Netgate pfSense Reviews

We use the solution as a gateway appliance for our own corporate network as well as that for many of our clients. It has become our go-to gateway appliance for clients when they're looking to to have a new network stack installed.

Many of our clients are smaller. However, the big features for them are usually the built-in OpenVPN server for client-based VPN access. The site-to-site links and IPsec site-to-site connectivity are great.

The flexibility is one of the reasons it's become our go-to unit. We don't, unfortunately, get to use so much of its flexibility on a regular basis. That said, I love the fact that it can basically do whatever we need it to do all in one piece of gear.

It's relatively easy to add additional features. They have an application store that already has tools that you can add to pfSense as you need them. At this point, there are 30 or 40 or more of them.

In the long term, when you buy a piece of hardware, you basically get updates for that device for the life of that device. You're not paying for additional licenses throughout the life of that device. You just pay for it once. We do Meraki devices as well, and, every year or few years you need a license. You have to renew. 

There are some features in pfSense that help you to prevent data loss. Even just on the firewall side, you can limit what people are able to reach out to. The outbound filtering has a massive effect on that. They also have some other web filtering tools built-in; however, we don't typically use those. We have other tools for that.

pfSense offers a single pane of glass type of management per client site.

The solution does provide features that help minimize downtime. We don't use these features. However, we know they are available. We have the ability to offer that service. You can hook up two of the gateways in tandem. That way, if one of them ever does fail, it automatically fails over to the other functioning unit. 

pfSense provides visibility that enables users to make data-driven decisions. You can look at the amount of bandwidth used by the device as a whole or as a client. If there's a problem or if Netgate isn't performing per the client's wishes, we can easily make an assessment.

The visibility in pfSense helps optimize performance. There are a lot of different visualization aspects, including some bandwidth charts as well as some other built-in ways of looking at the way the data or information is flowing through the system, which definitely allows for that.

Something that we would really love to see is a real single pane of glass management for multiple clients. Having a reseller portal of some kind that allows us to easily remotely access all the different pfSense gateways that we have out there (like Meraki does with their equipment) would be ideal. Right now, we have to manage client by client and just maintain access per site, basically.

We've been using the solution for the past three or four years. 

They are super stable units. I have not had a single complaint about them.

They are definitely scalable. You can add your own additional storage to them. You can add additional memory to them if need be. They're very scalable, considering what you see in the rest of the gateway appliance market. Those are usually just static boxes where you get what you get, and that's it.

I have contacted support once. I have a Netgate pfSense box that I run as well. I got a little impatient when a firmware update was happening and thought the device locked up and rebooted and ended up having to push the default firmware back. I got help over email, and they were great. They gave me a copy of the factory firmware and I was able to recover the unit.

Positive

We've previously used Meraki. We use their gateways as well. We also used to use some Unify gateways but it was too limited. 

pfSense is great - and more flexible. It's better than both. It just lacks a centralized management portal. 

Initially getting into it, it took took a second or two just to get our team trained up on it. Since it's so flexible, there are some initial configuration assumptions that aren't made. You can do with the device as you wish. There's a lot of network equipment out there that has done a little bit too much hand-holding in terms of the initial configuration, however, those are also devices that are much less configurable. Going in, you want to understand networking a little bit more to make some of those decisions when you're setting up a pfSense box. 

How long it takes to implement depends on what you call fully deploy. We're still in the process of doing that. We have, especially on the Unify or Ubiquiti side, every time we have a client where one of those devices fails, we're putting in a pfSense box at this point. We deployed it on our own corporate network rather quickly. I had it done in a couple of hours, basically. 

There is some maintenance needed. The firmware updates, and we want to make sure that we're watching for when the new firmware is released, especially if it's being released to cover some known vulnerabilities.

We did the implementation all by ourselves in-house.

We are buying the Netgear hardware and we get the license along with it. The total cost of ownership is is extremely low when you compare it to a lot of the other devices or other gateway appliances that are available on the market.

The pricing is great - for the hardware, at least, which is generally what we're paying for. I was very aware of and paid attention to all the noise that went down when they changed their licensing, especially for the community edition. They created a new product called the Plus version of the license. 

For what they charge for it, which is maybe $100 a year, it's still good. If you wanted to build your own router, pfSense is more than worth $100 a year to have all that flexibility and maybe your own piece of custom hardware that you want to run it on. It's definitely a value-driven product.

We're using the Plus version since we buy the Netgate hardware. That comes with pfSense, and we're typically not building our own gateways.

I'd rate the solution nine out of ten.

My advice to new users would be to practice with the product when you get an appliance. It's always easier to start learning with an appliance directly from Netgate. Just set it up and mess around with it maybe on a network that is a test network of some kind. Something that's not in production. It's not a hard device to understand if you understand networking at all. 

I have two installations at schools as firewalls. The biggest drivers for using pfSense were cost-effectiveness and functionality. It offers higher functionality for its cost.

The benefits are fairly obvious at the beginning. There's no specific time frame required. The flexibility and consistency of the product are what draw me to it, regardless of the size or capacity of the operation. It's easy to deploy.

Arguably, the use of products like Suricata for intrusion prevention could help prevent data loss.

It gives a single pane of glass for each individual device, but not across multiple devices. pfSense could catch up with other market providers by offering a view across multiple devices, but the current interface is fine. It is just we have to individually manage each one. 

There are two versions of pfSense, the paid "Plus" version and the free "Community Edition." I use the "Plus" paid version. 

The way pfSense handles system updates is pretty good. The updates are virtually transparent to any downtime. I've had pfSense boxes running for 200 to 300 days with no downtime. From a software standpoint, pfSense is about as bulletproof as it comes.

pfSense provides visibility that enables us to make data-driven decisions. Its reporting is effective. The data is effective in making decisions based on traffic. It is not just one feature, it is how we manage data traffic. It provides adequate information to make decisions based on traffic. 

I have used pfSense in virtualized environments, just not on AWS.

It allows me flexibility in hardware size and capabilities while maintaining the exact same interfaces and controls. 

I also like the fact that based on its operating system, it has applications that can be added, such as IDS/IPS and filtering.

I would like to see a single pane of glass for multiple devices.

From a service provider standpoint, it is a bulletproof operation to deploy. Aside from being able to manage and monitor multiple devices from a single pane of glass, that would be the only thing I would change.

I've used pfSense, probably for the last two or three years off and on.

It's one of the most bulletproof solutions out there. I can't recall a problem where the system locked up or had any issue that required intervention to get it started back up again. 

Aside from possibly a hardware failure, I haven't had any problems. And that's not the software.

Scalability is one of the reasons why it's a good product. You can utilize it in a budget-friendly way as well as a full-on enterprise. pfSense is almost infinitely scalable. Obviously, hardware is the dictating factor.

I have never had a reason to contact customer service and support. 

I've used Unifi products, DrayTek products, and Meraki products.

From a capability standpoint, I would put pfSense at the top of functionality. DrayTek comes close; however, it lacks the add-on applications. So, I would put pfSense at the top. 

I build the machines myself. Their hardware is not overly special, and I think it's overpriced, so, I build my own.

It's easy to deploy them, but then I've worked with them for a while. If I reflect back at the very beginning, there is a bit of a learning curve, but I don't think it's that steep. Overall, it's fairly easy.

It's fairly easy to add and configure features in pfSense, though it depends on the application. So, it is moderately easy. Some are simple, while others require a lot of preplanning and time to configure.

One person can deploy it, but the deployment time varies because it depends on the network design. It can be up and running in ten or fifteen minutes, but configuring it for the network design may take longer.  

Not much maintenance is required from the end user. Netgate pfSense do a very good job of keeping the application and operating system up to date by itself. Occasionally, applications require updates that need manual intervention, but for the most part, updates can almost be automated.

pfSense's pricing or licensing model is very affordable. Netgate hardware is a bit overpriced, but the software itself is arguably underpriced.

I have not come across a more effective product. Unifi products are inexpensive but not feature-rich by any stretch of the imagination. From a pure feature standpoint, hands down, I would argue that Meraki is as capable and comparable in features, but the cost is prohibitive for most small businesses.

From a pure feature-function standpoint, pfSense has the best total cost of ownership, once it's installed, I don't have any problems with it. If taking into account the software licensing, the hardware, and the amount of time it takes to manage, I'm not sure there's a better TCO on the market.

Overall, I would rate it a nine out of ten. 

I work in cyber security and have two instances of pfSense running in high-availability mode for my home lab and use. 

I saw it was secure immediately after deploying pfSense. I didn't need to start configuring the firewalls to make them secure. They were already configured securely after the deployment. If you want to make them more secure, you can do that.  

It provides visibility into the VLAN configurations. I can see the traffic and configurations of the table sizes, the temperature, memory usage, etc. I probably have about a hundred devices. I can see the IPs and decide what I want to connect to. 

PfSense helps to optimize performance. I've gone through some of the dashboards. I can see from the system. I'm looking at the advanced settings in the general setup. The information provides a default, maximum, or minimum in terms of some of the configuration profiles. I can do a few tweaks to get the maximum performance out of it. It's useful from that perspective. There's a lot of documentation around it and a lot of support forums. They provide a lot of guidance in terms of the configuration. 

Other firewalls I've used are difficult or overly complex to configure and don't provide the same level of control that I feel PfSense does. I wanted to go down a route where I could have full control. I like the ability to set up my firewall and access points, link everything together, and be in control of the routing.

PfSense is highly flexible. I looked at a few of the other products before I chose PfSense. From what I read, it can provide many configurations out of the box. It was easy to configure. The user interface and dashboard are informative and intuitive.

It provides a single pane of glass view from the dashboard. From the dashboard, you've got system information, traffic graphs, and information on the services and the interfaces. I can see the information and the packages from that point of view. It does provide a single pane of glass, but I think I'd like to see a little bit more configuration in terms of what else I can add in.

If you look at the pfBlocker's rules and feeds you can block, it's a little cumbersome to identify the logs and see what isn't allowed through and why.

I have used pfSense for about two years.

I haven't experienced any crashes. 

My appliance has 64 gigs of RAM and 1TB on the main disk. From that side, the performance is fine. I've not had any issues with throughput. I think the hardware and the throughput that I need complement each other. I think it seems to be fine from the scalability side. When I look at the dashboard, the CPU rarely gets above 10 percent, and the temperature stays around 30 degrees Celsius on a fan-less appliance. Memory use is low. It's handling the traffic, and I've got a gig broadband throughput, which is fine. I don't have issues with the VPNs, VLANs or performance problems with the firewall itself. 

I rate Netgate support seven out of 10. I've installed pfSense a couple of times. The most recent was about two weeks ago, and I had an issue with the installation that took me about six hours to resolve. When I raised the ticket with the help desk at Netgate, all I got was a couple of suggestions that I'd already tried, The issue I found was the installation doesn't stop to allow you to configure the interfaces or the VLANs.  I had to try several times to get the details in at the right time for the configuration - otherwise, I had to reboot and then try again. 

When I raised this with support, after I found out what the issue was, all I got from the support team was, "Glad you got it sorted." I was expecting to see a ticket raised or a request for more detail. 

Neutral

Going through the wizard is easy. I've been in IT for more than 30 years, so working through things isn't difficult. There's some complexity here and there around the firewall rules. The rules themselves and the floating rules for the firewall were a bit complicated and difficult to understand. I think some of the documentation wasn't straightforward. Once you've sorted those out, the rest of it is quite simple. The initial deployment and configuration took about four hours, and there were a few tweaks after that. 

In terms of maintenance, the only thing I do occasionally is the backup. In cases of failure, I back up the configuration, which takes the DHCP allocations and the configuration of the packages, but I do that for recovery purposes. The only other thing I do renew the certificate on the firewall via the inbuilt packages. Creating the LetsEncrypt configuration is very easy and the cron job allows the renewal to automate every 90 days. I have to bounce the firewall to pick up the new certificate which I could automate - but I like to be in control of when this is done. It would be useful to have something where I can just restart a service to get that up without having firewall downtime.

I can see why they're doing it, but there are questions about cost versus benefit for users using it at home or for a home lab. It is a useful product for securing whatever you've got behind there. I can see the benefit, but I think between the community edition and pfSense Plus, there could be something in the middle for those who don't use it for corporate reasons. They want to use it for either a home lab or just for home usage.

I'm getting an excellent product for what I'm paying annually, but if the cost increases for home usage I would reconsider. It's definitely worth it for an organization to pay a higher fee for the licenses to protect their assets, but there's also a question regarding home usage. I'm happy as long as the pricing model stays the same, but I think if it increased, I'd have to decide whether to stay with it, go to the community edition, or opt for an alternative solution. I don't run pfSense on Netgate appliances, so I'm not really tied into pfSense.

I looked at OPNsense, but I haven't spent too much time on that one. I've also used the pfSense community edition, which I used for quite some time. However, I think with the changes, support, and upgrades, it's an easy decision to move to pfSense Plus.

I rate pfSense nine out of 10. It's a good product and well-configured. It has a lot of usability, and user configuration is easy. The only thing that's lacking is around the firewall logs, which are a little bit difficult. I'd like it to be easier to access them instead of going into the Status menu and then the System Logs.

Do you have any advice for new users of pfSense? How should they prepare? What should they be ready for, for example?

The first piece of advice to new users relates to the installation. If there are any issues, think about what it's asking you. One of the issues I had was around the interface allocation. It asks you to set up the interfaces, but it doesn't stop the installation from skipping through them. If there are any issues from a configuration or an installation perspective, one thing would be to look at the boot configuration and see what's going on there.  Make sure the connections are correct to the ports and then reboot the firewall. 

Regarding the dashboard, I'm working through those and looking at the information it provides you, then going bit by bit in terms of the configuration. The hardest part that I found was the VPN. Looking at the VPN as an example and then VLANs, working through the firewall rules takes a little time, and it is quite cumbersome. Rather than setting up a lot of VLANs and doing the rules across all the VLANs, the easiest way that I found was to get one working and then copy the rules across the other VLANs.

I use pfSense for my home network firewall.

I've installed pfSense on nearly every environment type, including Virtual Manager and most virtual machine hypervisors like Microsoft Hyper-V, ESXi, and even older versions like VM Player. Currently, it's running as a VM in Virtual Machine Manager on my NAS, showcasing its flexibility.

pfSense is a highly flexible product with a rich feature set. While designed with a graphical user interface in mind, it also offers command-line access for greater control. This versatility allows users to tailor the product to their specific needs.

Adding packages to pfSense is straightforward; navigate to the package manager and click "add." However, incorporating hardware, such as a dongle, is slightly more complex.

I saw the benefits of pfSense immediately. Going from a SOHO router to a pfSense one is night and day. pfSense is an enterprise-grade product that is easy to use and has a simple GUI.

The dashboard is very handy. I use mine almost daily. I can put up the widgets I want to see or remove widgets I don't want to see. It has pertinent information about my services running, any VPN connections I have, and clients connected. It's a nice dashboard.

The failover functionality for connectivity helps minimize downtime. It has also been simplified recently with some excellent added features. If I lose or corrupt my image, I can easily reinstall the operating system and restore my configuration. I'm pleased with these features of pfSense.

pfSense is a straightforward, feature-rich firewall. I am a big fan.

One area where Netgate could improve is communication with its user base. While they make an effort, much of their user base isn't composed of enterprise-level engineers who regularly read release notes and stay abreast of feature changes. A few years ago, they held a commendable meeting with forum moderators to discuss upcoming changes, which was appreciated. However, they could enhance their communication further by providing more precise information about changes and release timelines for new features.

I have been using Netgate pfSense for 13 years.

I have not contacted technical support for any technical issues. I did contact them for a replacement box, and their support was fantastic. I received the replacement box within a couple of days. I do contact their TAC when they release a new version. That process is changing with their new Netgate, the store, and everything. Previously, if we had a Netgate appliance and wanted a new image to install natively, we had to contact TAC with a ticket. The turnaround time was always excellent, just a couple of minutes. They would provide a link where we could download the image. I've been surprised by how fast they respond sometimes. Even when they're in the middle of deploying a new version, I've reached out and received a download link within five minutes. So they're usually on the spot.

Positive

Over the years, I've played with quite a few different firewalls, but I always go back to pfSense. It's a leader in its field, with its direct competition being OPNsense. There was a feud when they forked off. pfSense is the leader in that sense.

Installing pfSense should be relatively straightforward, even for a network engineer unfamiliar with the product. The process is user-friendly and guided, similar to installing an operating system like Windows. With a basic understanding of networking concepts, setting up pfSense can be accomplished within minutes. The main challenge arises when users need more fundamental networking knowledge, such as understanding IP addresses or the difference between DHCP and static configurations. For someone with networking experience, however, the installation process is quick and straightforward.

The pricing is reasonable. It costs money to run a product. It used to be completely free, and I think that's where many people became a bit disappointed when the pricing model was introduced, but I think it's a pretty fair price point. Some users don't understand that they can't offer everything for free. The development work involved costs money.

The inclusion of firewall, VPN, and router functionalities significantly reduces the total cost of ownership. In my previous role, we utilized pfSense in some locations due to its superior cost-effectiveness compared to other enterprise solutions. For smaller companies or those aiming to reduce expenses, it's a highly affordable option, and even their hardware is reasonably priced.

I rate Netgate pfSense ten out of ten.

We deploy Netgate pfSense primarily as enterprise-grade routers and VPN endpoints or VPN servers.

It's a firewall that provides frontline defense for any network. We saw the benefits of pfSense immediately upon the first deployment. It has several features that prevent data loss. For example, it allows automated backups of the configurations. It's nice to know that any changes are captured, and we can easily be pulled back to a new device should the current one fail. It also helps to optimize performance. We get good real-time statistics that Netgate can use to optimize performance. 

The automated backup is great. PfSense is an incredibly flexible platform. You can install whatever plugins you need and get lots of community support. There is tons of built-in logging, and the add-on packages you can use to analyze your traffic have been handy. That can generate a ton of data for us to look at how the network is being utilized and what changes need to be made or where we can improve.

From the hardware perspective, it seems like there has been a lot of turnover at Netgate. It comes with the territory because processors and other boards change so fast. But I'd like to see more continuity in the product line and a longer lifespan for a specific series. The operating system side of it has been rock solid, and the appliances have been great. I just want to not support many different appliances. I want one we can standardize for several years.

I have used pfSense for around 10 years.

The stability of pfSense is rock-solid.

The scalability of pfSense is also excellent, assuming you purchase the right hardware on the front end. In our case, we're doing physical deployments, not cloud-based.

I rate Netgate support 10 out of 10.  Their in-house support team is excellent. Each appliance comes with the minimum support needed to get a network connection. The support is knowledgeable and responds quickly, so the questions are addressed professionally and accurately.

Positive

We've used some Cisco products. I prefer the pfSense licensing model. You can get ongoing support and updates continuously. I don't need to pay again to patch a system. Cisco licenses connections. It's such a licensing problem at Cisco that I prefer dealing with pfSense.

We deployed pfSense on physical appliances. I think it's fairly easy for the average IT technician with no prior experience if they understand that it's primarily configured through a web portal instead of a command line configuration. PfSense can be deployed on one instance in 15 to 30 minutes.  

The documentation and community support are great, so many answers can be found without reaching out to their support. It requires no maintenance aside from regular updates and patches. 

The pricing is fantastic, and the market bears it easily. The total cost of ownership is so low because the license and the hardware are remarkably good. You don't have any recurring fees or licenses to maintain. With pfSense, you pay the upfront cost and that's it. The upfront cost is reasonable.

I rate Netgate pfSense 10 out of 10. I love using pfSense firewalls. 

We use pfSense as a small business firewall and as a VPN gateway. 

PfSense provides us with a cost-effective but reliable network appliance. We have a standard networking device that lower-end help desk people can use effectively. It's less complicated. We moved from another platform that although the hardware was reliable, the software wasn't particularly reliable, and it was difficult to use.

It helps our operations because it's a standard platform anyone on our help desk can use. Every site will be pretty much the same. Once cloud management comes out, it'll be even better. 

PfSense is fairly simple to configure and has a good administration interface. It's built on pfSense, so I know it'll be reliable. It is quite flexible, and adding and configuring features is pretty easy. There's a lot of support for add-ons, and we can do a lot of stuff with it, so it suits our needs perfectly.

It secures against data loss pretty well. Plus only has a few additional features over the Community Edition. We mainly use Plus because it comes with the Netgate hardware.

The only feature I want to add is cloud management. I'll be an early adopter of that one. We're ready for that feature, and it's one of the few missing things, so that'll be excellent when it comes.

Another thing that's primarily an issue for us is that Netgate may soon stop production of the 1100. That's what we use for our telephony gateway. It doesn't need to be high performance, but it does need to be low cost. If they stop it and make the 2100 the lowest, that will be problematic for us. We will need to start using something else because it will become too expensive for our purposes. 

Effectively, we are using it as just a VPN gateway, and 1100s are great for that. What's annoying is that we cannot buy the 1100s directly because we're not a partner, and it isn't approved for connection to Australia, so we need to buy it through a company that went out and got it approved. We lose a bit of margin doing it that way. We can buy 2100s and above directly, but we must go through a reseller to get 1100s.  

I have used pfSense for two years.

I rate pfSense nine out of 10 for stability.

Netgate pfSense is scalable.

I rate Netgate support seven out of 10.

Neutral

We have used some other hardware, but the software was a dog. It's pretty difficult. We've also used some UniFi solutions, which are good, but they haven't sorted out the VPN component, so we'll continue using Netgate. Once they work out the kinks in their software, they'll possibly have a compelling solution. 

However, if Netgate stops selling the 1100, that could be quite problematic for us, and we'll probably go with Ubiquiti because it's too expensive to use 2100s for VPN appliances. 

PfSense is straightforward to deploy once you know what to do. It's a one-person job and takes a couple of hours. After deployment, it requires upgrades, but that's it.

The total cost of ownership is good because you buy it upfront and don't need to pay a subscription fee. We've spent a bit more, but we pass that along to the customer. In the end, everyone wins because they get a reliable solution, and we get something much easier to manage. 

I rate pfSense five out of five for pricing. It's fairly priced. We wouldn't buy it if it weren't. There are cheaper firewall options, but they aren't as reliable and easy to manage. Of course, there are also more expensive ones.

No ongoing subscription fee is nice because many of them are small businesses that don't want to pay for an ongoing subscription. It's always being updated, so that's good from a security perspective.

I rate Netgate pfSense seven out of 10. I would recommend it to others.

We use pfSense as the main office gateway for firewall router access and OpenVPN for remote access.

We wanted to move up to a much more modern integrated system. Before adopting pfSense, we had an old basic router firewall that was starting to get long in the tooth. PfSense gave us more capabilities to monitor and set firewall rules appropriately and have all of the remote login capabilities with two-factor authentication.

I'm much happier because I don't need to see as much stuff in the logs. PfSense is blocking so much of that, and I feel more secure about it. We needed two-factor authentication for node access, and that's been a massive improvement. Also, allowing the staff to access the network remotely and use those applications has certainly helped. It made us more confident in what the firewalls were doing and gave us better controls on remote access. It adds another layer of protection for us.

The solution gives us a single pane of glass management for probably 99 percent of it. I don't need additional network infrastructure to handle the required jobs. The ability to back up previous installations, snapshot them, and go back to them if I break something has helped eliminate downtime. That's handy in terms of getting things up again. 

PfSense Plus helps us optimize performance. We can identify pieces that aren't performing as they should and lock them down or reconfigure functions inside. Our ability to see what's going on with the network has improved quite a bit. 

Remote access with two-factor authentication was a big one for us. Pulling in things like Endpoint NG to monitor traffic has been quite helpful. The pfBlocker has been good. It helps us limit who's trying to bash away at access to the systems.

PfSense has been flexible for us. It's done everything we've asked for. Adding plugins is pretty easy. You go into the little application section and install what you want. The documentation that they have online is certainly helpful. Most things are open source, so you can usually find additional notes about problems. 

One or two of the plugins didn't do what I wanted them to do. Maybe that was a misunderstanding or it's not quite ready yet. Sometimes, it's hard to wrap my head around the way the firewall rules work. 

It has been about a year since we purchased pfSense.

I rate pfSense nine out of 10 for stability. I've only had it lose its brains on me once. That was probably me just configuring something, getting lost, and going around in circles.

I rate pfSense 10 out of 10 for scalability. It's got plenty of scalability, and we're not pushing it unusually hard. 

I rate Netgate support nine out of 10. I've used them a couple of times, and they're prompt in responding. If the issue is outside their purview, they can point you to where you can get the information. Most of my questions had to do with third-party plugins more than the core Netgate infrastructure, which has worked fine.

Positive

It's a bit of work to initially set up virtual networks inside the office, and we have to add several staff members to the various servers and create additional firewall rules. This is a little bit. It isn't simple for a business with lots and lots of internal stuff, but it wasn't hard, either. 

It took a couple of days to get it online, but we spent a week tweaking it until we were fully happy. We needed one and a half people to deploy it. Other people on the network had to help with the configuration.

We've seen a return in the form of time saved. I can rely on it, get the nice logs out of it, and see what's happening. It saves me about 5 percent.

PfSense is reasonable for a business but a little pricey for home use. With the time savings and reliability, it pays for itself. I've been more than happy with the unit we've gotten here for the capacity we need. However, it'd be nice to have nice to have some nice home units that aren't a thousand dollars.

I rate Netgate pfSense nine out of 10. I would recommend it for business use cases. It's not appropriate for someone in a home environment, but it's good for business. 

I work for a small business. We have a number of different remote sites, so I use the solution as my primary firewall. I use it as a way for my remote sites to connect back to the main office via VPN.

The VPN features are the most valuable aspects of the solution.

It's pretty flexible. It does everything I need it to do. My use cases are somewhat limited.

I do like how easy it is to restore if you lose a router. I lost a firewall over the weekend at one of my remote sites. As of right now, I'm setting up a new piece of hardware and restoring it. It couldn't be more simple.

There are features in pfSense that help me to prevent data loss. It's relatively easy for me to back up what I need. I've created a pretty simple script that I run on a computer inside of my network that reaches out to all of the different pfSense firewalls that I use. It grabs a config file. And that's pretty simple. It's a script that runs daily. I could probably even run it weekly. It simply reaches out and grabs these things and backs them up. Data loss is not something that I'm really concerned about as long as I have a good backup, which I do, and I check it regularly.

It’s easy to add features to pfSense and to configure them. I don't add a lot to pfSense with regard to the package manager that it comes with. That said, the packages that I do use are easy to install, easy to update, and easy to configure.

I witnessed the benefits of pfSense immediately. I have what I consider an enterprise-class firewall and routing stack at a pretty reasonable price.

pfSense gives you a single pane of glass type of management. You can see pretty much most things inside of the firewall, everything from bandwidth charts to DHCP leases - anything you've set up with regards to DNS. It's got pretty good logging features. I wind up sending most of the Syslog information from pfSense to third-party logging software. That’s why I'm not really using it to peer through logs. However, to do quick checks, I'll use it. The UI is pretty similar to Netgate. It makes a lot of sense.

pfSense provides features that help minimize downtime. The high availability configuration allows me to mitigate downtime. I've worked with their deployment team to set that up and also set up the LAN. Regardless of whether or not I lose a firewall or an Internet connection, my connection to the Internet remains pretty resilient.

The visibility in pfSense helps optimize performance. I'm primarily using it to see how our bandwidth is being utilized. Outside of that, I'm not using pfSense to visualize a ton of data. I offload pfSense data to third-party software that I use to visualize things that are happening on my network. If I just pop in and take a quick glance at what might be going on in my network, it's sufficient.

I'm hard-pressed to think of a needed additional feature. It would be nice to see which packages are officially from pfSense and which are from a third party in the package manager.

I've been using the solution for more than a decade. 

The stability is rock solid. 

I haven't really had to scale my deployment. My deployment was for an in-place network. My network hasn't changed much as I've redeployed the pfSense over the years.

The speed of response is good. It was well within the SLA. 

They were incredibly helpful. They answered follow-up questions in a timely manner. I was very pleased. I have had to use it very minimally. However, I was very pleased with how it worked.

Positive

I may have used something different a decade ago. Since then, I've been using pfSense. We're a small business. I do have some Cisco hardware, however, I'm not using it on my edge network. It's mostly just for switching.

I typically buy the hardware myself for the installation. I have one or two pfSense appliances. One is sitting on a rack as a backup unit in case I need it. I have a couple in the field. At the end of the day, if I'm going to buy the appliance, I get a year or two of CE. I'd much rather just buy the hardware myself and purchase a CE or get a Plus license.

It's incredibly easy to deploy. Even for a new engineer, it would be pretty simple. 

I am in the process of restoring one. It took me 20 minutes to flash the image to a thumb drive, install it on the device, boot the device, restore the configuration backup, and have it up and running. I'm familiar with the hardware that I purchased, and I take and test good backups. That said, the process is incredibly easy. It takes very little time to deploy something that has failed. 

With regard to a new setup, it's impossible for me to answer broadly; however, even then, it's not a long time. It just depends on how sophisticated a given user's network is.

There is very little maintenance outside of updating the software. 

I deployed devices to our remote sites myself. I used Netgate Professional Services to help deploy a high availability stack at our main office, and they were outstanding to work with.

Anybody not using it, at least at the small or medium business level, is crazy. There's a significant return on investment. We're getting a pretty state-of-the-art device that runs OpenVPN and some other VPN software. It's not Cisco. It's not Juniper or any of the others out there. However, I keep my ear to the ground with regard to vulnerabilities generally out there, and it seems like there are far more vulnerabilities that you hear about day-to-day in their competitors than in their software. At the enterprise level, there may be some more sophisticated and purpose-built solutions. That said, pfSense meets all of my needs. I can't imagine it not meeting the needs of anybody in a business my size and slightly bigger or slightly smaller.

The licensing is fair. 

I'm a pfSense customer.

There are two versions of pfSense. The plus version, which is paid, and the community edition, which is free. I primarily use plus.

I'd rate the solution ten out of ten.