Skip to main content

Sensei (ZENARMOR) Paid Editions Guide

note

Premium in this guide refers to the Sensei (ZENARMOR) Paid Subscription Tiers (Home, SOHO, Business) and some features may vary depending on the type of Subscription. Please see "Plans & Pricing" for a complete feature comparison.

Sensei (ZENARMOR) Premium Features extend the capabilities of OPNsense to include advanced security and threat protection with near-real-time threat feeds, web, user and policy-based filtering, SIEM data integration, API access, reporting, and compliance capabilities as well as 24/7 help desk support.

Security#

Advanced Threat Protection#

Sensei (ZENARMOR) Premium provides Advanced Threat Protection against the latest malware, viruses and phishing attacks by blocking websites that are known to host malware and viruses and launch phishing attacks. With Sunny Valley`s Advanced Threat Protection feed, users are provided with near-real-time commercial-grade threat tracking and protection.

In the Sensei (ZENARMOR) Policies section select a Policy Name or create a new Policy.

policies.PNG

Next, click on the Security tab.

policysecuritytab.PNG

In the Advanced Security section click on the required selections.

advancedsecurity.PNG

Enabling Advanced Threat Protection

Suspicious Domain Blocking#

Sensei (ZENARMOR) Premium blocks suspicious domains including expired domains, hacked and newly registered domains (NRDs) favored by threat actors for launching malicious campaigns. Research shows that NRDs, for example, are risky, revealing malicious usage of NRDs for phishing, malware, and online scams. In addition, Sense Premium also blocks any expired DynDNS sites.

Enable domain blocking in the Sensei (ZENARMOR) Policies section by clicking on the Policy Name.

policies.PNG

Next, click on the Security tab and navigate to the Advanced Security section and make selections.

defaultpolicy.PNG

Domain Blocking Selection

Filtering & Compliance#

Customized Landing Pages for Blocked Sessions#

With Sensei (ZENARMOR) Premium, IT administrators can create custom response web pages that are displayed when a user tries to access a blocked URL. With custom HTML pages, messages are displayed when a user requests a web page or file.

To upload or view custom response pages, navigate to Configuration in the Sensei (ZENARMOR) section of the OPNsense portal and scroll down to the Landing Page section.

template1.PNG

Landing Page Customization

Click View or Download to view the current template or Browse to add a new HTML template.

blockedpage.PNG

Custom HTML Template

Web and URL Filtering#

Sensei (ZENARMOR) Premium lets administrators create customizable web filtering profiles and policies based on a cloud-based web categorization of 140+ Million web sites under 60+ categories.

Enable or disable web and URL filtering controls by navigating to the Web Controls tab in the Policies section. Preset profiles allow for permissive to custom controls.

webfilteringpolicies.PNG

Web Filtering Profiles

Policy-based Filtering#

Policy-based controls let users create an unlimited number of policies to customize filtering and controls for different groups of users. With Sensei (ZENARMOR) Premium, an unlimited number of policies can be created based on Network Interfaces, VLANs, Subnet / IP addresses and users/groups. All policies are controlled via the Policy Wizard.

To add a new Policy click on Add New Policy in the Sensei (ZENARMOR) Policies section of OPNsense.

addpolicy.PNG

Next, click on the Policy Configuration tab in the Sensei (ZENARMOR) Policy Wizard.

policywizard.PNG

Sensei (ZENARMOR) Policy Wizard

Filtering Policies by Interface/VLAN and IP/Network Address.#

Enter the VLAN number and IP/Network Address.

VLAN.PNG#

Filtering Policies based on Users and Groups and Schedule#

Enter the Group or User and create a Schedule.

schedule.PNG

Once the Policy has been saved by clicking on the Save Policy button on the bottom right of the window, the policy can be managed and edited in the main Policy window.

savedpolicy.PNG

The Saved Policy can also be managed across Security, Application and Web Controls in the main Policy tab ribbon.

managepolicy.PNG

Sensei (ZENARMOR) Granular Policy Configuration Video

User-based Filtering#

By enabling Captive Portal or installing the Sensei (ZENARMOR) Active Directory Agent on an Active Directory server, users can be added to OPNsense for User-based filtering.

Sensei (ZENARMOR) Active Directory Integration Video

Integrations#

Sensei (ZENARMOR) Premium can stream data to external remote Elasticsearch or MongoDB servers for log parsing and Security Information and Event Management (SIEM) system integration. In the Configuration section of the Sensei (ZENARMOR) OPNsense portal select the Reporting & Data tab.

reporting.PNG

Scroll down to the Stream Reporting Data to External Elasticsearch section and enter the URI of the external Elasticsearch Server.

elasticsearch.PNG

Data Streaming to Elasticsearch

API Access#

Sensei (ZENARMOR) Premium provides API access for Sensei (ZENARMOR) engine configuration and management. Rest API Security Tokens can be created by navigating to Configuration and scrolling down to REST API Security Tokens.

api.PNG

REST API Security Tokens

Support#

Premium Support provides access to the Sunny Valley Help Desk. Through the SVN Help Desk, users can access configuration and access information, create high-priority support tickets for SVN engineers that are available 24/7.