Building a security appliance based on FreeBSD

Mariusz Zaborski <>

If you are buying an appliance for your corporate network you probably expect that it meets the highest standards, right? When you buy a security appliance the expectations are even higher. Let’s discuss why FreeBSD is the ideal operating system for building such devices.

FreeBSD is one of the most popular Unix-like operating systems, though there are not many appliances that around it. The situation looks even more pessimistic, once we discuss security appliances. The speaker, in his daily job, has spent the last 4-years building the most advanced PAM solution in the world, which is based on the FreeBSD operating system. In this presentation we will discuss which- and more importantly how - FreeBSD features can be used to build appliances. The presentation will only present features that are available in the base system and not in third-party programs. The speaker looks forward to presenting all the nuances and best practices of using FreeBSD as the main component of the appliance. One of the major reasons for using FreeBSD is the best support for ZFS and all its features. Another reason is GELI and GBDE encryption methods, which have never been breached. Furthermore, we also have Capsicum which will help in compartmentalization. There are a host of other benefits of using FreeBSD which we will discuss in the presentation.