Netgate pfSense Reviews

I use pfSense for the security of my company.

With pfSense we have low balances for the internet and the internet is always available. When our service provider fails, it takes communication to another service. The employees always have access to the servers that they need. They always have an abundant flow or they always switch to the lead when the internet fails.

It has a good web cache. I used to use a DHCP server and DNS server. For my company, I use pfSense as a load balancing application.

The HA proxy is the main feature that it's used for. 

Many people have problems setting up the web cache for the web system.

They should put an anti-spam in a web application firewall.

I have been using pfSense since 2006. 

The stability is rock-solid. 

I think scalability is good enough. 

I do the maintenance for pfSense.

There is a lot of information in the online forums. 

I have used other solutions but I chose pfSense because it's easy to use and configure.

The initial setup was very easy.

Before I set up, I wrote down all the levels on a paper and I drew the plan I wanted to protect. After that, I deployed it pfSense. I filtered the access to the users and to the servers. Everyone has the access that they need.

The deployment took less than an hour.

It's open-source. You can pay for support if you need. 

I would rate pfSense a nine out of ten. 

We use it for small businesses, and most of my clients are using pfSense.

It works. I put pfSense in, and it works. I can't think of any trouble I ever had with it. It runs on heat-sensitive appliances. They don't need a fan, so they don't overheat. 

It is affordable, fast, and very high-speed. It is built on BSD Unix, and it pretty much runs on any Intel processor. 

I've never tried it in large environments. All my clients are small businesses with a handful of employees, so I am not sure how it works in large environments. I keep up with recent versions, and there's nothing I'm waiting for, and nothing breaks when I get a new version.

I have been using this solution for maybe five years.

It just works.

I've never challenged it. All of my clients are small businesses. It is open-source software, and it runs on whatever appliance you run it on, so whatever computer you run it on, it'll scale up pretty high.

Their technical support is excellent. They do have good support service. I don't use it because I've never had any problems with it, but the people I know who use it in bigger environments love it. You can even search their knowledge base and learn anything you want to know pretty quickly. 

Some of my businesses just use the built-in firewall in the ISP modem. I replaced an old SonicWall that couldn't keep up with a faster internet service. I've replaced a couple of Cisco solutions that were just getting old to run modern software, but the hardware was working. They just died of old age, and I replaced them with pfSense. It has been great. I'm sure a lot of people know how to configure Cisco solutions, but I don't. pfSense is very easy to configure.

It was very simple. You download and boot a USB stick or a CD to install it. From then on, it is managed by its own webpage. The deployment takes a few minutes.

It has almost zero cost, and it is open to us. It runs on a small appliance just for a couple of 100 bucks, and I've never had an appliance burn out on me yet. 

It is just great. Give it a try. It just works.

I would rate pfSense a ten out of ten.

Typically, we implement this solution on an enterprise-level for our clients and set it up for them as required.

The solution offers good value.

The captive portal on the product is excellent.

The solution has a very nice load balancer.

It's a good solution for end-users. It's pretty easy to work with. 

The user interface is very nice. It's easy to navigate around the solution.

Technical support is very helpful.

The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them.

I've been working with the solution for enterprise-level organizations for four or five years at this point.

Our clients use the solution across 100-200 computers. Some of the implementations are sizeable.

I've dealt with technical support in the past and have found them to be helpful and responsive. we have been satisfied so far with the level of support provided. They are easy to work with.

We implement the solution for our clients, so we have a good sense of what is expected.

As an implementer, our company can handle the initial setup for our clients.

We implement the solution for our clients. I've personally implemented the solution on five projects so far.

We work with the latest version of the solution, typically.

Our companies are typically mid-level enterprises. 

This product is the very best. Overall, I would give it a rating of ten out of ten.

We have internet limitations here in Sudan. The financial institutions that I am working with do not have a lot of services on the internet.

It is difficult but at the same time, we are safer and are not faced with any kind of compromised data.

This solution is suitable for small businesses and charity organizations. Security is not just about the firewall, you need policies and procedures in place.

The developers of pfSense follow the principles of open-source.

They keep it simple. It's simple and good.

The problem with open-source is that no one can take responsibility.

It needs to be more secure. Security needs improvement.

It's always better to have an agreement, an SLA regarding security. You should outsource your security to another company.

I have been using pfSense in my home environment since 2010. I have a small lab, a small environment.

We have also deployed it in my workplace.

It's a stable solution.

pfSense is scalable.

At our peak time, we have reached more than 5,000 concurrent connections.

I do not have experience with technical support.

I am also using IPFire. It's also open-source.

It's very stable, and it meets my business needs.

The initial setup is straightforward.

If you have solid knowledge and experience in IP tables, then it will be easy for you to deal with this product or any firewall. For example, Palo Alto or Fortinet. It's the same concept.

Depending on your activities, it can take a long time to deploy if you are new to this solution. For me, it takes less than one hour.

You have to understand the network technology and you have to understand what you are going to protect, and what service are you looking to protect. If you address these questions correctly, the installation is just a matter of a couple of clicks.

I completed the implementation myself.

We are using the open-source version, not the commercial one. 

It's very affordable.

I would continue to use pfSense if the decision was mine, but it is out of my area. It depends on the CIO.

I would recommend this solution to others who are interested in using it.

pfSense will not cost you any money.

It depends on your business needs. You have to address your business needs correctly.

I would say to go with pfSense. If you feel that it is not compatible, you have other purchase options such as Palo Alto.

I would rate this solution a ten out of ten.

We primarily use the solution basically for the firewall, UTM content versioning, bandwidth shaping, routing, and IPS.

The solution is an open-source product, which makes it very cost-effective.

Overall, it covers all of the requirements our organization has at this time. 

The initial setup is easy.

As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me.  

Integration with other products could be improved. It needs log research integrated within it to make it more useful for our purposes.

I've been using the solution for three years.

The stability is questionable. There are glitches. Since no one is really managing the solution, and no one takes ownership of it, there aren't many fixes that happen on it.

We have about 500 people who are taking advantage of the solution within our organization.

The solution is quite scalable. We looked into scaling and found it would be easy enough to achieve if we decided to go ahead and do so in the future.

We've never contacted technical support int he time that we have used the product. I can't speak to any level or service they provide.

We did previously use a different solution before switching to pfSense. We originally switched to this solution due to the fact that it was so cost-effective.

The initial setup of the solution is not complex at all. It's quite straightforward. It's also not our primary firewall. We have another solution for that. This operates as our secondary firewall, and we were able to add it rather easily into our security network.

Deployment is very quick. It only took us an hour or so to set up.

Our provider handled the maintenance for us as needed. We don't handle that in house.

We had a few consultants and a list of vendors that assisted us in the process of procurement and implementation.

The solution is open-source and therefore the solution is very cost-effective.

We're just using this solution; we don't have a relationship with the vendor.

In terms of the version of pfSense we are using, we have that basic boss, 1.0 however, that is behind the firewall. The firewall which we were using is UTM1240B.

While we are satisfied with the netting features and the bandwidth controlling and routing, we find cannot expose our entire network to pfSense as there's no underlying ownership fo the product itself. We prefer a hardened firewall.

Due to the fact that it is an open-source solution, no one at an enterprise-level would ever think of putting pfSense at the gateway level or even at the main level. I would definitely recommend pfSense as the second lane of action, just not on a workload.

I'd rate the solution six out of ten.

We have a hosted platform with our client. We've built a VPN site and the solution is deployed as a VM. The client connects to it and it protects anything that's behind it like a regular firewall. Everything we have there is hosted in a data center, all our servers and things that clients connect to. So we're using it as our gateway device. We are customers of pfSense and I'm the owner of our company. 

I like the site-to-site VPN and the basic firewall features.

Right now we have to use a lot of third party plugins with other providers that have their own built-in features so I'd like to see layer 7 advanced firewall features included in the solution. It would definitely improve the product. 

We've used pfSense over the past three years. 

The stability is very good, it's just that it's not as easy to use as SonicWall. There are limits as to who we can put to work on the solution, a limited number of our engineers work with it.

The solution is very scalable. We don't sell pfSense to the end users, we use it ourselves. Our clients have SonicWall but the whole company benefits from the firewall. 

We've never used technical support but we're looking into it now and I think it's very comparable to SonicWall.

It's harder to set up pfSense than SonicWall. Only a couple of people in our company can do that. 

We are currently using the open source solution so it's free. 

There's a learning curve to this solution, it's not as simple to use as some of the other GUI based firewalls. You need to play around with it a bit. 

I would rate this solution an eight out of 10. 

I had an appliance that died six months ago. Then I didn't want that hardware anymore, so I bought two new servers. A single power supply but dual on a network with three times four network cards. On that, I installed the pfSense (Community Edition).

From inside to outside, I have about 15 to 20 node servers and users going outside. From outside to inside, I have only three tech support people, myself and two other ones. With regard to clients using the platform from outside to inside, on the servers inside, I have about 1000.

I had some outages in the network and we provide services for our company. We sell mobile credits. The terminal gets access to our own server inside the network and if one internet fails, then the other one is still up and we have a back-up link on the devices. 

If the devices cannot send the first IP address, they make use of the second IP address, which is the back-up link to access the servers. In terms of outages, ever since I used pfSense, I have that feature. 

In terms of experiencing delays, the server has the primary IP and the secondary IP configured on the client terminals. The total solution works.

I'm still experimenting with some new features. I want to do a high availability configuration. I haven't done that yet, but I'm using OpenVPN, it's very handy. 

Some suggestions for improvement of pfSense are:

• Adjustment in the interfaces: I had to adjust those interfaces manually and of course that is a great feature that you can restore it but it is immediately also one point for improvement. If you don't have to adjust, if it's just stamped and it works, that's great.
• With regard to the Community Edition, when I installed it, we use Proxmox as an equivalent of PMWorks and I installed the Community Edition in Proxmox. That was very difficult to get to work at first. A lot of tweaking. That is very, very not easy.
• When I'm inside of my network and I go to a URL, the URL points to a server inside my network. It doesn't hang, but I don't get a response. It just stays blank. 
• I can imagine that inside my network, I am going outside, and it points to the public address, so I can reach it. With eSoft, without any adjustment, it worked, and I was able to do that. I went to search pfSense for an option, and I had some documents open to read about how it is done, but it isn't clear enough. It's not that easy. I would appreciate it if I could get easy help on that.

pfSense is very stable. My own disappointment is the appliance only worked for a year and two months. It might be just bad luck, but that was very disappointing.

I had to use pfSense Community Edition on a general desktop. That was done within three hours. It took me three hours just to get the hardware, download the software, and then set it up to get everything working again. 

After that, I ordered the new server with two servers: one has to be active and the other standby. I am going to try higher scalability on it using pfSense. 

The configuration is already on the servers. I did all this myself because of my experience. The utilization of the CPU, etc., it's very low. 

I like pfSense. It doesn't take too many resources and it's very stable.

I did not utilize pfSense customer support. You have documentation, there is enough documentation online to get you through. I haven't actually used tech support. When I bought the appliance, I was entitled to one year of tech support. I never used it, it wasn't needed. 

I previously evaluated eSoft by Untangle. Untangle is an open source company but you have to buy custom add-on's to get it to work. I bought eSoft and it's very good.

I am also the CEO of my company. This technical part, it's not my profession, but I get less and less time to invest, and more time playing around with this stuff. 

When we were growing, a small company, eSoft was small, so I needed a bigger one. I had to reset eSoft every week because of the growing traffic over it. I wanted a bigger one and it was not available. 

What I wanted to do was not possible with Untangle. Untangle was basic stuff. I bought the pfSense appliance and it's open source, but I support the project. 

I bought it and I got disappointed because I again wanted a bigger one. My first choice would be Cisco because of my background but Cisco is expensive.

eSoft was good. Before switching from eSoft to pfSense, Cisco at that time was not an option. 

Every software in our company, every desktop, every server, is open source. If it isn't CentOS then it's Red Hat or Ubuntu. 

Open source was preferred and pfSense was number one on the list.

Ever since the first time I used it, it's very straightforward, it's very easy.

My strategy was to get it connected to the internet first, then apply some rules for forwarding and VPN. 

The first one was very easy to set setup. VPN was not that straightforward but there is enough documentation to get you through it and that helped. 

In terms of time, the Community Edition took very long to install but once installed, to configure, it took around 15 to 20 minutes.

I did the setup all by myself. There is documentation online and that is sufficient. It's good enough, very good support in the documents.

If you haven't invested a lot of money, you will definitely see the return on investment with pfSense because you hardly spend anything, except for the hardware. 

With the appliances, pfSense should look into longevity issues. Your hardware should take, like Cisco's and others, years before they break. In terms of other retailer equipment, it's a safe bet towards pfSense.

That's why I purchased it but I have to look into the high availability. There is documentation of people that I know that are going to get it to work. I'm going to test it because that is our business that we are talking about also.

It should work because of the resale mobile credit for our customers. Another thing I will definitely try is the virtual IP because the virtual IP feature can bridge the two interfaces. The SSL certification is from Google. 

That was it for me, I'm 100% happy.

I prefer appliance licensing with pfSense (Community Edition). 

1. It's free. 
2. It's very stable. 
3. It's only on the hardware, it can be very fast.

Choose the appliances because it is nice to have the hardware cut out for it, i.e. the right hardware for the right software. 

I used to be a Cisco network expert. I used to train people and I've done some Cisco projects myself. I know Cisco by heart but I was less excited about Microsoft, so I went researching for open source solutions and I came across pfSense.

I was able to compare pfSense with Cisco. I used it for a client of mine as well, and it was interesting. After that, I started my own company and I came across pfSense again. 

I looked into pfSense. You have OPNsense from the Dutch and then you have pfSense. I've tried both and I like pfSense more.

I definitely plan to increase using pfSense. I am going for a higher capacity. If power fails or one server dies, or one gateway dies, the other servers will take over seamlessly. That's the ultimate for us.

I would definitely rate pfSense an eight and a half out of ten. Definitely eight and a half, not lower, could be a bit higher. Because it's stable, it's good. If the small issues I've mentioned are worked on then I would go to a 10.

We use this at all of our locations as our edge device, IPSec site-to-site VPN functionality between our offices and our AWS EC2. No matter what is thrown at this, the system handles it like a champ. We have both dedicated hardware and virtualized versions running in our infrastructure. So far we haven't found a reason why we need to spend thousands for an appliance like Cisco ASA when this handles all of our needs.

We're a small business growing rapidly. We recently overhauled the IT infrastructure, and after looking at a number of other competitors, pfSense has been a lifesaver, allowing us to scale up and provide compliance without the need to purchase additional licenses to offer services to our employees.

There are so many packages you can install which extends pfSense's capabilities including consuming from lists such as FireHOL, Pi-Hole, etc. Here are a few packages we use:

• IPSec: pfSense allows for both v1 and v2 IPSec configurations to secure your connections.
• IPS: You can use Snort or Suricata along with Snort packages, even subscribe to commercial packages if you wish. This alone starts making pfSense on par with Cisco.
• Proxy/content filtering: You can install Squid and SquidGuard to act as a proxy and content filter. Yes, it does filter HTTPS, and there's a number of ways you can do it out of the box.

pfSense also reformatted their logs so that they're compliant and standardized. We have our logs shipped to our SIEM and Logstash servers.

While I agree spam filtering is not included or an option with the system, I don't necessarily hold that against the product as there are a number of other services that do it far better than a firewall could. If you use Office 365, Microsoft's implementations are likely to be far superior to what you'll get from a firewall. However, with that said, the one item I wish it included, even if it was a subscription-based service, is the inclusion of an AV and/or threat intelligence. This would elevate the solution well above other alternatives. 

We have not encountered any stability issues and have upgraded to each version over the years. They've really made a rock solid solution.

Extremely high. We tested it on VMs running different configurations from extremely lightweight to overkill. It will run on anything and maintain it's high performance. Obviously the more you give it, the more amazing the solution becomes. 

I had one question, and they got back to me extremely quick. Not only are they knowledgeable about their product, but they're kind and courteous.

Old and outdated infrastructure procured before I joined the company.

Not only was it straightforward, but if you know nothing about firewalls, you can install this. Especially since they recently made their entire guidebook free to use. Not to mention the countless blogs and how to's. Low to intermediate level IT pros should be able to handle this baby.

In-house.

From day one you get a 100% ROI. If all you have is an older server you recently decommissioned, with multiple NICs, I strongly recommend installing this software on it and giving it a shot. Doing that alone will beat out any competitor hands down.

For the cost and what's included, you can't beat it, no way no how. If you're worried about enterprise solutions, the only thing you need to do then is to purchase a support contract, and you have an enterprise solution. You can even purchase hardware from the vendor if you choose.

Cisco, WatchGuard, Sophos, Fortinet, Untangle, Juniper.

I strongly recommend giving pfSense a hard look. I've been in IT for 20+ years, and I've run the gambit on other firewalls. pfSense definitely can hold it's own against any of them.