🧭 1. What is Zenarmor?
Zenarmor (formerly Sensei) by Sunny Valley Networks
is a Layer-7 Next-Generation Firewall (NGFW) plugin for OPNsense.
It adds Deep Packet Inspection (DPI) and application-aware control
on top of traditional Layer-3/Layer-4 filtering.
| Category | Example Apps |
|---|---|
| Social Media | Facebook, Instagram, LINE |
| Video Streaming | YouTube, Netflix |
| Cloud Services | Google Drive, Dropbox |
| Messaging | WhatsApp, Telegram |
| Gaming | Steam, Fortnite |
Zenarmor enables administrators to manage network access
based on application type or content category,
not just IPs and ports.
⚙️ 2. How It Works
Zenarmor embeds a DPI engine within OPNsense to inspect live traffic:
- Packets are mirrored as they pass through OPNsense;
- Zenarmor analyzes packet content in real time;
- Application signatures are matched;
- Policy (Allow / Block / Limit) is applied;
- Logs and analytics appear in the dashboard.
🧩 3. Correct Installation Procedure
⚠️ Starting with newer releases, Zenarmor requires
installing Sunny Valley’s Vendor Repository (os-sunnyvalley) first.
Step 1 – Log in to OPNsense
Use an admin account (e.g. root) to access the web GUI.
Step 2 – Install Sunny Valley Vendor Repository
- Go to
System → Firmware → Plugins - In the search box, type:
os-sunnyvalley - Locate:
Vendor Repository for Zenarmor Next Generation Firewall Extensions - Click +Install.
✅ This adds the official Zenarmor package repository.
Step 3 – Refresh Package List
Go to:
System → Firmware → Status
and click Check for updates
to register the new repository.
Step 4 – Install Zenarmor Plugin
Return to:
System → Firmware → Plugins
Search for:
os-zenarmor
or (on older systems):
os-sensei
→ Click +Install
Step 5 – Run Initial Setup Wizard
After installation, a Zenarmor menu appears on the left.
Navigate to:
Zenarmor → Configuration → Initial Setup Wizard
Follow the wizard:
| Step | Description |
|---|---|
| 1️⃣ | Select interfaces to monitor (LAN recommended) |
| 2️⃣ | Choose deployment mode (Passive / Routed / Transparent) |
| 3️⃣ | Choose reporting DB (SQLite / Elasticsearch) |
| 4️⃣ | Create admin account |
| 5️⃣ | Finish setup and enable service |
Step 6 – Start Zenarmor Engine
Zenarmor → Status → Start Engine
Zenarmor now begins inspecting and classifying traffic in real time.
💡 4. Key Features
| Category | Example |
|---|---|
| Application Control | Block YouTube, Facebook, P2P, VPN |
| Web Filtering | Block adult, ad, or malicious sites |
| Reporting | Top apps, users, bandwidth usage |
| Threat Intelligence | Detect risky IPs/domains |
| Policy Profiles | Apply rules per VLAN or user group |
🧠 5. Editions
| Edition | Features | Ideal For |
|---|---|---|
| Community (Free) | Basic app visibility, reports | SMBs |
| Business | Threat intel, AD/LDAP integration | Enterprises |
| Premium Cloud | Centralized multi-node control | MSPs |
✅ 6. Deployment Tips
| Item | Recommendation |
|---|---|
| Monitored Interface | Use LAN only |
| Mode | Start with Passive for testing |
| Reporting DB | Use external Elasticsearch for large environments |
| Performance | Tune cache under Configuration → Advanced |
| Integration | Zenarmor complements OPNsense firewall, not replaces it |
✅ 7. Conclusion
Zenarmor transforms OPNsense into a full Next-Generation Firewall (NGFW)
with application-aware policies, L7 visibility, and real-time reporting.
It allows IT administrators to:
- Enforce smart access policies,
- Detect risky or noncompliant usage,
- Enhance visibility and control of enterprise traffic.
For modern corporate networks, Zenarmor is the key bridge
between traditional perimeter security and intelligent traffic analytics.