The pfSense is the central point of the network and allows, or not, the machines to communicate together and restrict access to only what is necessary.
pfSense is an absolutely amazing distribution:
- on one hand it is very powerfull, has got a very good web-interface, gives best possibilities of settings, is absolutely compatible with a professional use
- and on the other hand it is accessible for hobbyists and no skilled admins. The only 3 main things you have to understand for the beginning are:
- don't modify the settings that you don't understand what they do => pfSense has go a very good (and safe!) default configuration.
- making a NAT-rule makes (if checked) the corresponding firewall rules
- the firewall rules are applied from the top to the bottom.
- very stable, runs days after days without any problem, needs nearby no administrative task between the rare updates, so that you can almost forget the machine!
I run the pfSense on a dedicated miniPC: several network interfaces, fanless, storage on integrated SSD, power consumption =~8-10W