Sensei Premium Features extend the capabilities of OPNsense to include advanced security and threat protection with near-real-time threat feeds, web, user and policy-based filtering, SIEM data integration, API access, reporting, and compliance capabilities as well as 24/7 help desk support.
Advanced Threat Protection
Sensei Premium provides Advanced Threat Protection against the latest malware, viruses and phishing attacks by blocking websites that are known to host malware and viruses and launch phishing attacks. With Sunny Valley’s Advanced Threat Protection feed, users are provided with near-real-time commercial-grade threat tracking and protection.
In the Sensei Policies section select a Policy Name or create a new Policy.
Next, click on the Security tab.
In the Advanced Security section click on the required selections.
Enabling Advanced Threat Protection
Suspicious Domain Blocking
Sensei Premium blocks suspicious domains including expired domains, hacked and newly registered domains (NRDs) favored by threat actors for launching malicious campaigns. Research shows that NRDs, for example, are risky, revealing malicious usage of NRDs for phishing, malware, and online scams. In addition, Sense Premium also blocks any expired DynDNS sites.
Enable domain blocking in the Sensei Policies section by clicking on the Policy Name.
Next, click on the Security tab and navigate to the Advanced Security section and make selections.
Domain Blocking Selection
Filtering & Compliance
Customized Landing Pages for Blocked Sessions
With Sensei Premium, IT administrators can create custom response web pages that are displayed when a user tries to access a blocked URL. With custom HTML pages, messages are displayed when a user requests a web page or file.
To upload or view custom response pages, navigate to Configuration in the Sensei section of the OPNsense portal and scroll down to the Landing Page section.
Landing Page Customization
Click View or Download to view the current template or Browse to add a new HTML template.
Custom HTML Template
Web and URL Filtering
Sensei Premium lets administrators create customizable web filtering profiles and policies based on a cloud-based web categorization of 140+ Million web sites under 60+ categories.
Enable or disable web and URL filtering controls by navigating to the Web Controls tab in the Policies section. Preset profiles allow for permissive to custom controls.
Web Filtering Profiles
Policy-based controls let users create an unlimited number of policies to customize filtering and controls for different groups of users. With Sensei Premium, an unlimited number of policies can be created based on Network Interfaces, VLANs, Subnet / IP addresses and users/groups. All policies are controlled via the Policy Wizard.
To add a new Policy click on Add New Policy in the Sensei Policies section of OPNsense.
Next, click on the Policy Configuration tab in the Sensei Policy Wizard.
Sensei Policy Wizard
Filtering Policies by Interface/VLAN and IP/Network Address.
Enter the VLAN number and IP/Network Address.
Filtering Policies based on Users and Groups and Schedule
Enter the Group or User and create a Schedule.
Once the Policy has been saved by clicking on the Save Policy button on the bottom right of the window, the policy can be managed and edited in the main Policy window.
The Saved Policy can also be managed across Security, Application and Web Controls in the main Policy tab ribbon.
Sensei Granular Policy Configuration Video
By enabling Captive Portal or installing the Sensei Active Directory Agent on an Active Directory server, users can be added to OPNsense for User-based filtering.
Sensei Active Directory Integration Video
Sensei Premium can stream data to external remote Elasticsearch or MongoDB servers for log parsing and Security Information and Event Management (SIEM) system integration. In the Configuration section of the Sensei OPNsense portal select the Reporting & Data tab.
Scroll down to the Stream Reporting Data to External Elasticsearch section and enter the URI of the external Elasticsearch Server.
Data Streaming to Elasticsearch
Sensei Premium provides API access for Sensei engine configuration and management. Rest API Security Tokens can be created by navigating to Configuration and scrolling down to REST API Security Tokens.
REST API Security Tokens
Premium Support provides access to the Sunny Valley Help Desk. Through the SVN Help Desk, users can access configuration and access information, create high-priority support tickets for SVN engineers that are available 24/7.