half year)
- OpenVPN integration is better integrated in Sophos. We will probably need to export the client configuration for each user (~ 1h per week for each firewall, depending on the number of users requiring vpn)
- there can be unexpected problems with the firewall in production use which we have to test and can not assess pre-usage (~ 1h per month a firewall)
### Estimation
- ~ 1h/month for updates
- ~ 1h/month for small config changes
- ~ up to days for configuring new desired plugins. happens once per year/half year?
- ~ 1h/month for vpn client export
- ~ 1h/month for unexpected issues/tickets
Which summarizes to **~ 4 hours per month** and more when new not-so-known plugins have to be configured.
Reference in New Issue View Git Blame Copy Permalink