Skip to main content

Requirements

Objective/Purpose

The purpose of this document is to write down the requirements of PFConsole Application.

Introduction

PFConsole is a centralized, multi-tenant management platform designed to monitor, manage, the PfSense instances. It enables secure agent-based onboarding, real-time health monitoring, configuration tracking, and remote operations across hundreds of devices. Built with scalability and reliability in mind, PFConsole provides a single pane of glass for operational visibility and control of distributed firewall infrastructure.

High Level Requirements

  1. Multi-tenant support (clients/tenants, sites, pfSense instances)
  2. Centralized dashboard for monitoring and management of pfSense firewalls
  3. Secure onboarding of new pfSense agents (enrollment tokens, mTLS/API keys)
  4. Real-time telemetry ingestion (metrics, logs, events)
  5. Pfsense Config change tracking
  6. PFSense version update management.
  7. Remote command execution and acknowledgement (queued/delivered/applied/confirmed)
  8. Alerts and notifications (thresholds, health checks, anomalies)
  9. Role-based access control (admin, operator, read-only, etc.)
  10. API layer for agent and dashboard communication
  11. Audit logging of user and agent activities
  12. Integration with external systems (Slack, email, ticketing, etc.)
  13. Reporting and analytics (usage, uptime, performance)
  14. High availability and scalability of PFConsole server
  15. Secure communication (TLS/mTLS encryption, token validation

Detailed Requirements

Monitoring

In this aspect, all the parameters are covered that are critical and needs to be monitored. It contains e.g.

  • IP Rules
  • NAT Rules
  • List of Users and Permissions etc
  • Health Parameters
    • Temp
    • CPU
    • RAM
    • Disk
    • State etc

Configurable time for getting different monitoring data.

Config file change Monitoring

Continuously check for change in PFSense config file and notify Dashboard if config file has changed as part of heartbeat. This heartbeat will be sent immediately when the change is detected.

Version Update Check

PFConsole dashboard will show the Pfsense version updates and option to update the Pfsense.

  • Options to disable updates on some pfsense with uncompatible hardware for new updates.

Security

All the communication will be secured.

PFSense Management

All the management operations will be available on dashboard, and user will be able to apply it e.g.

  • User management (Add, Delete, Update permissions)
  • Firewall Rule Management
  • NAT Rule Management
  • Patch Managements i.e. Version Updates

 

No Comments
Back to top