We’re starting the process toward pfSense® software release 2.3.4. pfSense software release 2.4 is close as well, and will bring a number of improvements: UEFI, translations to at least five lanuguages, ZFS, FreeBSD 11 base, new login page, OpenVPN 2.4 and more. pfSense version 2.4 requires a 64-bit Intel or AMD CPU, and nanobsd images are no longer a part of pfSense as of version 2.4.
pfSense version 2.5 will be based on FreeBSD 12, which should bring route-based IPsec, along with support for our integrated management platform, NRDM (more about this soon), and a number of other features.
With the increasing ubiquity of computing devices permeating all areas of our lives at work and at home, the need for encryption has become more important than ever. Desktops, laptops, smart phones, tablets, and many other devices all share this need to be able to encrypt sensitive information. Without encryption, everything you send over a network (or even store on a local storage device) is in the open, for anyone to read anytime he wants to read or even change it.
While we’re not revealing the extent of our plans, we do want to give early notice that, in order to support the increased cryptographic loads that we see as part of pfSense verison 2.5, pfSense Community Edition version 2.5 will include a requirement that the CPU supports AES-NI. On ARM-based systems, the additional load from AES operations will be offloaded to on-die cryptographic accelerators, such as the one found on our SG-1000. ARM v8 CPUs include instructions like AES-NI that can be used to increase performance of the AES algorithm on these platforms.
The AES-NI instruction set extensions are used to optimize encryption and decryption algorithms on select Intel and AMD processors. Intel announced AES-NI in 2008 and released supported CPUs late 2010 with the Westmere architecture. AMD announced and shipped AES-NI support in 2010, starting with Bulldozer.
Please remember these requirements when you are considering components for your pfSense system.
Thank you for being part of the community and making pfSense great!
This post has been updated.