%201.png?width=302&name=Netgate%20Logo%20PMS%20(horizontal)%201.png "NetgateColorLogoRegisteredRGB.png")
Introduction
With millions of deployments across homes, small businesses, enterprises, service providers, and governments, pfSense® Plus software is the world’s leading firewall, router, and VPN solution for network edge and cloud secure networking. One of the most requested features for pfSense Plus has been Multi-Instance Management. We heard your requests, and are now pleased to give you a first look at the new Netgate Multi-Instance Management system for pfSense Plus software.
Overview
The Multi-Instance Management (MIM) system consists of a controller and its managed instances. A limited version of the controller is bundled into pfSense Plus starting with version 24.11. This architecture allows for a pfSense Plus system to both manage MIM clients and be managed by a separate instance. An extended version of the controller is planned to be offered as a standalone instance in the future.
Upon activation and configuration of the service on the managed devices, a secure private tunnel is established for communication between the clients and controller. This VPN is designed using the Noise Protocol Framework, which is a well-regarded framework used to construct secure channel protocols.
Once connected, instances may then be manipulated by a network operator, issuing direct API calls to the controller or via the Multi-Instance Management GUI. This paradigm provides a powerful toolbox with the freedom and flexibility to tailor device management to fit the individual needs of network operators.
Controller GUI
Multi-Instance Management features a GUI that demonstrates some of its core capabilities. In the first look, up to 3 instances of pfSense Plus can be managed in addition to the pfSense Plus instance running the MIM controller service. The MIM GUI can manage firewall rules, aliases, and more. Once activated, the MIM GUI is accessible via the configured port on the pfSense Plus instance that you designate as the controller. The MIM GUI also allows you to access and manage individual pfSense Plus instances using the new updated pfSense Plus web GUI.
Notice that the new GUI is not running on the individual client firewalls, but is actually running on the controller, utilizing the API for communication to the clients. This demonstrates the speed and responsiveness of the MIM API.
Conclusion
Netgate provides the tools and freedom necessary for MSPs and large organizations to build their own very powerful management systems, tailored to their own specific needs. This is a first look at our Multi-Instance Management system, and it is intended to highlight some of the capabilities that it provides, as well as give you an early look at some of the features on our pfSense Plus roadmap. To learn more about the Multi-Instance Management system, please visit our example videos and documentation linked below.
Watch a Setup and Tour of the MIM GUI and pfSense New WebGUI