OPNsense Reviews

We are using it for intrusion detection and prevention. The firewall comes with a lot of third-party modules, and we also use proxy functionalities.

In our company, we are using it as an appliance, but we are bringing companies to the cloud. We ourselves do not have an Azure layer, but we have got a contract from a customer to bring them to the cloud. So, we are installing it there and monitoring it, but it is not owned by our company. OPNsense is available on appliances, but we have made a special integration with Azure. There is a special mechanism in Azure to deploy firewalls, and we have installed three or four of them.

We always have the latest version on the firewalls. One should run the updates very frequently.

We are onboarding cloud solutions for customers. We are on Azure. Especially on Azure, when the customers start, they always have small environments. We were looking for the best firewall solution for small environments, not big environments. We needed a small firewall, and we came across OPNsense. For small customers, we will use OPNsense in the future due to cost reasons. These are small installations, and Azure Firewall is very expensive.

The IDS and IPS features are valuable. From the usability perspective, there is a lot of good documentation. As IT professionals, we found it very easy to configure the firewall. It was easy to configure and use. 

The difficult part was the integration with Azure because OPNsense, in most cases, is not used on public clouds. It is on appliances that run on-prem. 

We did not like the fact that you have to configure everything with the graphic user interface. We have used other firewalls, such as FortiGate, that you can configure via code. OPNsense is not easy to integrate. When you are deploying via GitHub or another source repository, this is not possible. That's one thing we didn't like much. 

Within our own company, we have been using it for three or four years as an appliance, and on Azure, we have been using it for three months.

We have run it for three months in production, and we haven't had any problems in three months. 

We run it as an NVA cluster with Azure, and it has good scalability, but when we have bigger deployments, we would use another firewall. I'm not sure if it makes sense to scale up. OPNsense has a very good niche market in comparison to FortiGate, Azure Firewall, or other firewalls. If a customer is starting in the cloud and has 100 or 200 users, I would always recommend OPNsense, but if you have a big installation, and you have a good DevOps team that deploys via source code and things like this, then I would not recommend it. So, the software itself may be scalable, but I wouldn't call it an enterprise-scale firewall.

In terms of people working with this solution, I'm an architect, and we've got two people for monitoring and setup. Its usage is increasing. It has not been that long since we started using OPNsense, and it fills a gap. Not everybody needs a full-scaled enterprise firewall. So, it will be a part of our business. We've found a niche there.

We were in touch with Microsoft support for special networking considerations. The firewall itself was easy for us, and we had no need to reach out to tech support of OPNsense. The heavy part was the Azure part, and we are specialists there.

OPNsense deploys it on the Azure marketplace. So, you can download it directly via the Azure marketplace. You do not have to be a partner. From our perspective, it's easy to configure and it's intuitive. We have a background with a lot of firewalls, and we were just looking for a small one.

We found that not many people have used it on Azure. The firewall itself is not bad, but the support around Azure in terms of documentation and the required infrastructure is not so good, but because we are Azure specialists, we found a very good solution. We would not recommend it for a beginner in Azure.

In terms of the implementation strategy, there is a cloud adaptation framework. There is a white paper from Microsoft containing best practices for deploying firewalls on Azure, and we had to provide a setup for this, which took some time because it was not easy. It took at least two weeks, but it was only a one-time job. After that, for each firewall, you only have to adapt the rules, which takes two days, but it also depends on the complexity of the infrastructure. If a customer has hundreds of endpoints, it takes longer for sure.

Its pricing is unbeatable in comparison to other firewalls. You can have a small instance that could be €80 a month with the hardware underneath. Azure Firewall and FortiGate are out of the question at this price.

If you are on a public cloud, you need the underlying infrastructure. Other than that, there is no additional cost. If you have it on-prem, you have to buy the server or the appliance. The hardware cost is replaced with the infrastructure cost in the cloud. You also have costs for the public IPs and underlying VMs, but that's not related to OPNsense. It would be the same for a FortiGate deployment on Azure. You need a FortiGate license, and you need the underlying infrastructure that scales up depending on your needs.

We use it on-prem, and we can recommend it for a standard, typical IT engineer with a networking background. We have had a good experience with it. It is good in terms of functionality and resource usage. It is easy, and we would recommend it, but for implementing it on the Azure cloud, you need good knowledge of Azure. When it comes to public clouds, you do not have your own hardware, and you need deep knowledge of the public cloud on which you are deploying it. It is a good solution if your installation is not too big. We would recommend it for small customers or companies that are starting in the cloud. 

I would rate it a seven out of ten.

The solution is being used for monitoring and as a firewall. 

The solution is user-friendly and easy to configure. 

You will need additional training before you can actually start to use it. You will need to gain some extensive knowledge. 

I have been using OPNsense for one year. 

It is a scalable solution. Approximately fifty people are using the solution. 

I have used FortiGate. For security reasons, we moved to OPNsense.

The initial setup is straightforward. The deployment took a couple of minutes. 

We are using the paid version. 

I rate the overall solution an eight out of ten. 

I moved to OPNsense because it's more secure and more reliable. I use it to secure access to the servers. I have a core backing server, an e-banking server, the main server, and other features with the solution. I make the multi-DMZ packs, so each service is in one DMZ bay, and I use it as a virtual chain.

The firewall solution is okay because it is like pfSsense.

The IPS solution could be more reliable. The IPS functioning and internal prevention system functioning could be added to the system. I didn't have it in pfSense, which is why I'm moving to OPNsense, but it is still not working well. They could also have the LZN ones.

I have been using this solution for about four years, and I am using the latest version, OPNsense 21.

It is very stable, and I rate the stability a ten out of ten.

It is a scalable solution, but I didn't try to scale it because I just used one instance.

I don't use technical support. Instead, I use community resources because they give me all the necessary solutions.

It is easy to set up, and the deployment took about six months.

The price is good and is better than other computer solutions. The licensing cost is zero because you only have to buy the support. I believe that costs between $900 to $1000 a year.

I rate this solution a nine out of ten. Regarding advice, if they want to use this solution, they have to know how they want to organize the actual networking. When it is well organized, you can easily deploy OPNsense inside it.

The primary use case of this solution is to detect and block malicious traffic, malicious files, and malicious links to protect the internal network from any external malicious website that may contain a virus or malware.

The most valuable features in OPNsense are reporting and visibility. 

The visibility is awesome. With the visibility, you can see the data source, data destination, the source port, destination port, protocols, the most used, the malicious files that have been detected and blocked, the countries the customer has visited, and the IPs based on Suricata.

OPNsense also has ClamAV, which is a great tool.

I have some issues with OPNsense. I have created a virtual machine that I've lost connection at times and I am not able to connect to the gateway or ping the internet. When I started with OPNsense, it worked right away. It may be an issue with the virtual machine itself. I am currently setting up the protection on all of the virtual machines so they will connect to OPNsense and the internet, or anywhere they need to access.

I have tried to download some malicious files or a virus and it should dump the files and prevent the download, but I don't seem to get any notification or warnings.

It may be an issue with the configuration but I am not sure.

I would like to see improvements made to connectivity and alerting.

I wanted to deploy this solution in our organization and some of the workstations from remote sites but it's not reliable enough to do that yet.

In the next release, I would like to see real traffic monitoring and more visibility. Also, for the antivirus, I would like to see the files protected by ClamAV. 

I would like to see intelligence in OPNsense and have the option to apply it or not.

They need a threat intelligence tool similar to the one they would find with Cisco. It will show you the file hashes, all of the IFCs, the niches, the address information, and more.  With all of this information, you can be proactive and block the malicious file hashes, all of the malicious IP addresses, and the public IP addresses. It should help you be proactive.

It would be helpful to have OPNsense be one of the plugins, and they should include traffic capturing. With Palo Alto, you can monitor and specify which interface you want to monitor, the source IP, or you can specify the network and see the traffic that is coming from the VLAN, the destination, and any files being transferred over the network.

If you apply security profiles you can see the signatures.

I have been using OPNsense for five months.

There are issues with stability and reliability.

I set up two different virtual machines. I used a virtual box, I installed it and configured higher visibility for both. One was a master and the other a standby. 

I had a virtual machine installed on Windows 10 and put the gateway for it as OPNsense, which was the master. 

I tested and shut down the first one, which is the master. When I check to see if the second one would take over, it failed. 

I couldn't connect to the internet or any destination.

We have not explored the scalability. We are only a small lab with two to three workstations.

I have a colleague working with me, together. We meet weekly to share the progress we have.

I use the enterprise version daily. It's scalable, stable, they have proper documentation and support. We get daily updates from the vendor.

OPNsense is a great tool but it lacks information that you need before deploying it.

I have reached out to the community for support, but they haven't seen anything like the issues that I am experiencing. 

I have not contacted OPNsense directly.

The initial setup was straightforward and easy.

It took 30 to 45 minutes to set up and deploy OPNsense.

I did not use a vendor to implement this solution, I did it myself.

OPNsense is a well known open-source tool.

I am currently evaluating and searching for open-source enterprise firewalls and doing a comparison of the features between all of them. I am assessing the pros and cons of vendors. 

I am looking for something that will give me a report on the comparison of features, capabilities, the different vendors, and the different open-source solutions that are available.

I am also doing a comparison on Palo Alto, Cisco Firepower, and Fortinet Fortigate.

I don't have any information on the bandwidth and what it can handle, or how many workstations can work with it. This information is very important, but I can't find any resources for this information.

The reporting is amazing. You can export reports, you can set the parameters, and export reports based on your needs.

I would rate this solution a seven out of ten.

We just use the solution normally for its basic firewall functionality. OPNsense with WireGuard and CrowdSec bouncers handles all our requirements. 

This is a free and secure solution that is easy to use.

The normal security options are great. 

It's light and easy to manage.

The solution is very stable.

The initial implementation process is simple. 

The solution offers a free version.

While they do have paid options that actually give better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet.

They should make it so that it's easier to reverse proxy integration.

I have been using this solution for two years.

The product is quite stable and the performance is good. There are no bugs or glitches. It doesn't crash or freeze. 

We can easily scale the solution if we need to. It's not difficult. 

I've only used the free version of the solution. I just have to dig into the forums to find everything I need. There isn't a central place you can reach out to. I've found all the answers I've needed so far via the forums. There's a lot of information there. 

The initial setup is straightforward. It's not overly complex or difficult. 

We're a customer and an end-user.

We are using the telemetry-free version of the solution. 

Overall, the solution is quite affordable. 

I'm aware of Fortinet as well. 

It depends on price versus performance. If you're willing to pay, Fortinet's great. If you don't have the budget, OPNsense is more affordable.

We do supply the solution and we do use it for ourselves.

I'd advise users to get the Geo functionality. It's a nice add-on, which we make use of a lot. It allows which countries are allowed to access your instances, which is very helpful. 

I'd rate the solution at a nine out of ten. 

OPNsense is a firewall.

The solution has helped our organization because we are able to easily set up IPSec and VPN tunnels.

The most valuable features of OPNsense are the GUI and frequent updates.

When using the solution at the beginning was difficult. There was a steep learning curve.

In a feature release, it would be helpful to have some features that the new generation firewalls have, such as IPS.

I used OPNsense within the last 12 months.

I rate the stability of OPNsense a ten out of ten.

We have approximately two large customers using this solution.

I rate the scalability of OPNsense a seven out of ten.

I needed to use the support twice. They could improve the support.

I rate the support of OPNsense a seven out of ten.

Neutral

I use Fortinet before in another company.

The deployment took approximately two hours.

I rate the initial setup of OPNsense a seven out of ten.

We are using the free open-source version of the solution. There is a paid version that has additional features.

I rate the price of OPNsense a five out of ten.

I would recommend using this solution.

I rate OPNsense a nine out of ten.

I'm using OPNsense as an open VPN and a firewall to control the traffic.

OPNsense improved my organization in terms of controlling the bandwidth. Limiting the bandwidth is the primary purpose of the solution in the organization.

What I like best about OPNsense is that, as a firewall, it's pretty good. I'm quite impressed with it.

I had an excellent experience with OPNsense, which helped me achieve the targets I wanted.

An area for improvement in OPNsense is the hardware, which needs to be updated more frequently.

An additional feature I want to see in OPNsense is a transparent proxy.

DNS blocking is another good feature I want to be added to the solution, as that helps make processes faster.

pfSense has a peer-blocking feature that I also want to see in OPNsense.

I've been using OPNsense for more than one year.

OPNsense is a stable solution. Stability-wise, it's seven out of ten.

OPNsense is a scalable solution, and I find it very good, but it still depends on your requirement and what you want to achieve from OPNsense.

I didn't use OPNsense technical support because I resolved any issues myself.

I used pfSense before using OPNsense, and OPNsense covered most of my environment's needs. My organization uses only one firewall, and that's OPNsense.

Setting up OPNsense was easy for me. Even if you don't have experience, there is so much data available that you can follow so that the setup can be done easily.

The initial setup for OPNsense is an eight out of ten, especially if you know what you want to do and achieve from the solution. You also must try blocking methods based on what and how you want to block.

It took me two weeks to implement OPNsense completely. I set up the network and made a lab before using OPNsense in a production environment.

We implemented OPNsense in-house.

I'm using the free version of OPNsense. I didn't check the pricing for the solution because I still need to test it before getting the approval to purchase OPNsense, and it isn't easy to get approval from the higher-ups.

I'm using two products, OPNsense and pfSense.

I upgraded to the latest version of OPNsense.

My organization is planning to move OPNsense to the cloud, in particular, hybrid cloud, but right now, it's deployed on-premises. Cloud deployment will be much more efficient than the current on-premises deployment, but I still need to test it before getting approval from the higher-ups.

Within my organization, fifty people use OPNsense because one department is trying it out. Still, when the solution is fully deployed, there could be from five thousand to six thousand users of OPNsense.

Ten to twelve people help maintain the solution yearly for the whole campus.

I advise anyone who wants to implement OPNsense to look into the suppliers and pick the right one because having the right supplier helps you achieve what you want from the solution.

My rating for OPNsense is eight out of ten.

OPNsense it's a multi-platform operating system. So we can install it on PC platforms and do not need dedicated hardware.

The WireGuard VPN is the most valuable feature.

They should improve IPEs for security in the future.

We have been using this solution for about three years and are using the latest version. It is deployed on-premises.

It is a stable solution.

It is a scalable solution. We have 20 connections between sites, and about 100 users use the solution.

The technical support is very good.

Before using OPNsense, we used Cisco Fortinet. Other solutions are more expensive than OPNsense.

The initial setup was easy. There are no issues with performance.

I rate this solution a nine out of ten and recommend it to others.