Netgate pfSense Reviews

We primarily use the solution basically for the firewall, UTM content versioning, bandwidth shaping, routing, and IPS.

The solution is an open-source product, which makes it very cost-effective.

Overall, it covers all of the requirements our organization has at this time. 

The initial setup is easy.

As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me.  

Integration with other products could be improved. It needs log research integrated within it to make it more useful for our purposes.

I've been using the solution for three years.

The stability is questionable. There are glitches. Since no one is really managing the solution, and no one takes ownership of it, there aren't many fixes that happen on it.

We have about 500 people who are taking advantage of the solution within our organization.

The solution is quite scalable. We looked into scaling and found it would be easy enough to achieve if we decided to go ahead and do so in the future.

We've never contacted technical support int he time that we have used the product. I can't speak to any level or service they provide.

We did previously use a different solution before switching to pfSense. We originally switched to this solution due to the fact that it was so cost-effective.

The initial setup of the solution is not complex at all. It's quite straightforward. It's also not our primary firewall. We have another solution for that. This operates as our secondary firewall, and we were able to add it rather easily into our security network.

Deployment is very quick. It only took us an hour or so to set up.

Our provider handled the maintenance for us as needed. We don't handle that in house.

We had a few consultants and a list of vendors that assisted us in the process of procurement and implementation.

The solution is open-source and therefore the solution is very cost-effective.

We're just using this solution; we don't have a relationship with the vendor.

In terms of the version of pfSense we are using, we have that basic boss, 1.0 however, that is behind the firewall. The firewall which we were using is UTM1240B.

While we are satisfied with the netting features and the bandwidth controlling and routing, we find cannot expose our entire network to pfSense as there's no underlying ownership fo the product itself. We prefer a hardened firewall.

Due to the fact that it is an open-source solution, no one at an enterprise-level would ever think of putting pfSense at the gateway level or even at the main level. I would definitely recommend pfSense as the second lane of action, just not on a workload.

I'd rate the solution six out of ten.

I have used it in town halls with a number of employees ranging between 40 and 60. I have also used it in educational institutions.

The use and results may vary according to the objectives of the institutions. 

In the case of city councils, I have taken the maximum advantage, taking into account that they were small institutions for which the tools provided by pfSense were sufficient according to the requirements of those institutions. 

However, in educational institutions, it was more difficult. Sometimes, the tools have fallen short.

• The part of the firewall and aliases
• The content filter in non-transparent mode and transparent mode with Squid and SquidGuard
• The possibility of adding packages to perform network analysis
• Creation of certificates
• The facility to administer services

The product is good in many of its departments, but this should make HTTPS filtering more efficient since Squid falls short when using man in the middle. It works, but it is not 100% efficient. It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology.

Two particular features stand out to me:

1. The WAN load balancing feature
2. The product offers many additional functions such as router, WLC, and traffic analysis etc.

It has enhanced our organization because of its versatility. It doesn't need expensive hardware to build a robust firewall, therefore, providing a saving on cost. Also, its reliability is quite remarkable which allows IT to focus on other tasks, and how efficiently it manages our WAN traffic.

I think the dashboard/interface could be improved and the ability to manage it from a mobile platform.

I have used this solution for the past two years.

No issues encountered.

No issues encountered.

No issues encountered.

I have never had to use customer service.

I've never used it, but their technical knowledge base, and via online documents and forums, is quite good, but not excellent.

We didn't have a previous solution.

It wasn't straightforward but at the same time not complex. The only issue was identifying relevant static routes to move traffic in and out our network.

I implemented it myself.

The setup cost was practically zero because we had servers in stock. Also, there is no real day-to-day cost attached with it either.

No evaluation took place, we just looked at the initial cost to implement a solution using the hardware we have, and how fast it could be rolled out

Plan, research and test certain features and configurations in a lab environment first.

The solution is fairly scalable when it comes to integrating with other applications and data sets. They have a lot more customization compared to the competition.

They could improve their commercial stance and be more agile when it comes to the commercial pricing of enterprise deals.

For a feature update, they should increase the API integrations into decentralized identity platforms making it stronger.

I have been using the solution for two years.

In my experience, this solution is able to increase its scalability.

Technical support is very supportive. When we are in contact with them, there is no problem at all.

The setup was straightforward.

When doing deployments of the solution we generally average approximately six to eight weeks.

The pricing is lower than some of its competitors. However, If you do not have a strong technical team and are trying to get pfSense to do some of the same functions as some of the competitors such as Fortinet or Palo Alto, It will cost you a lot in professional services to do it. You then lose the low cost-benefit of this solution.

I have evaluated Fortinet, their pricing is reasonable for the SME market, but they are not enterprise players. The strongest solutions in this field are certainly SentinelOne and Carbon Black, they outperform everything else.

I would recommend the solution to others.

I rate pfSense an eight out of ten.

At a custom company with several locations.

It has improve my organization through the services that can be added, which makes it highly scalable, from graphic monitoring services to load balancing or captive portal.

It is very difficult to decide one, as they all complement each other, from the DHCP administration to the captive portal. in my case, I would say OpenVPN has helped me to interconnect the company network in a secure and manageable way.

ClamAV AntiVirus can cause some crashes. That service should be improved.

For two years.

I consider it very stable.

It is highly scalable. All services are free.

No, there was no firewall implemented.

The initial setup was simple and fast.

It is an open source firewall.

Yes, OPNsense. It is very similar and better than PfSense.

You should try it.

For security testing in network functions virtualization (NFV). 

It is a good firewall with good performance.

Stateful packet inspection. It works quite well for an open source product. 

More regular patch updates, because this is very important for a firewall.

Works with:

• Routers
• Firewalls
• Network address translation (NAT)
• VPN
• OpenVPN
• DHCP Server.

• More control of the access to network resources
• More control of the security policies
• Integration with Active Directory
• Centralized administration

Centralized administration with multiple services, which allows for execution in several important functionalities of information security.

Services on additional features: 

• SNMP Network Management 
• Managing inventory
• Generating IT reports.

I use pfSense firewall, especially as an IPSec VPN Server. There are several VPN connections with equipment of various manufacturers at the other end.

I use ServerU as hardware instead of an ordinary PC, as most other people usually do.

The gain in performance and security from configuring the VPN connections was significant, since pfSense has replaced a server with a custom Linux open source version, which was running on outdated hardware.

Security and stability. The pfSense server acts as "IPSec VPN Server" for a small financial institution, but regardless of the company size, interruptions would cause significant financial impact.

pfSense serves us very well. My only observation is about the quality of the IPSec logs, which are difficult to interpret and are poor in filters. I have more than 10 IPSec VPN connections, and when there is a need for troubleshooting, the logs are of little help.

With regard to this configuration, I consider it a stable solution.