CubelaPetar/notes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6c47451c60b2d527a1d78d868a37e15462d512f5
notes/areas/OPNsense/Initial-Notes/OPNsense-approxminated-service-time.md
Petar Cubela 6c47451c60 new notes
2025-03-18 14:23:17 +01:00

2.0 KiB
Raw Blame History

title, author, date, geometry, output
title author date geometry output
OPNsense - Maintenance time estimate Petar Cubela July 03, 2024 margin=1.5cm pdf_document

Intro

Let us roughly calculate the time needed to maintain a OPNsesne firewall. Here we assumer that the firewall is already configured. Thus we are looking at standard maintenance of the device.

OPNcentral

We are using OPNcentral which is able to monitor arbitrary numbers of OPNsense firewalls:

  • it manually/automatically creates backups of all integrated firewalls
  • backups can be read and compared for any firewall integrated in OPNcentral
  • firmware, services and resources status of each OPNsense firewall can be managed via OPNcentral
  • plugin configuration can be managed and send to each firewall via OPNcentral

Time Consumption

  • updates have to been done regularly which can be checked and updated for all firewalls simultaneously via OPNcentral (~ 1h per month for all firewalls!)

  • in general the firewall will run flawlessly once setup without much interaction as long as nothing complicated has to be changed.

  • changes in the configuration for known features should be in general simple (~1h per month for all firewalls!)

  • changes for new plugins should take longer depending on the plugin but happens seldom (few/many days depending on plugin once each half year)

  • OpenVPN integration is better integrated in Sophos. We will probably need to export the client configuration for each user (~ 1h per week for each firewall, depending on the number of users requiring vpn)

  • there can be unexpected problems with the firewall in production use which we have to test and can not assess pre-usage (~ 1h per month a firewall)

Estimation

  • ~ 1h/month for updates
  • ~ 1h/month for small config changes
  • ~ up to days for configuring new desired plugins. happens once per year/half year?
  • ~ 1h/month for vpn client export
  • ~ 1h/month for unexpected issues/tickets

Which summarizes to ~ 4 hours per month and more when new not-so-known plugins have to be configured.

Reference in New Issue View Git Blame Copy Permalink