High-performance edge firewall - all in software.

The firewall functionality and throughput you need.

No unnecessary, expensive, security function bloat.

On Premises or in the Cloud.


In the modern world, routers have firewall capabilities and firewalls have router capabilities. The feature sets are so blurry that any attempt to try to wholly separate them is purely academic. That said, routers and firewalls are "technical opposites". By default, a router wants to route any traffic over any connected interface - unless it's told not to. A firewall, however, exists to prevent traffic from moving between two points. Effectively, its job is to block traffic unless told not to.

As we state throughout this site, TNSR® software is first and foremost a software router. But, it's a highly-scalable software router with rich access control list (firewall rule) capabilities.

TNSR software, today, is not a Unified Threat Management (UTM) or Next Generation Firewall (NGFW) device. However, that is on purpose. Many of our customers request a multi-gigabit router with suitable firewall controls. In fact, they eschew the use of UTM/NGFW products - owing to flagging performance when security functions like anti-virus/spyware/phishing/spam, IDS/IPS, and application fire-walling via deep packet inspection are activated - let alone whether those security functions are even effective. For others - who rely on endpoint solutions for Anti-X, email scanning at the email server, and a separate IDS/IPS appliance for intensive malware detection and blocking - most of what is promised in a UTM/NGFW is both marginal and expensive.


If your firewall needs are centered around high-performance edge routing with enterprise-class L2 IP/MAC ACLs, L3 ACLs, L4 ACLS, robust NAT and Large-scale NAT capabilities, TNSR software is the firewall for you. Further, as your edge networking needs evolve to smaller packet and/or encrypted traffic - in support of cloud applications - firewall protection will be expected to scale transparently right alongside routing.  This is where TNSR shines.



TNSR software provides 5, 10, 25, 40 Gbps or more firewall performance via "ASIC-speed" software on commercial-off-the-shelf (COTS) hardware.

Highly-scalable ACLs. Easy deployment. Low cost.

Key firewall capabilities include:

        • Line rate multi-gigabit firewall functionality for tens of thousands of ACLs
        • L2 IP/MAC ACLs, L3 ACLs, L4 ACLS
        • Requisite NAT features: Port Forwarding, 1:1 NAT, Outbound NAT, NPT, NAT44, NAT-T
        • Large-scale NAT features: MAP-T/E, NAT-T
        • Easy Scale. Simple software license update
        • Flexible Deployment. Netgate appliance, third party COTS appliance, virtual machine, or public cloud
        • High Availability. VRRP
        • Flexible management. CLI or REST API

High-performance Edge Firewal


TNSR software as a firewall is ideal for data center, remote office, branch office and cloud edge access control. Fast. Scalable. High Availability, Easy to deploy and manage.



Stay up to date

There’s always something new with open-source, secure networking and TNSR software. Keep up with us by visiting our blog, social communities and newsletter.


Get a view into how open source is disrupting secure networking and changing the technology landscape.

Netgate Blog

Netgate Newsletter

Discover the latest announcements, product information, and industry news with our monthly newsletter.


Netgate Newsletter

Social Communities

Twitter Circle Logo LinkedIn circle logo Reddit Circle Logo Facebook circle logo instagram circle logo