Skip to main content

Welcome to the Zenarmor User Guide

Zenarmor® is an all-software instant firewall that can be deployed onto virtually anywhere. Zenarmor delivers rapid and robust security solutions, ensuring your remote workforce has safe and controlled access to both the internet and private networks.

Thanks to its appliance-free, all-in-one, all-software, light-weight and simple architecture, it can be instantly deployed onto any platform which has network access. Virtual or bare-metal. On-premise or Cloud. Any Cloud...

For open source firewalls; this technology delivers state-of-the-art, next-generation features not currently available in products such as OPNsense. If you are running an L4 firewall (all open source firewalls fall into this category) and need features such as Application Control, Network Analytics, and TLS Inspection, Zenarmor provides these features and more.

Technology

The underlying technology behind the product is a very light-weight yet powerful packet inspection core that can provide a wide variety of enterprise-grade network security functions.

Unique Appliance-free Technology

Lightweight and powerful appliance-free technology allows organizations to launch instant firewalls on demand and easily secure environments as small as home networks or scale to multi-cloud deployments. It's as easy as launching an application.

Packet inspection core is powerful enough to protect against encrypted threats while also being so lightweight and nimble that it can even fit in very resource-constrained environments.

Zero-latency Security Stack

Deploy zero-latency security without backhauling data packets back and forth between POPs and datacenters.

Zenarmor’s single-pass architecture processes packets once and for all security controls.

The same security stack runs wherever deployed for an unprecedented level of consistency when applying security policies.

Deploy Anywhere, Rule from the Cloud

Inspect locally, analyze and manage centrally.

Cloud-based management provides control for all policies and network deployments.

Design policies independent of locations and devices and enforce them across all IT environments.

Aggregate and visualize all security telemetry from a single pane of glass. Start from an enterprise-level view and drill down to per-connection details.

Next-generation Firewall Features

  1. Application Control
  2. Cloud Application Control (Web 2.0 Controls)
  3. Advanced Network Analytics
  4. Web Filtering and Security
  5. Cloud Threat Intelligence
  6. User-based Filtering and Reporting
  7. Active Directory Integration
  8. RESTful API
  9. Cloud based centralized management & Reporting
  10. Device Identification
  11. Device Access Control
  12. Application / Web category based Traffic Shaping and Prioritization
  13. Policy based filtering and QoS
  14. Encrypted Threats Prevention
  15. All-ports full TLS Inspection (for every TCP port, not just HTTPS)

SASE Features

Zenarmor is the industry's first Plug & Secure Anywhere approach to Secure Access Service Edge (SASE).

  1. Cloud Access Security Broker (CASB) - Granular Cloud Application Control
  2. Secure Web Gateway (Application and Web Traffic Control)
  3. Zero-Trust Network Access (ZTNA)
  4. Identity and Access Management (IAM) & Single Sign-on (SSO)
  5. Advanced Network Analytics and Integrated Threat Intelligence
  6. A Multi-Tenant capable management dashboard
  7. Firewall as a Service (FWaaS)
  8. All-ports full TLS Inspection (for every TCP port, not just HTTPS)

Benefits of Zenarmor Plug & Secure

Zenarmor empowers you with comprehensive control and visibility over your network traffic and security, ensuring your privacy is safeguarded. No matter the size or architecture of your network or the location of your devices and users, Zenarmor has you covered.

Zenarmor Plug & Secure approach has the following advantages.

  • Enhanced User Experience with Reduced Latency (50x - 1500x): Zenarmor's Plug and Secure Anywhere allows you to deploy a faster, private SSE/SASE stack closer to your users. This approach eliminates cloud-only delays, resulting in an immediate reduction in latency.

  • Complete Data Privacy: Zenarmor's TLS inspection operates within your network or directly on the endpoint. There's no need to route traffic through the vendor's cloud, giving you full control over your data privacy.

  • No Bandwidth Limitations or Unexpected Network Charges: Unlike many cloud-only SASE solutions, Zenarmor does not impose bandwidth limits based on outdated standards. Additionally, since Zenarmor does not rely on the cloud to inspect and manage your traffic, you will not encounter unexpected charges for exceeding usage quotas. It operates within your network boundaries, on your terms.

  • Comprehensive IoT Security: Protecting IoT, OT, and legacy systems can be challenging. Zenarmor's Plug and Secure Anywhere approach ensures complete security across all your devices.

  • Simple Subscription-Based Licensing: Purchasing new security products can be daunting. Zenarmor's straightforward licensing model makes it easy to select and scale your SSE/SASE stack without the complexity of multiple options or add-ons.

  • Easy Deployment Process: Zenarmor can be quickly deployed with a software-based security stack that typically sets up in under 5 minutes and is mostly automated. Secure your network in minutes, not months.

Get Started with Zenarmor Today For Free

Supported Platforms

Zenarmor is a hardware-agnostic network security engine capable of running on multiple platforms, including OPNsense, BSD, Linux, Windows, and MacOS, affording you the freedom of deploying network security where you need it the most while remaining in full control of your infrastructure and privacy.

Zenarmor is currently available for the following platforms.

  • OPNsense® (OPNsense 24.x, 25.x, fully integrated into the OPNsense WebUI)
  • FreeBSD® (FreeBSD 13.3, 14.1, 15)
  • pfSense® software (pfSense 2.7.x, 2.8.x)
  • Ubuntu Linux (Ubuntu 22.04 LTS, 23.04, 24.04 LTS)
  • Debian Linux (Debian 11, 12)
  • Amazon Linux (Amazon Linux 2)

Zenarmor can also be deployed on the following end-user platforms.

  • MS Windows (MS Windows 10, 11, MS Windows Server 2019, 2022)
  • macOS (macOS 11 and higher versions)
  • Linux (Ubuntu, Debian, Fedora, Linux Mint, Rocky Linux, AlmaLinux, etc.)

Zenarmor deployments on all Linux platforms as well as on FreeBSD-based firewalls can be managed together and seamlessly from the same pane of glass: Centralized Cloud Management Portal

Zenarmor can deploy onto any Cloud environments either as a gateway or on a per-server basis.

Please note

Zenarmor is managed through the cloud based management interface, Zenconsole. For OPNsense, an on-premise management is available and fully integrated with the OPNsense web user interface.

Cloud Centralized Policy Management

Create per-firewall or centralized policies and assign them to selected group of firewalls. All with a few clicks and without having to log in to individual firewalls.

Policy restore points provide you with the ability to create backups of policy configurations and revert to a specific configuration within seconds.

Centrally Managed Policies

Figure 1. Centrally Managed Policies

All of your local and cloud policies are instantly synchronized so that you don't need to worry about manually configuring the other side when you do a policy configuration either in the cloud or in the local OPNsense user interface.

Centralized Reporting and Analytics

Aggregate and visualize all security telemetry from a single pane of glass. Start from the enterprise-level big picture. Drill down to per-connection details.

Trying to keep track of individual systems on a one-by-one basis is an arduous process that is highly likely to cause important alerts to be missed or ignored.

Just like central policy management, Cloud Central Management empowers you with the capability to stream all of your reports to a single organization-specific reporting instance. Run your analytics starting from the even bigger picture. Drill down to specific firewalls, and even to individual connections wherever they are.

Editions

Zenarmor offers a Free Edition and three paid subscription plans depending on your needs and budget:

Free Edition

The Free Edition is free of charge.

The following paid subscriptions provide a comprehensive set of next-generation firewall features:

  • Plug & Secure Home Edition
  • Business NGFW Edition
  • Plug & Secure SSE Edition
  • Plug & Secure SASE Edition

You can purchase a Business Edition through Zenarmor Cloud Portal or through one of our authorized partners.

For a complete feature comparison see: Subscription Plans.

Announcement

Sensei is re-branded as Zenarmor.

Last updated on by Zenarmor