Netgate pfSense Reviews

• Fail-over of between multiple ISPs
• Firewall
• Graphs
• Real time interface monitoring
• The web UI gives you an overview of everything you want to see
• For an open-source solution it has performed fantastically
• OSPF
• It contains loads of optional packages e.g Snort (IDS), asterix (PBX), network monitors etc.

We have pfSense across three sites where it manages the VPN and firewalls between them. Also, it has reduced costs drastically and has outperformed its expectations.

The load balancing can be improved as it uses tier levels to balance. For it to function most effectively, you often need to have the same bandwidth on the ISPs.

We've used it for six years.

There were no issues with the deployment.

There were stability issues with certain versions, but fixes were released and the right hardware helped.

We do have issues as the right hardware needs to be deployed in order to expand correctly in certain areas.

We use a vendor team, Shrike Technologies who have been excellent, and once a while I consulted the pfSense cookbook.

The online forum has lots of answers.

We previously used Monowall and switched because we needed more functionality.

We used a vendor team, Shrike Technologies whose experience was very high.

Pricing is fantastic, we have gold subscription which covers on-line backup of device configurations, premium support, webinars and lots more.

Proper planning is necessary in order to select the right hardware and configuration required (rules, services etc.).

Flexibility is the most valuable feature for us.

There's no expensive licensing costs, which helps us save money.

Also, its capacity and functionalities are great for our needs.

Whenever a new version rolls out, there are hidden bugs. That's why we normally run a version behind for a little while before rolling into the current build.

We've had no issues with deployment.

We've had no issues with stability.

The features I've found most valuable are--

• Proxy server (to filter traffic, act as intermediary between our server and our client, and analyze and load-balance traffic)
• Load balancer (support multiple servers, load balances two gateways on the same tier)
• Hot spot (with captive portal, forces authentication or click-through for network access)

It's provided us with a fair internet speed for all users. We're also able to control web contents of our users.

The firewall feature could be improved.

We had no issues with deployment.

We had no issues with instability.

We were able to scale just fine.

- Firewall/router

- OpenVPN server

- DHCP server

- High availability cluster

- It's for FREE!

Before I started working for my present company, they used to use a small (for home use :) ) Linksys router. The main problem of Linksys was the limitation of firewall rules of up to 50 entries. I suggested using a main firewall/router because it has professional functions, has no limitation, and it's for free.

So far, from my point of view everything is working perfect!

I started working with pfSense in 2009.

Deployment is very easy and quite intuitive. Installation is very simple.

No, I didn't have any issues. Every issue I had with pfSense was with hardware (not caused by pfSense).

Never.

I never use customer service.

I never use technical support.

Before pfSense I had in the company an old Cisco router, but it had problems with stability so I was looking for an alternative and I found pfSense.

If you have some knowledge about router and firewall, initial setup won't be a problem for you. Ask google about it and you will find a lot of documentation, instructions and video.

I implemented pfSense by myself, so I can't rate the vendor team level of expertise.

System is totally free. I spent two days to implement it.
As hardware, I used old workstations which were prepared to scrap.
So ROI = use some cheap hardware with 2 NICs and you will get a professional firewall/router.

It's absolutly free, no pricing and no licensing.

I was checking some other alternatives (right now I don't remember which) but pfSense had the best documentation, so the choice was simple.

For professional use, I advise using two computers with three NICs

Why 2 computers???
To create a HA cluster.

You will need 3 WAN IP addresses, 3 LAN IP addresses, and a quite simple NIC configuration:

1st NIC use to WAN connection (CARP)

2nd NIC use to heartbeat and sync between two pfSense

3rd NIC use to LAN connection (CARP)

For more details ask Google :)

• Snort
• CARP
• Load balancing
• VPN

• Reduced the cost of our firewall solution
• Enhanced throughput compared with similar priced devices
• Stability
• Reliability

I'm no expert on this subject, and the OS performs all that is required.

I've used it for over one year.

No issues encountered.

We've only had to do one reboot in six months.

None as yet, because the solution hasn't reached capacity yet.

I'm yet to use the official tech support as the community provides all that I have required.

• Sonicwall
• Cisco ASA

We switched due to licensing costs and scalability.

It's relatively simple and straightforward, with enough documentation avalable online for the average user to install and setup.

£2000+

This product supports multiple ISP's, so it's good for implementation.

It's made us more productive.

FTP was not allowed, and it didn't indicate during set up whether FTP was to be allowed or disabled.

I've used it for about one year.

The stability is good.

The stability is good.

The technical support is good.

It's free.

All the other features are good, and with it being free, it is very attractive to the users.

• Firewall
• State Table
• Network Address Translation (NAT)
• High Availability
• Multi-WAN
• Server Load Balancing
• Virtual Private Network (VPN)
• PPPoE Server
• Reporting and Monitoring Applications
• Dynamic DNS
• Captive Portal
• DHCP Server and Relay

The reporting and monitoring applications improve our organization.

Load balancing of multiple networks

3 Year

Compatibility Issues

None

None

None

Excellent

Yes

Simplest

Extraordinary

pfSense software has the flexibility to integrate into wide area on a worldwide range of hardware. Among all monitoring and firewalls application. I haven't see powerful tools like PfSense.

• Battery backup
• True processor power at low energy cost
• Expansion possibilities
• Low noise emission

We like it mostly for being able to use BSD compiled software inside it. It is flexible, fast, powerful and full of features, such as an easy proxy filter, and clustering along with an easy and well developed web based interface.

Kernel support for laptop features, USB/Firewire ethernet cards, and specially built in WLAN cards. If the WLAN functions work properly, pfSense makes a perfect "repeater" or controlled and robust accessed point with built in QoS and firewall. Wider support for 3G and 4G USB cards as backup networks would be nice too. It was impossible to get some USB stuff to work.

We've used it for two years, with an HP Elitebooks 8350 for battery backup.

No issues encountered.

I got terrible kernel crashes on HP laptops while trying to setup WLAN, but it worked better on Fujitsu ones.

It has worked as expected so far.

I have never needed it.

I have never used it.

We have mostly used Cisco products. Their products feels like we are back in the stoneage when compared to pfSense. We switched as we needed more power (as traffic, bandwidth and user accounts grew). pfSense was one good clear substitute, and Cisco is too expensive if you want real throughput power, and it was too hard to administrate when we compared it with pfSense. also, anyone can learn pfSense pretty fast because of the intuitive web interface), and there is never trouble with invalid licenses. The features like IPS (snort/suricata) are well developed and can be used for free or at a small cost for extra security. The most valuable of all though, is that we could recycle old hardware to make our perfect firewalls, reducing the hardware cost.

It was easy.

We implemented these ourselves.

It's hard to say. The setup goes pretty fast and, once you know the hardware to be used, it will work, so there was no significant amount of time there. The laptops used in this project were already recycled and had enough power for us to make a cluster and be happy with them, so it pretty much only cost us the price of some 3G modems and some USB network interfaces. Maybe not more than 200 Euros per machine.

We evaluated IPCop and m0n0wall. We took a vote on our team and pfSense won the deal.

If you are unsure, do a labtest before you implement it. If you are still stuck on the traditional "stoneage" products, you may get amazing results.