Netgate pfSense Reviews

I recently started using pfSense to secure my home network. As an IT consultant working remotely, I needed better security than my router offered. I run servers in a lab environment to demo software for clients, and in my previous consulting role, I managed networks for companies of all sizes, some with hundreds of thousands of devices. Since we can't modify a client's environment directly, having a secure home lab for testing is crucial. pfSense allows me to segment my network and use a VPN for secure remote access, offering more functionality than my previous setup. While a free version exists, I opted for the convenience of a pre-configured appliance.

pfSense surprised me with its ease of use, even though it's powerful enough for corporate environments. Unlike my previous complicated Cisco firewall that now collects dust in the garage, pfSense offers the flexibility and functionality I need.

pfSense offers a default rule that allows all traffic initially. While I prefer to block everything by default and only allow specific traffic, this approach led me to accidentally lock myself out of the firewall during configuration. The device functioned as intended, following my overly restrictive rule. Resetting to factory settings was a learning experience, and now I understand how to avoid self-imposed lockouts. After diagnosing my initial setup issues, I successfully corrected them and implemented filters that boosted our internet speed. This experience made clear the benefit of pfSense for our network.

The firewall acts as my first line of defense against data loss by controlling incoming and outgoing traffic. Additionally, I keep my devices updated with security patches and utilize application whitelisting, which restricts programs to those from approved vendors with verified digital signatures. This helps prevent unknown malware from executing on my system. While demonstrating data loss prevention for a government agency, I encountered a connection hurdle between my devices on different subnets. Realizing a firewall was blocking communication, I opened the necessary ports to allow the connection. This highlights the firewall's role as a first line of defense. Even if one device is compromised, the firewall helps prevent the attack from spreading to other segments of the network. However, it's important to remember that the subnet itself remains at risk, which is why I also use local firewalls on individual devices for additional protection.

When it comes to the firewall functionality of pfSense, it does provide a single-pane-of-glass to manage everything.

The most valuable aspect of pfSense for me is its firewall functionality. It allows me to set up different networks, and VLANs, and control how subnets communicate with each other, all the way down to individual nodes. This granular control is very important for my network security. Additionally, pfSense offers a variety of alternatives like VPN that I haven't explored yet, but my top priorities are the firewall features that protect my network from external threats and allow me to segment internal traffic. I also use the filter feature to filter internet ads and adult content. The filter list depends on someone keeping it updated, but the community has been great for this and it makes my internet browsing much faster because all the junk ads are blocked. 

pfSense would be much more efficient if it allowed exporting the entire configuration of a device after it's been set up. This way, the configuration could be easily imported onto another device, saving time and effort.

I have been using Netgate pfSense for one year.

Netgate pfSense is stable with zero downtime related to the firewall.

Netgate pfSense can scale at an enterprise level.

Cisco's firewall device proved too complex for me, ending up unused in my garage. Thankfully, pfSense offered a much more user-friendly experience.

pfSense deployment was straightforward thanks to the available documentation and video tutorials, although I did lock myself out once due to user error. While IT professionals might not always consult the manual first, pfSense helpfully allows saving configurations without immediate application, a feature that would have prevented my mistake. Learning from this experience, I now know how to leverage the provided resources for a smoother pfSense deployment process.

I did the deployment myself but someone who is not an IT person will require the help of an integrator or consultant.

I deployed pfSense in two and a half days. It included setting up VLANs for different purposes like a DMZ, server LAN, user devices, guest network, and VMware management. I also configured a firewall with rules to isolate these networks and implemented an IPSec VPN to filter out ads and malicious sites.

The implementation was completed in-house.

pfSense offers a surprisingly affordable enterprise-grade solution for small businesses. While my own pfSense 6100 costs $700, the value it provides makes it a very cost-effective purchase.

I would rate Netgate pfSense nine out of ten.

Other than installing updates, pfSense has not required any maintenance.

Before configuring your network devices, plan out your network segmentation. This written plan will guide how you set up VLANs, servers, DHCP scopes, and DNS. Think of it as a blueprint for your network design. While implementing the plan on a Netgate device or pfSense might be straightforward, without a clear strategy, you'll be overwhelmed by the available features. 

I use pfSense at home, and my friends and family use it in their homes. I'm also the IT solutions administrator for a council of governance organizations, and I use it for them. I use pfSense Plus at home and the community edition at some of my friends and family's houses.

I pfSense Plus at home and use the community edition at my friends and family's houses. I have used the community edition multiple times in labs, but I use pfSense Plus for all of my enterprise applications.

I started seeing the benefits when I began playing with it at home 10 years ago. It was an immediate success when I put it in enterprise locations because it was much cheaper than WatchGuard. I was familiar with pfSense, so I quickly trained my staff on it. They know how to operate everything well in pfSense.

With pfSense, you can do a failover. I have used that before, and I see it as a benefit, but there are some drawbacks. You have to use multiple external IP addresses to set it up, but it works well. However, I don't use the failover anymore because of the price. You can have two of these things on the shelf, and in the event of a failure, you can get another one up within five minutes by throwing it on there, configuring it, and plugging it in. That's my failover plan for all my main locations.

PfSense's visibility enables me to make data-driven decisions. I love the way they do geoblocking. You can see where you're improving. The logging ability is diagnostic. You can see all kinds of data. For example, when I make a new rule, Immediately know what's going through that rule. That visibility is very helpful in knowing immediately if my rules are being applied correctly. 

The most valuable feature of pfSense is that it's a stateful firewall. I also like the way the rules are implemented on the firewall. It makes things much easier to see at a glance. 

PfSense is the most flexible device I've ever used. It's open-source software. I've used all the big names, including Palo Alto, WatchGuard, and Sophos. In terms of dependability, this is the best of them. 

It's simple to add and configure features and easier than some of the big competitors like WatchGuard. The front dashboard on pfSense is very customizable. You can get it at first glance. Everything you need to do is in that single box. It shows you if your LAN and interfaces are up. You can see what kind of traffic is going across each interface because they give you a traffic graph that you can do for each interface. 

You can see if your gateway is up and precisely how much data passes through each interface. I like how you can get direct visibility over your IP address updates. If you're not running a static IP address, there's another cool thing on the front page where it shows when the dynamic DNS updates. The way you can customize that dashboard is cool. I haven't seen that with other firewalls, and pfSense gives you good visibility at first glance.

I don't think pfSense's web filtering solution is the best, so I don't use it for that purpose. They could add a little better web filtering solution to pfSense. They have solutions in place, like SquidGuard, but they aren't very good. 

Another feature about pfSense I would improve is adding a single pane of glass management for multiple units I manage across the municipal district. I would love to manage all those devices through one single pane of glass, but that's not a deal breaker for me.

We have used pfSense for around 10 years.

I rate pfSense 10 out of 10 for stability. I've never had a Netgate system fail on me.

The scalability of pfSense is great. It costs very little to expand to multiple systems across multiple locations. It'd be better if they had a mass edit platform where you're running multiple systems. I've heard quite a few people in the community talking about that. I heard someone in France was developing a dashboard that gives you visibility across multiple boxes, but the cost of deployment is very cheap. It's easy to put boxes out there and write rules for them. 

I rate Netgate support 10 out of 10. Most of the tech people I have contacted seem to know exactly what they're doing. They've got, like, 10 people named Chris working support. Every Chris that I've ever spoken to has been spot on. Every once in a while, if I call after hours or something, I might get someone who isn't as adept at it, but they quickly escalate it to someone who can fix the issue. 

Positive

I have used Palo Alto, WatchGuard, and Sophos, and all the major competitors, but I would compare pfSense to WatchGuard, the one I have the most experience with. In my type of environment, pfSense wins hands down over WatchGuard because it's a stateful firewall. One thing I've hated about WatchGuard is that it's not a stateful firewall. It's rules in and rules out. You end up getting thousands of rules over a four or five-year period. PfSense enables you to put notes on your rules. 

If you have a question about a rule, you can read the note you made when you made that rule. Having the ability to document your rules in the dashboard has been a game-changer for me. After you have used a stateful firewall, it's hard to go back because it's much harder to make rules on both sides. 

Deploying pfSense is as easy as any other system. It helps that pfSense has a massive user community and some great YouTubers, so you can go to YouTube University and become a professional with pfSense quickly. You can learn to do some complicated edits and set up complex VPNs. It takes only 20 minutes from start to finish. For maintenance, you only need to update it when the updates come out and change the configuration of your rules as needed. 

PfSense offers huge savings. The price is the lowest in the business. The only thing you can use in place of pfSense is a fork like OPNsense. I'm more familiar with pfSense, so I never got on the OPNsense bandwagon. 

I rate Netgate pfSense 10 out of 10.

My company uses Netgate pfSense firewall routers for some clients, but I choose the device based on their needs. For locations like restaurants that require constant internet, I use a different device with cellular failover built-in. The cost-effective Netgate pfSense is a good option in simpler locations like doctors' offices. I can leverage Netgate's ability to handle multiple ISPs for clients with large internet demands. Ultimately, the choice depends on the client's budget and specific requirements.

In my role, I decide what our clients should implement for their network security. I want to create a secure environment by separating the business network from the Wi-Fi and phone networks. To achieve this separation, pfSense uses different subnets to effectively block any incoming traffic attempting unauthorized access to the network.

pfSense is highly configurable, offering flexibility to tailor its features and functionality to each client's network needs.

pfSense offers a wide range of plugins and add-ons, making initial configuration straightforward. However, since I primarily rely on endpoint security products installed on clients' workstations for their overall protection, my pfSense setup focuses on basic functionality. This includes configuring the firewall for my in-house network and leveraging its ability to handle multiple WAN connections. Ultimately, pfSense's affordability and ease of use make it a great choice for me as a secure and customizable router/firewall solution.

Network segmentation offers the biggest benefit for my clients. By creating separate Wi-Fi, phone systems, and business network segments, I can isolate any security breaches and prevent them from spreading throughout the entire network. As the decision-maker, I prioritize client security without needing them to understand the technical details. My focus is ensuring their networks are secure.

I have never had any downtime using pfSense Plus.

The most valuable features of pfSense are its ability to segment networks, create different subnets, create different VLANs, and use the VPN, as well as its affordability.  

pfSense lacks a centralized web dashboard for viewing all my clients' pfSense dashboards. A single pane of glass for both web access and management would be a game-changer. This missing interface is my biggest frustration with pfSense, and improvement is sorely needed. I have clients all over the United States and would deploy many more pfSense firewalls if it had a centralized web dashboard.

I started installing Netgate pfSense for clients almost three years ago.

I would rate the stability of Netgate pfSense ten out of ten.

I would rate the scalability of Netgate pfSense ten out of ten.

We've worked with almost every firewall: SonicWall, Cradlepoint, Ubiquiti, Fortinet, and UniFi devices. You get into the licensing of some of those with SonicWall and Fortinet, and it's just not the product that I like to sell to my clients. I'm always client-friendly. I want to find the most affordable product for them that does the best job. NetGate pfSense is the right one for some but not for others.

The deployment is simple. We preconfigure the device in the shop and then take it out and hook it up in less than one hour.

We have three people total who deploy the firewalls, including myself.

Netgate pfSense is a set-and-forget product other than deploying and periodically updating the firmware. pfSense has been solid for me.

Unlike many firewalls that require annual licensing fees, making them expensive for small businesses, pfSense is an affordable option.

I would rate Netgate pfSense seven out of ten. The only area of improvement is the web dashboard, which is currently lacking in pfSense.

I use other products to control data security. Most of my clients don't have an in-house server. I work with small businesses, and that's why the Netgate pfSense device works well. For my larger clients, we go to the cloud for data storage and data security with redundancy. So, I don't use pfSense for data security at all.

pfSense is a good value for some clients; it's client-specific. It depends upon other things we are deploying there, such as what kind of Wi-Fi network we use. If we are adding a VoIP phone system. It just depends on what the client's needs are, but It is the right device for the right client.

A lot of our clients are small businesses. I've got one fairly large business. It is a restaurant group nationwide with 700 employees, but its main office has maybe 30 to 50 employees. So, that's probably my largest deployment of the Netgate device.

The only maintenance required for the pfSense firewalls is applying the occasional firmware updates.

Some MSPs are more focused on making money. I'm not. I'm focused on the right fit for the client, and the money takes care of itself. pfSense is a great device. I'm not focused on what will make me money. I'm focused on what is best for the client. In many decisions, the Netgate pfSense is the right decision for that client.

We use Netgate pfSense as the next-gen firewall because it has a lot of additional capabilities.

The solution's most valuable features are its ease of use and versatility. You can do anything you want with it. We implemented the solution for better security at better prices.

Netgate pfSense is extremely robust and stable compared to other firewalls.

You can use Netgate pfSense as a very basic firewall or with next-generation capabilities and full monitoring. With the command line and the openness of the platform, you can do a lot of things with the tool.

It is extremely easy to add features to the solution and to configure them. We have extensive monitoring capabilities that we have configured into Netgate pfSense so that we can probably monitor any firewall available. We have also utilized the solution's DNS black holes features.

When configured properly, the solution's data loss prevention capability is absolutely top-notch. We use the solution to monitor and detect users' odd or anomalous behaviors on the network, which are usually malware-related. We also use the tool to protect against various blacklists.

We use Netgate on Amazon and have one of their firewalls. Using pfSense Plus on Amazon EC2 has helped simplify our EC2 network. It has definitely helped us with Amazon and tightening things down there.

With the inclusion of firewall, VPN, and router functionalities, Netgate pfSense's total cost of ownership has been very good. For your infrastructure, you're typically looking at five to seven years. Netgate pfSense is definitely punching above its weight in that sense because it comes at a lower cost.

Based on our experience, it lives that long and longer than what you would expect. The solution's ROI and longevity do shine in that sense.

The solution's internal logging could be improved. However, it does have some external logging capabilities. It would be more problematic if you didn't have a very robust environment. We developed our own internal API about five to six years ago, but I hear all the time on newsgroups that one of the solution's biggest problems is API.

I have been using Netgate pfSense for over 15 years.

I rate the solution a nine out of ten for stability.

Netgate pfSense is a highly scalable solution. I would say there are at least three of us who are fairly proficient with the solution, almost at an expert level. We have a few others who utilize it, but they're limited in what they can do. Most of our clients for Netgate pfSense are small and medium-sized businesses, but we also have some larger businesses.

I rate the solution’s scalability ten out of ten.

The times I've worked with the solution's technical support, they've been excellent.

I rate the solution’s technical support a ten out of ten.

Positive

We are in the managed IT space and constantly deal with numerous, big name firewall vendors. Aside from the cost alone, Netgate pfSense provides a lot of benefits. Even if Netgate were the same price as the rest of the other vendors, I would still prefer to use Netgate just because of its ease of use.

The solution's initial setup is very straightforward. There's even a built-in wizard that will take you from out of the box to basic firewall setup in about 9 steps.

The solution's deployment time depends on the complexity of the environment that you're going into. On average, the deployment takes probably less than a day. We have a team involved in the solution's deployment.

We have seen a return on investment with Netgate pfSense. We've won some bids for firewall replacement jobs based on the cost alone.

I think Netgate pfSense is very fairly priced. I think it's a great way to get people locked in by being a little bit cheaper than many other solutions. Once they see it, they wonder why they would use anything else.

One of the features of pfSense Plus is backup capabilities, which didn't really help us because we had our own backup solution built in for several years. We also keep additional firewalls available if something like a storm comes through so that we can restore the configuration in five to ten minutes without too much trouble.

pfSense Plus doesn't provide a lot of features and benefits, but we use it because we want to see them continuing to develop the solution.

Netgate pfSense gives us a single pane of glass management, but we don't live in the firewall itself. We monitor it from our single pane of glass, which we're pulling about 20 other security stack solutions into as well. We're pulling in a lot of other enterprise-level solutions, including EDR, vulnerability scans, domain filtering, etc.

Since we have a few hundred clients, we have both cloud and on-premises deployments of Netgate pfSense.

Any product requires some care and feeding. It goes back to our monitoring aspect. As a general rule, you have some firmware updates about every six months. You definitely have a few things to maintain here and there in Netgate pfSense, but it's minimal compared to other solutions.

The solution's cost alone is well worth it. I would recommend it for its adaptability to any complex environment with added security features. You can start off by just doing a standard firewall and then grow from there and really expand on its security features. I really can't think of any reasons why you wouldn't use it. Netgate pfSense is pretty much all we use, and we use a lot of different vendors when we go to different places.

Overall, I rate the solution ten out of ten.

Our most common use cases are for our corporate firewalls, and currently, I'm using it as our school firewall. So it's our perimeter firewall. So, we're running three firewalls on our network. 

So we have separate networks each because we have, like, different use cases. So we're running three at the moment.

We've been running it for six years now, and so far, it's been good.

Netgate pfSense has been utilized to create and manage VPNs within our organization. So we're running pfSense with VPN on one of our private cloud providers. So we're using IPSec VPN on that.

For everyday tasks, we just get alerts. It's anything that's suspicious, including from our Netgate. So, it's part of how we maintain cybersecurity in our school. This is working alongside our endpoint security solution. 

We were using an open-source endpoint solution for that. So we're integrating that with the one we have on pfSense. 

The ease of use. Like, it's easy to manage the firewall, rule-wise and interface-wise. For me, it's quite easy and friendly to use.

We have a set of rules so that it can manage all of our rules. We have a complex network here in our school. We have a lot of rules running, so it's really easy to match all of those rules using pfSense.

Integrating pfSense with other products was a bit tedious at first. We researched and tested for about a month, so it was not too hard but not instant.

For the third-party packages, I'd rather have it built-in, like a core feature of pfSense, part of the core model. This feature of pfSense would be great, instead of relying on a third-party module.

I have been using it for six years. 

It's about 95% stable, not perfect, but quite reliable.

If I needed to scale it and merge our pfSense machines into one, I'd prefer a dedicated hardware appliance instead of running multiple x86 servers on the firewall.

We have around 4,000 endpoints. 

I reached out to support for an unusual CPU usage issue after an upgrade. They were responsive, and even though I ultimately found a solution, they were helpful in diagnosing.

Positive

We used Fortinet. We opted for pfSense because of budget limitations. pfSense was a more affordable solution for our requirements.

pfSense is easier to manage and offers modularity for features. With FortiGate, everything is there, but we might not need everything, and too many features can be challenging.

The initial setup is very straightforward and intuitive. 

We use the pfSense software directly and install it on our rack servers. So, we're adding three instances of that.

I handle all the deployment processes. I am the core manager for the entire infrastructure, so I manage and deploy everything.

I consider how many users and gigabytes we expect on the network and try it on a test network first to validate before actual deployment.

Just my core team members manage the whole deployment, so that's enough for us.

Migrating the old one to the new one took around a month because we have many rules, and the new Netgate was quite different.

From the maintenance perspective, it is not difficult at all. 

While configuring or maintaining pfSense, we had high CPU usage on one firewall, but the GPAC subscription provided a good response. The support team was helpful, and we resolved it in a few hours. So, we had good support because of the support subscription. 

We just have the yearly support subscription.

I just found pfSense online. I just tried it out on a home lab and found it worked well enough for us. So, just started out, like, searching online and responded and tried it.

I would advise you to try to estimate your network first and do a test network just to have a proof of concept of what you want to run and check the routes you want to run against your network, making sure that your requirements are valid before deploying it.

Overall, I would rate the solution a nine out of ten. 

I do some consulting work for a couple of organizations on the side, and I have a few personal home lab builds of pfSense, so I use it in both a professional and personal home lab environment. I'm using the community edition and pfSense Plus.

I began seeing the benefits of pfSense immediately. The use cases for pfSense were creating remote VPN servers and satellite offices where remote employees connect. I've been using it for so long now that I have some baseline configurations. When I bring a new site online, I load that default configuration and ship it out to where it's needed. They plug it in, and the system comes online. It's fantastic from that from that perspective.

PfSense gives you much control and visibility into your boundary that helps you identify nefarious actors and things that could lead to eventual data loss.

It helps minimize downtime from a boundary perspective. They have some features. I have used Plus in boot environments quite regularly to test out some things before going live into production, which has been nice because I've made some configuration changes that I regretted. 

The boot environments help you get back into kind of what you had. Both the community and Plus editions have a fantastic configuration export. Your boundary device is relatively static once you can configure it how you need it. You can export those configs relatively easily so that when something goes catastrophically wrong, the hardware fails, or something along those lines, you can reload the configuration onto that device or the replacement device and go about your day. 

One thing I can say about pfSense specifically and the Netgate hardware is that it is not something I worry about from a security or a resiliency perspective. It's stable. It works. I have the ability to forget about it. As an IT professional, I have so many things to worry about daily, and it's incredible to minimize those things. I think pfSense has done a great job in that area.

There's a lot of logging that produces a ton of data I can pull into a data analytics platform and make data-driven decisions about bandwidth increases or changes to firewall rules, intrusion detection rules, or employee access.

It also enables us to optimize performance, one of the biggest things you do when you get a new Internet service provider or a modem replacement or something along those lines. There are tons of tools built into pfSense that let you look at how that's working, and even some tools online that allow you to tailor that experience based on your real-world use case.

In the time that I've used pfSense, I'm continuously blown away by the quality of the product, its attention to security, and all of the features it has. It's easy to use. The web-based interface is great. The tutorials on the website are fantastic. I wouldn't say it's necessarily one feature. It's the full offering of all of the features that make it for me. I use firewalling, intrusion detection, and two of the VPN features: WireGuard and OpenVPN. 

The flexibility is great. PfSense will run on homebrew hardware and Netgate. The interface is excellent on the web and through the console. There's a lot of flexibility through the console. It lets you get into a low bandwidth environment to do the things that you need to do when you're remotely administering some of these things. 

I enjoy the fact that the web interface is customizable. A seldom-used feature is the ability to change to one of several built-in themes. I use those themes to tell which system I'm administering because they're all remote to me, and the interfaces all look the same. I don't have those little tells about changing the colors of certain things. 

Sometimes, it takes some back and forth to figure out which one I'm on. I never thought the themes would be a feature I would use. I use it all the time. The user interface is fantastic and responsive. The tooltips are in the right areas and help you build out your firewall and boundary device.

The ease of deploying and configuring features depends on the feature. Most of their features are designed to be implemented with some basic knowledge level, but some are super-advanced, and you need that knowledge level. They have excellent guides for just about every feature on their website or that's inside pfSense. They're great. They explain all the different things about adding new features and each package's function. I don't think that there has been a feature that I wanted that someone didn't already have a package built for.

I would like to see a better plugin for data analytics. They have some things that you can do, but it's not purpose-built to get data out super easily. That's kind of an advanced feature, and you do have to do some configurations that are a little more advanced than some people might be comfortable with. 

I would also like some type of fleet management, like a dashboard where I can see multiple pfSense and their statuses. I'd also like that to be self-hosted. I don't necessarily want a cloud version of it. I'd like to host that at a parent site and have the satellite offices push their status there. 

I have to manage each of the devices individually. There is no interface where I can manage multiple devices. I wouldn't call it single pane of glass management. It does give me a single pane of glass for everything related to the boundary, including VPN intrusion detection, DNS, DHCP, VPN, and firewall rules. But it doesn't have that fleet management piece. I would love to see something like that.

The last thing that I would like is not a feature. It's Netgate as an organization. I would like more transparency from them when they make some decisions that sometimes appear to be made in a vacuum. Most recently, the change in licensing and some of those things did not go over well in the community in general. I think some transparency from their organization would be valuable to the community at large.

I've been using pfSense for around 15 years.

I rate pfSense 10 out of 10. I have never had a system fail in more than 15 years. I've never had one fail on-site. They are incredibly stable and resilient

PfSense is highly scalable depending on the hardware you buy. Their hardware is well-documented. If you buy a device designed to scale with your business needs, I don't think there would be any issues with that.

I rate Netgate support 10 out of 10. I have never had a bad interaction with any of their folks. They respond quickly, and their answers are always extremely thorough. 

Positive

I used the old m0n0wall, which I migrated away from. I have also used SonicWall and OPNsense in a lab environment and various Cisco and HP devices throughout my career.

PfSense offers the best bang for your buck from a feature and cost perspective. Many other systems have some cool features that either aren't necessary or are significantly more costly than pfSense.

The initial deployment is easy, and it's even easier once you've spent some time with it. If you buy devices from Netgate, they provide you with "zero to ping." 

Even if you have some kind of odd setup or something weird you can't figure out, you can call their technical support, and they will help you get online. They'll even remote into the device to help you get online or solve a problem, which is incredible. 

Now, I have a standard image that I use from a configuration perspective, so it takes me about half an hour. It is typically a one-person job. The only reason why I put a caveat on that is I am fully remote from all the services that I support, so I do need a person on-site to at least plug the thing in, but the rest of the setup is a one-person job. After deployment, it doesn't require any maintenance aside from standard firmware updates. 

I don't like subscription models, and unfortunately, the latestpfSense license, pfSense Plus, went to a yearly subscription model. I think yearly is probably the best of the worst because at least I can pay it once, and be done with it for the year. I would rather see either a one-time cost or something along those lines that would be at that price point. I think the costs for their hardware are reasonable. I wouldn't call them cheap, but I also wouldn't call them expensive. I think the hardware costs are reasonable.

I personally run a couple of black box or white box servers that are custom built using pfSense Plus that I've licensed, but all of the other deployments that I support are devices purchased from Netgate.

I rate Netgate pfSense eight out of 10. I recommend that new pfSense users join the community. PfSense has an active community on Reddit and a community forum. You can also get a copy of the community edition and deploy it to a virtual machine to learn it before you put it into production. You won't be disappointed.

We're primarily using the solution for testing. We're also using it internally at our own site, mostly as a reverse proxy, but also for the speed. Not all firewalls have 2.5 and and ten gig WAN ports.

The format, the layout and the interface are excellent. We really like that it is quite simple to use and straightforward. The quality, in particular, the ones we have is the Netgate unit, is particularly robust in terms of the look and feel as well as their speed and quality.

We appreciate its flexibility. Its usability is great.

We were able to witness positive results from the product pretty much immediately.

Its SD-WAN capabilities are great. The onboard storage is nice for keeping configs and logs, et cetera.

We do get a single pane of glass for management. It's well laid out and provides clear visibility into management features. Everything is easy to find within the menu bars and options. It is all very logical.

We're using the Plus version with Netgate.

pfSense does provide features to help minimize downtime. There's a failover availability, and there are high availability configurations. We don't use that; however, that's good to have if you need it. Having multiple endpoints or configurations on all of the ports is possible. It helps keep up our site and other sites.

With the logging capabilities, the solution provides visibility and enables you to make data-driven decisions. A lot of our clients are smaller, so they are nowhere near the limits of what pfSense can do by any means. 

The ease of changing parameters helps us optimize performance. It's a lot easier than what can be done with competitors, for sure. 

The solution could improve by adding in some sort of user account credentials in the sense of accommodating more levels of users. From what I've found, everybody has basically the same access. 

A formal partnership with some sort of VPN vendor, like OpenVPN, would be nice.

I've been using the solution for a couple of years. 

The stability is very good. there is no lagging or crashing. It's reliable. 

The scalability is good. However, we and our clients aren't too large. 

I've never needed to contact technical support. 

In the past, we have used Fortinet devices. pfSense is definitely easier to configure and use. It doesn't have quite the same feature set. However, that's fine - you don't always need the full feature set. We find that the add-ons that are available are fine. You just have to find them from a third party. 

The initial deployment was easy.

There isn't any maintenance needed beyond updates. The base install probably took ten minutes and to configure it properly takes two to three hours with some internal servers and multiple ISPs. You just need one person to handle the process. 

I'm using pfSense via Netgate devices, which are reasonably priced. The solution seems to be reasonable. It's well-priced for what you get. It's a bit lower than the competition if you are trying to gauge the cost of ownership. And it adapts well to different speeds.

I'm a customer and end-user. 

I'd rate pfSense eight out of ten.

If a person is familiar with firewalls, they'll be fine adopting it. The interface is pretty easy.

I use it as a firewall and router. I use it in a few locations. I have three pfSense products.

I like that I can geofence and block different countries from accessing my network.

The flexibility is very good.

I noted the benefits of pfSense within a year. I had it on my VM for a year and then put it into production. 

It's good at blocking malware and DNS attacks. I don't use it for data loss prevention.

The solution gives me a single pane of management. Everything is accessible from the dashboard.

It provides features that help me minimize downtime. I have a WAN, and if any of my WANs go down, it's okay; I have them connected to pfSense. 

It helps me make more data-driven decisions. 

With pfSense, I can optimize performance. 

I don't really need too many features. I just use it as a plain firewall. I like to keep it clean. I don't like to run too many things on it.

The configuration can be a little difficult. You need to know the system a little bit. Even now, I do have one in a VM where I test my stuff, and then implement it into production.

They could make it easier to configure packages. They could have a wizard that helps you out a bit more.

I've used the solution for more than five years. 

I haven't had any issues with stability.

I haven't had issues with scalability. It's easy to back it up and load the backup.

Technical support is fast to respond. However, I did have to eventually pay for them to help me out. I had some problems with the firmware. Someone remote into my appliance and fixed it. They patched it up and now it's working fine. 

Positive

I've used OPNsense and SonicWall previously. 

While pfSense has more features, OPNsense is a lot easier to use. 

I have the solution as an appliance. Deployment for a device is a little bit hard, so it can take a few days. 

Maintenance is required every few days.

I did not have any help from outside consultants. I manage the deployment myself. I was able to eventually figure it out myself via forums. 

I like the fact that there is a free version. I'd like the entire offering to be free. That said, it's 100% worth the cost of ownership.

I use both the paid and community version.

I'd rate the solution eight out of ten.

I would advise new users to test it before implementing it in their environment.