pfSense Reviews

We are solution providers and this is one of the products that we deploy for our customers. We replaced old Cisco ASA with pfSense and it proves as a good choice

pfSense prevents unwanted access. If you configured things properly then you'll be protected to the distant level. There is still a need for products like a SIEM, but the UTMs like pfSense or Sophos, prevent most of the problems. PfSense has a lot of add on possibilities

The classic features such as content inspection, content protection, and the application-level firewall, and  VPN  Are most common..

This is a feature-rich product.

The documentation is good.

Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually. It would be more user-friendly if things were set automatically. 

The drop in performance can be drastic when you use more advanced techniques. There is some trade-off between having a certain level of security and maintaining acceptable performance.

One of the things that are usually outside of the UTM, or system on the gateway, is the SIEM. It is an advanced system for managing the possibility of threats. It is not normally part of such devices but it would be nice if the pfSense interface were integrated with it.

We have more than three xears of experience with pfSense.

The stability of pfSense is standard. It is rated as one of the good solutions in this area.

This product is scalable to some point, although we have never used it for large companies. We use it for small to medium-sized organizations. For big companies, we more often implement Palo Alto.

In our company, we have a data center and some of our clients are hooked to it. This is something that we have on-premises for our customers.

We have plans to increase our usage with pfSense because we have had good feedback from our customers. In fact, with the good experience we have had, our sales have been slightly increasing. Our sales are shifting from Sophos to pfSense.

The technical support is organized well. We do most of the technical support for our customers in-house but there is a second level of outside support available. It is okay. 

Positive

We currently resell products from both pfSense and Sophos. In some areas, pfSense is better than Sophos. I have been a bit disappointed with Sophos because I know their history, and I don't think that they have advanced as well as they should have in that time. Also, they have two different products, being XG and UTM. This is another reason that I prefer pfSense, at least a little bit, over Sophos.

In the past, we were the developers of a product called Network Defender, but it has reached end-of-life. We were pioneers in the area and were one of the first who was making UTMs. The name "UTM" didn't exist at that point. We were partners with Cobalt, who was the first appliance creator. Their appliances include web servers and email servers. When Cobalt was bought by Sun, we made our first Network Defender line. That became the first appliance, which had firewall content inspection, content protection, intrusion prevention, intrusion detection, antivirus, and email and web servers at that time, all in one box.

From that point on, we had our line, which was distributed all over the Middle East, Asia, and some parts of Europe. We then worked with Palo Alto, we were a Cisco partner the entire time, and we work with both Sophos and pfSense.

The initial setup is complex. If you have a straightforward setup then you will have straightforward, basic protection and nothing else.

It takes a few months to adjust where you start by setting it up, and then you have to monitor it and see what's happening. It's ongoing work because, after this, you have to keep monitoring and adjusting to the situation. This is part of the service that we perform for our customers.

We are the integrators for our customers and deploy with our in-house team. We have people in the company who are specialized in this area.

The return on investment depends on the predicted cost of failures of the system, or intrusion of the system, which is hard to give a straight answer on. In part, this is because different companies put a different value on their data.

For example, with medicine, if somebody were to steal the data related to the latest CORONA vaccine then the cost would be tremendous. On the other hand, if there is a company that is making chairs, stealing the design of the chair probably wouldn't be as high when compared to an application in medicine. So, there is not a straight answer for that.

Return on investment, in any case, I think for every company, this is a must. Put in a straightforward way, they can count just the possibilities of having an attack on their system with a cryptovirus. If they can save their data from attackers then it would save them at least two days of not working plus the cost of recovery, which would be much more than the cost of the system and maintenance.

The price of the licensing depends on the size of the deployment. pfSense is open-source, but the support is something that the customer pays for. We charge them for the first line of support and if they want, they can purchase the second line of support. Typically, they take the first-line option.

The term of licensing also depends on the contract. The firewall doesn't always have a contract but rather, there is a contract in place for the network, which includes UTM.

In addition to the licensing fees, there are costs for hardware, installation, and maintenance. We use HPE servers, and the cost depends on how large the installation is. The price of setup is approximately €500 to €800, which also includes the initial monitoring.

The maintenance cost isn't really included in the network fees.

For smaller companies, we charge them a few hours a month for monitoring. It takes longer if the client is bigger.

Palo Alto, Fortiner, Sopbos

It is important to remember that you can't just leave the device to do everything. You still have to know what you're doing.

I recommend the product. It's well-balanced and one with a long history, so it doesn't have child's diseases. There is a lot of online support available online, which they can consult themselves. But, in the case that they need support, they can hire a professional support line and that is highly recommended.

I say this because usually, people look at the UTM as something that should be put in the system, set up, and left alone. But, this is not the case with this type of solution. Therefore, I strongly suggest making an outside agreement with a specialized company that will take care of their security from that point on.

The biggest lesson that I have learned from using this kind of product is that you can't assume that the internet is a big place and nobody will find you. There is always a good possibility that robots will search your system for holes, and they are probably doing so this instant. This means that users should be aware and have decent protection.

In summary, this is a good product but there is always room for improvement.

I would rate this solution a nine out of ten.

We have a client who's got a number of VMs on a single piece of hardware. They needed to have access over a VPN to those VMs from inside their network. We use pfSense to provide the VPN link using the IPsec.

In others, let's say smaller organizations, we will put a Mini ITX system that then connects into their broadband - typically sort of fiber or something like that - and just gives protection. 

The solution also allows us then to manage port forwarding and things like that.

The firewall aspect of the solution is very valuable to us. We had so many limitations with the Dre tech, however, it's the firewall and the port forwarding that is the most interesting due to the fact it allows us to restrict IP addresses and move things from different ports and things like that.

I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good. 

The solution is easy to use in general, for everyone.

The product is very powerful.

It's the type of device that does one thing well. There isn't much I would want to change.

We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up.

The only other thing I might look at would be some sort of antivirus type of aspect to check traffic coming in and out of the network. If they offered unified threat management, that would be an ideal outcome for us.

I have been looking at it as a sort of an appliance, rather than installing it on an actual PC. However, that's for future research first.

pfSense is only a small part of what we do. The majority of our systems are full-blown Linux systems and we use that firewall as a system. It's only recently we've started switching some clients to pfSense where we think we need to have slightly different things. Maybe they haven't got a server and this is just replacing their sort of existing TP-link or router, et cetera.

I've had no issues with stability whatsoever. I'm quite happy letting it run for days, months, weeks, et cetera. We have no requirements to actively manage it. In terms of performance, we just need to go in and make changes as required by the customer. Other than that, it's set and forget. There are no bugs and glitches to navigate. It doesn't crash or freeze.

It's not been extensively used at the moment as we've already got a Linux server in place. If we can justify it for the customer, we tend to use that. That said, we are looking to increase usage of that as it would say it takes some of the work away from me and allows me to farm that out to the staff.

We've never had to use technical support. Therefore, I can't speak to their level of knowledge or how helpful they are. We've always just been able to find the answers we need without their help, and therefore have never really had to use them.

We're still using Linux servers that are running IP tables, et cetera. Prior to that, we were using, something called IPCop. Before that, I can't remember what it was. We've always used sort of Linux old BSD-based solutions for our firewalls. That's just what we've always done.

The initial setup is not overly complex or difficult. It is very straightforward. We connect and we just have got a couple of standard procedures to setup once it's complete. We could probably get one up and running between half an hour to an hour. The deployment is fast and the whole process is pretty seamless at this point.

We did not use any integrator or anything like that. We're offering our client's the installation process as part of our services. I find it very, very straightforward, however, that's due to my previous experience with Linux setups. 

We use the open-source version, which is free to use. 

I say we've always used the community edition as I've never felt a need for support or anything like that and our clients have never insisted on it. I know where to go to look for answers if we run into problems, so paying for that extra support isn't something we need to worry about. 

We are just end-users and customers.

I cannot speak to the exact version we are using. Ours may be slightly out of date. We may not be using the absolute latest version. Version 2.51 is available soon and we'll likely upgrade to that.

It's good for where people have outgrown their existing broadband routers, such as the TP-link, the Dre Tech, and that sort of thing. Often, it doesn't justify putting in a full system. We tend to use a Mini ITX PC, multiple LAN network cards, and then install the opensource version and configure it appropriately.

You need to be slightly more tactical than just plugging in a Dre tech or similar Nokia device. I don't think you need to be incredibly technical to set this up. 

I like it, I'd recommend it to most people to at least give it a try, and to spend a few hours initially to work their way around it.

I'll definitely give it at least a nine out of ten for its general ease of use for me and my staff. It does pretty much everything that we ask of it and the required resources for the hardware are minimal as well.

I use it as a firewall and also as a router because you can address what you want to do with it. It can do network advanced translation (NAT).

It is sitting on my own server. It is on a remote server on a private network.

It is very simple to use. I'm working faster now. I don't have to configure a switch and sync some VLANs on the switch. I can concentrate more on my work because I know that pfSense is guarding my network. It improves my workflow a lot. 

The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network.

It is not only a firewall; it can also do some routing or network advanced translation (NAT), which makes it very powerful.

It is very simple to use. As long as you understand the basics or fundamentals of networking, you can manage everything very quickly with it.

The web is evolving every day. So, the product should be constantly improved with more regular updates. Things are constantly changing. There are obsolete protocols, and then there are new protocols. For my own use, it is not an issue, but for somebody who is more at the forefront of internet browsing, it could be a problem.

There could be a way to remote to it through a mobile app. You can always browse through your browser on your mobile phone or tablet, but it would be good to have a dedicated app. I understand that iOS and Android developers are expensive, but there should be a mobile app.

I have been using this solution since May.

It is very stable as long as you don't change the winning theme. When it is working, leave it working. My rule number one is one computer, one function. So, pfSense does that one function, and I don't try to use it for anything else. I could do some File Transfer Protocol or things like that, but it is not made for them. I don't restart it and move it. I only do the security updates and change the username and password very often.

I don't require much scalability. It is fine for a small-scale company with about 30 devices, such as printers, computers, etc. I'm only working with a few people, and I don't have any traffic problems, but a company with 50 or 60 users could have problems with it. Currently, there are four to five users, and I'm providing multimedia services to four to five people. 

It is being used extensively. Sometimes, its usage is 50 times a day, and sometimes, there is no usage. I don't work on it on a daily basis. It also depends on the project I'm working on. We have plans to increase its usage.

Their support is good.

I didn't use any other solution previously. I didn't have a need for it. Only in May, I had the need to deploy my own service.

It is easy to set up if you understand the protocols. If you understand the theory of what is a firewall and what is a router, its initial setup is straightforward.

Its deployment took one week. The strategy was simple. It involved blocking certain traffic, allowing certain traffic, and making ACL or a list of undesired operations such as cookies so that if it is impossible to sniff, and there is complete security. If someone is trying to enter, I immediately get a message on my phone, whether I am in the county or abroad. I immediately get a message saying that somebody is trying to enter, and I am able to counterattack immediately. That's a big advantage of it.

I did it on my own with the advice of some of my friends who have much deeper knowledge than me. It is also very well-documented on the web, and there is a big community.

I am also taking care of its maintenance. I don't have any maintenance except that sometimes, the server on which this solution is implemented has issues. Its maintenance mainly involves regularly checking the systems.

There is a big return on investment because FortiGate is 60 to 70 times more expensive, which could be a big problem for me. It is more expensive than my car. I have a small budget and a small car.

It is about €1,000. It is a one-time payment. I do not have a monthly or yearly subscription. I don't subscribe to any subscription because I hate cloud services.

There are no additional costs.

I would advise others to try it and see if it is good for them. It is a very good product for me, but that might not be the case for other users. There are so many solutions, but I'm really happy with it. For my scale, it is good. If you are Amazon or a company with one million connections every minute, don't ever use this. It is not made for that. It is perfect for small-scale networks.

I would rate it a nine out of 10. It needs more regular updates, so I can't rate it a 10, but it is very easy to use, stable, and solid. 

We had been hit by crypto, and with our existing firewall infrastructure, we found out it didn't have geofiltering without an additional cost. That's still written from SonicWall and I think you have to pay extra for that. pfSense came with geofiltering and with logging as well, which I believe you have to pay extra for with SonicWall. So we didn't realize this until we got hit. We implemented GoIP filtering, and we also activated and stored the log files from within the firewall. I think there are some other feature sets that we used as well. The device seemed to be a little bit simpler to manage and configure through the interface. Of course with it being open source, we were able to stay current with that without having to incur annual purchasing or annual licensing fees like we do with SonicWall.

What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor. Some people may think you're taking a risk with using open source. I think it just provides the end-user, specifically for us small, medium business providers of services, the flexibility we need at the right cost to provide them a higher-end, almost enterprise-type service. 

In terms of areas of improvement, the interface seemed like it had a lot. The GUI interface that I had gotten into was rather elaborate. I don't know if they could zero in on some markets and potentially for small, medium businesses specifically, give them a stripped-down version of the GUI for pfSense.

I've used this solution for about a year. 

You could scale the pfSense platform to multiple users and bandwidth. With SonicWall, you have to go get a different version of their product because they're going to tie their firmware to their version. pfSense doesn't do that. It seemed to me like the scale of pfSense is easier and it was a non-sales interactive requirement to scale the offering versus with SonicWall.

Technical support was through an online chat. I don't remember us running into any snags. 

The initial setup is pretty straightforward if you have your ducks in a row if you understand the IP engineering and design, and you understand some of the protocols that you want to introduce into the environment. I think one of the biggest things that it allowed us to do also was remote desktop or remote access. We filtered out remote management. We shut those ports down within pfSense, and that seemed pretty straightforward. I think the GUI has a little too much information out there, but if you're a senior engineer, you're going to love all the information because it makes sense to you. If you're a junior or a freshman engineer, you're not going to mind it either because you can use it to teach yourself how to take advantage of that information that's there. 

On the front end of this, I thought it was rather intuitive.

With a firewall, typically we only charge between $25 and $75 a year to manage the firewall. That allows us to keep our price points low, and with minimal administrative overhead, we can maximize our profits.

When compared to other solutions like SonicWall, SonicWall has a built-in administrative burden where you have to go back and make sure your client understands they're going to get hit with another annual fee to keep that device up to date. pfSense is not like that. pfSense is not like that in the sense that if you go out and get the latest update of firmware or software, you're going to get the latest and greatest. You don't have to remember to go to the client and remind them they're going to be charged another fee next year to keep their license current. I hope they keep that model.

If you're a junior or even a beginner engineer, jumping into the interface for pfSense could be overwhelming. There are going to be things in there you just have never heard or seen before, which isn't a bad thing.

On the front end, I would take advantage of any courses that are out there, any introductions to it. It's very intuitive and there are a lot of forums out there that you can go watch and educate yourself on. If you are not that advanced of a network engineer, I think it's a great solution for you because you can go out to some peers and get a lot of direction and guidance from them to set it up in a small environment. The only other thing I would do is just compare. You always have to understand what your customers' needs are. Make sure you understand what your customer's needs are and that it's going to fit into their environment and their budget. I don't know why it wouldn't, but that'd be about the only advice I'd give is just make sure that it is definitely a fit for your customer base. I'm fairly confident, small and medium businesses should be a very good fit. I've been in the enterprise space as well. There may be some things on the enterprise level that you just can't do with pfSense and you might want to go to some other solution set, but I think it's very competitive.

I'd rate this solution a nine, even if I was an experienced engineer because it's easy to have and easy to maintain.

We have one Head Office and two main offices and other small branches. We want to secure our network from external and internal threats and block all unnecessary ports. We want to create a WAN with firewalls installed at all other offices and branches to connect to Head Office directly.

Overall, our experience with pfSense has been good. We're satisfied with what we're doing, but we have to move forward. It's covering what we require now, but maybe we might need something else in the future. For example, we are implementing ISO 2701, and the regulators could demand something else for compliance if they conduct an audit. And if we're following the policies required by ISO 2701 best practices, then perhaps we need to implement new hardware too because we can't do everything with our existing hardware infrastructure. 

For instance, say I want to block USB access, but I don't have the software. Currently, we use our antivirus software, which is a proper endpoint management tool. We can use it to modify the Windows registry and block everything, I can do whatever I want with the PC on the endpoints. We need to have that, but not everything works without the hardware infrastructure. 

The GUI is easy to understand. 

We had one issue with hardware support. The department head who was managing the solution became the director of the company, but he still has administrator access. And usually, whenever a WAN goes down, we always have a backup, but the hardware doesn't support more than one WAN. And then, if he wants to switch, he doesn't know how to reconfigure it. So we have to wait for the ISP to resume their services, which is not professional.

Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand. A user should be able to find the feature they're looking for easily, but pfSense isn't so good in that sense.

We're using a flavor of pfSense. It's called XNET. It's a flavor of the pfSense main pfSense build because it's open-source, but it's basically similar to the pfSense build, and we've been using it since 2008.

Not very stable.

Scalable but only if one has expertise of open source configuration of software such as pfsense.

Customer support for any open source product is mostly based on the individuals who have expert knowledge while otherwise we have to resort to other internet sources.

I've used TMG by Microsoft, and it's much easier to manage domains and websites. For example, pfSense has IP-based blocking, but websites like YouTube and Facebook keep using different IPs. TMG blocks the actual domain name. That is one downside to pfSense I've noticed as a basic user.

It was complex and done by the vendor.

We only paid for the hardware and savings were quite high.

This is a good option. If a vendor is trying to sell Fortinet and Sangfor, but the customer's requirements are basic, they'll have a hard time convincing someone who believes in free, open-source software that pfSense is not suitable for them. The only cost is the hardware. But pfSense doesn't have after-sales support or some of the other features you might find in a commercial solution. 

I've heard that Fortinet is slightly more expensive than Sangfor. Then again, if Sangfor comes into the picture, maybe you would consider Sangfor.

I rate pfSense six out of 10. We want a product that has at least two WANs as well as fault tolerance or load balancing features, which pfSense also has, but we don't have the hardware or support. That's why we need to switch. However, if cost is a big issue, then I recommend pfSense for customers who can't afford a paid hardware and software solution. That was our issue because we're a government company, so our assets belong to the government. We have to think about where we want to spend money because it's the taxpayers' money. If your management doesn't understand the need to invest in IT, then you can consider this alternative.

I primarily use the solution for monitoring and learning about how to operate a firewall. I also use it for monitoring my home network as well as adblocking.

The solution is 100% free to use.

The product offers a lot of helpful plugins.

The solution is easy to use and has a elaborate GUI.

The initial setup is quite simple and straightforward.

The integration of the plugins into the GUI could be better. It's sometimes hard to find where a setting can be found or how it might interact with other settings. Some documentation is outdate and plugins sometime have no documentation. Information can always be found on the fora but for novice users this can be a challenge.

I've been using the solution for five years or so. It's been a while.

The solution is stable. Since last upgrade there hasn't been a crash, freeze or need for reboort. It's quite reliable.

I've tried to scale the solution previously. I've got two hardware platforms running. I wasn't quite able to run everything I wanted on a small ARM based device. Therefore,  I build my own Super-micro platform based on Intel Denverton.

It's actually easy to scale. It's just moving over most of the configuration: exporting, importing, or even going right into the original XML export file.

There are six users, 3 dozen of devices and a homelab server with VM running behind the solution at this time.

With what I am running now, I haven't had to reach out to technical support. However, an upgrade failed two years ago and I needed to contact technical support to get me the new image for the device. They were very efficient. I was satisfied with the level of support I received.

I've been switching back and forth between pfSense, OPNsense, and Untangle in the last five years or so.

OPNsense and Untangled are more integrated, however, more and more of the plugins are becoming paid offerings. OPNsense misses a plugin that pfSense has, Untangled it's adblocking is easy but not free.

The initial setup is not to complex.

It's good to have the basic information before attempting to set everything up. They've got a wiki with all basic information and there are the fora for questions.

I've got a CCNA certificate and that some comes in handy. For me, it works without any documentation, however, for a complete novice user you probably need some documentation to get you through the process.

Getting everything up and running only took about 30 minutes. You then have a complete firewall solution up-and-running.

There is some maintenance required. You do need to check for updates from time to time, for example. If you install more plugins more maintenance might be required to get everything tuned.

I handled the implementation myself. I have some knowledge about IP routing.

The solution is free to use. There are (currently) no licensing costs.

I'm just a home lab user.

I'd advise those considering the solution for your business to get a service contract.

It works great for someone with enough knowledge and time to get his head around everything. Otherwise, you need to look for a solution that offers support and can work with you on issues. It's nice to try to balance between open-source and support that costs money.

In general, I'd rate the solution at an eight out of ten.

This solution is for my personal use, I've had a hobby of using it for a long time. I use it to protect my home network. Nothing is bulletproof but I'm happy to have a firewall at home scanning the ins and outs of my network so that I have a degree of security.

pfSense is a free firewall that you can download and install on your own hardware and establish a VPN for it. If you have remote users who need to connect securely, pfSense can do that. The solution has multiple use cases. It's good for scanning and filtering traffic. It's a good network security appliance which you can install on your own hardware or on their hardware. Some companies will invest in a really big firewall for their main branch, and will install pfSense in remote sites because they don't see the value of buying an expensive firewall for each branch.

I'd really love to see the web interface enhanced. It's good but it could be clearer and more straightforward. As a FreeBSD fan, I'd love to see a BSD license code, rather than a GPL license code. I'd also love to see a Sandbox and more security features. pfSense is a mature product, but if you compare it to other products in the market, you realize that pfSense is a little behind. 

I've been using this solution for five years. 

This solution is stable. 

The solution is scalable, it has the HA options that other firewalls also have. It's a software-defined solution, so you can pretty much put it inside a virtual machine and scale it up. Or you can load balance, or have an HA set up between two pfSense proxies, it's all possible.

I don't have contact with technical support. If you have an issue, you can go to the online community and wait for someone to respond. There's no SLAs for that. The only way I would have access to their support is if I actually purchased a Netgate appliance.

I've previously used vendor-based firewalls, like Sophos. They have Sophos XG and Sophos XG, UTMs. Those are the firewalls that I have the most expertise with and I also have some experience with Fortinet. pfSense is normally installed on x86 hardware which uses CISC architecture, a complex instruction set that runs on laptops and computers. They generally make calculations much slower than what we call risk architecture. As a result, firewalls with a risk-based architecture or reduced instruction set architecture are preferred because they provide better throughput. That's the case with FortiGate. They are very well known in the market to have the highest IPS throughput and that's one of the major factors for choosing a firewall.

The initial setup is very easy, it takes about 15 minutes. 

I would recommend this solution, it's one of those technologies anyone should at least try out. If you want to protect your home network, and don't want to invest in a firewall, pfSense will do the job. It's good for home use and for small businesses or remote sites of large companies. It's a good strategy because it's generally more critical to invest in defending your main data centers. It's important to choose the hardware wisely, make sure it's compatible. Netgate, the company sponsoring pfSense, manufactures hardware that is really optimized towards it. For small or medium businesses it's not a big deal. But for enterprises, this is important. 

I rate this solution a seven out of 10.

I build my own firewalls, and I use pfSense.

It is very easy to use. The interface is quite understandable. There is a good community, and I can take over at any time I want. If there is anything wrong with it, I could just reinstall the whole thing and start all over again, and I'll be up again in less than a few minutes.

More documentation would be great, especially on new features because sometimes, when new features come out, you don't get to understand them right off the bat. You have to really spend a lot of time understanding them. So, more documentation would be awesome.

In terms of features, for my use, I don't see anything wrong with it. I basically get what I need from it by default. I build my firewall, so I only rely on the software. On the software side, there is not much to improve right now. So, at this point in time, I don't see anything, but I always welcome any kind of upgrades that they do. I always try them out and see if I can use them in the company or not, but so far, there are no complaints on my end.

I have been using this solution for more than eight years.

It is a very stable product.

It is quite scalable.

I don't have any experience dealing with technical support directly from the makers of pfSense. I am using its Community Edition. That's why when it comes to technical support, I rely on myself, the community, and the information on the internet, especially from those who are more adept at it than me.

It is quite easy. It is up in a few minutes even though I reinstalled the whole thing. For me, it is as straightforward as it can get. I'm a long-time user, and I don't see any problems with the configuration.

We are using its Community Edition, which is free. My company is a government school, and we don't have much budget.

There is a steep learning curve and you have to spend a lot of time with it to understand how you're going to use it and how you're going to customize it yourself. That's where you're going to have to spend a lot of time, but by the time you're done with everything and you have played with all the features you want, you will understand everything you need. You will always be up in minutes, even if it gets "destroyed" during the night, you can come back to it and reinstall the whole thing, and everything will be good.

I would rate it a 9 out of 10. It cannot get a 10 right now because it changes every day. It might be 10 today, but in a few seconds, it won't be a 10 because the whole internet changes in a few seconds, and the whole way of serving your clients can change in a few seconds. So, it can't get that perfect 10.