Netgate pfSense Room for Improvement

Glenn Ace Tenorio - PeerSpot reviewer
Senior Network Engineer at American School of Dubai

For the third-party packages, I'd rather have it built-in, like a core feature of pfSense, part of the core model. This feature of pfSense would be great, instead of relying on a third-party module.

View full review »
PJ
Information Technology System Administrator / Director at Legault Joly Thiffault

The VPN feature of the solution could improve by adding better functionality and providing easier configure ability.

View full review »
Eduardo Monteiro. - PeerSpot reviewer
IT Manager at Prologica

There are several levels of firewall configuration such as beginner, advanced, and expert configurations. At each level, it becomes more complex and more tricky to set up the firewall. For example, if you want to install the firewall on your computer system, it would be a lot easier if it just tells you that this is the internet NIC and this is the Wi-Fi NIC. 

It would also be interesting if we could add an interface for DNS versions. It will be a multisystem to make all the blocks of the DNS. I know that firewalls are different from DNS, but if we could take advantage of everything in a single system, that would be lovely.

View full review »
Buyer's Guide
Netgate pfSense
March 2024
Learn what your peers think about Netgate pfSense. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
JM
IT Manager at Gandia Consulting Group

It lacks a solution for SD-WAN integration. I believe improving integration with various antivirus vendors could be beneficial. Partnering with trusted antivirus providers such as Bitdefender or Sophos as an add-on feature could enhance the antivirus capabilities of pfSense. Incorporating a centralized management console for easier administration would be a valuable addition.

View full review »
it_user224304 - PeerSpot reviewer
Corporate Trainer / Systems Administrator at a computer software company with 51-200 employees

Some of the available plug-ins that work very well on older versions, and actually break the newer versions. If using a newer version of the software, then the list of available plug-ins should only list those capable/known to work with the version that you are running. Outside of that- it is a rock-solid firewall, now with support.

View full review »
Romani Labib - PeerSpot reviewer
Director of Information Technology at MASFinancials

The Netgate forums and community don’t provide extensive discussions and topics related to every pfSense service.

View full review »
PM
Consultant at PM Solutions

One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs. When creating IP lists, I've noticed that synchronization doesn't always function correctly. While it's not entirely dysfunctional, troubleshooting these synchronization problems can be quite challenging.

View full review »
SaeedALi - PeerSpot reviewer
Deputy Manager IT & OIC Head of IT Department (Infrastructure & Operation). at a manufacturing company with 201-500 employees

They rely on third-party tools, unlike Fortinet, for example, which has its own tools. In comparison, we also use third-party tools on pfSense. For example, we had a situation where we needed a tool to identify authorized users, and when I searched for a solution, I found a third-party tool. However, using such tools may come with additional costs.

View full review »
JB
Owner at artesistemas.net

Other solutions provide more scope for growth. For instance, we can have only 10 to 20 employees on VPN, but other solutions can support more users. We also have more capabilities to increase the performance of the solution.

View full review »
JL
Head of IT Department at OLIVESTRONIX NIGERIA LTD

The solution could be more user-friendly, and the graphical interface needs some work so that someone without an IT background can use the application. I would like the ability to manage the on-premise appliance from the cloud. When I'm not in the office, it would be great to connect to the pfSense server and administer the network remotely.

View full review »
DA
Acting Manager IT at National Insurance Company Limited

We had one issue with hardware support. The department head who was managing the solution became the director of the company, but he still has administrator access. And usually, whenever a WAN goes down, we always have a backup, but the hardware doesn't support more than one WAN. And then, if he wants to switch, he doesn't know how to reconfigure it. So we have to wait for the ISP to resume their services, which is not professional.

Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand. A user should be able to find the feature they're looking for easily, but pfSense isn't so good in that sense.

View full review »
TW
Managing Director at Midgard IT

We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up.

The only other thing I might look at would be some sort of antivirus type of aspect to check traffic coming in and out of the network. If they offered unified threat management, that would be an ideal outcome for us.

I have been looking at it as a sort of an appliance, rather than installing it on an actual PC. However, that's for future research first.

View full review »
Buford Laruan - PeerSpot reviewer
Network Administrator at Benguet State University

More documentation would be great, especially on new features because sometimes, when new features come out, you don't get to understand them right off the bat. You have to really spend a lot of time understanding them. So, more documentation would be awesome.

In terms of features, for my use, I don't see anything wrong with it. I basically get what I need from it by default. I build my firewall, so I only rely on the software. On the software side, there is not much to improve right now. So, at this point in time, I don't see anything, but I always welcome any kind of upgrades that they do. I always try them out and see if I can use them in the company or not, but so far, there are no complaints on my end.

View full review »
LB
Owner at The Computer Guy

pfSense could improve by having a sandboxing feature that I have seen in SonicWall. However, maybe it is available I am not aware of it.

View full review »
RO
CEO at Private

Some suggestions for improvement of pfSense are:

  • Adjustment in the interfaces: I had to adjust those interfaces manually and of course that is a great feature that you can restore it but it is immediately also one point for improvement. If you don't have to adjust, if it's just stamped and it works, that's great.
  • With regard to the Community Edition, when I installed it, we use Proxmox as an equivalent of PMWorks and I installed the Community Edition in Proxmox. That was very difficult to get to work at first. A lot of tweaking. That is very, very not easy.
  • When I'm inside of my network and I go to a URL, the URL points to a server inside my network. It doesn't hang, but I don't get a response. It just stays blank. 
  • I can imagine that inside my network, I am going outside, and it points to the public address, so I can reach it. With eSoft, without any adjustment, it worked, and I was able to do that. I went to search pfSense for an option, and I had some documents open to read about how it is done, but it isn't clear enough. It's not that easy. I would appreciate it if I could get easy help on that.
View full review »
Ahmed Mrosy - PeerSpot reviewer
Information Technology Lead at Mega Trust

We have not had any problems with it, and we also do not have a need for any new features. If anything, its reporting can be better. Sophos has better reporting than pfSense. Sophos has more detailed information. pfSense is not as detailed. It is summarized.

View full review »
PL
System Administrator at LafuentePaca

The product must provide integration with other solutions.

View full review »
Sebastian Morales - PeerSpot reviewer
Product Manager at Infokrause

The solution’s interface must be improved.

View full review »
AZ
Director De Tecnologias da Information at EPAL-EP

The process can be challenging. We do not have one security team. We need a team that can guarantee the security of our company and we're not there yet. We only have the client's equipment, and one guy managing this equipment. This isn't necessarily a problem with the product, it's more about our own internal structure. 

Ultimately, we'd like something stronger, and something that can handle threats better in real-time. 

View full review »
SB
IT Manager at a marketing services firm with 1,001-5,000 employees

I have been using WireGuard VPN because it is a lot faster and more secure than an open VPN. However, in the latest version of pfSense, they have removed this feature, which is one of the main features that I need. They should include this feature.

View full review »
JB
Owner at artesistemas.net

They can improve the dynamic of the input of IPs from outside. Determining the IPs that are outside would be another way to identifying potential threats. We can treat it or identify and then block it or determine the rules to work with that IPs from the outside and inside the network. 

View full review »
ZG
Senior System Administrator at Debre Markos University

The solution could always work at being more secure. It's a good idea to continue to work on security features and capabilities in order to ensure they can keep clients safe.

View full review »
GC
Chef at a media company with 11-50 employees

The web is evolving every day. So, the product should be constantly improved with more regular updates. Things are constantly changing. There are obsolete protocols, and then there are new protocols. For my own use, it is not an issue, but for somebody who is more at the forefront of internet browsing, it could be a problem.

There could be a way to remote to it through a mobile app. You can always browse through your browser on your mobile phone or tablet, but it would be good to have a dedicated app. I understand that iOS and Android developers are expensive, but there should be a mobile app.

View full review »
MY
Solution Architect, Managed Services & System Integration at Transmeet Technologies

The interface is not very shiny and attractive. Most of the people that use pfSense are highly skilled, so they don't even bother to go the extra mile when it comes to configuration or any protection mechanisms. With other firewalls, with just one click or with the assistance of a wizard, the service is already configured. With pfSense, you have to have some time to do your own research regarding how to fine-tune it. If that could be improved, then life would be much easier. This would help any entry-level users to adapt to the platform. 

Netgate, the mother organization that manages the pfSense platform, should offer organized security feeds for its users so that they can avoid configuring multiple types of feeds in multiple locations. That could generate extra revenue for the company, too.

View full review »
JR
General Manager at Galgus

There is more demand for UTMs than a simple firewall. pfSense should support real-time features for handling the latest viruses and threats. It should support real-time checks and real-time status of threats. Some other vendors, such as Fortinet, already offer this type of capability. Such capability will be good for bringing pfSense at the same level as other solutions. 

View full review »
OA
Systems Manager at CORNARE

It would be ideal if the solution could integrate with Snort and OpenVPN.

The technical support needs to be improved.

View full review »
EK
Manager, Operations at SUS-TECH Limited

The solution can be complex. It needs a bigger team with more coding skills than what we have at our disposal. With our skillsets, we're facing a lot of limitations. We're a team of four who handles 12 independent companies under a larger umbrella. Our workload is already quite high. We need solutions that lessen it, not enhance it.

The solution requires a lot of administration.

The solution would work better for us if the user interface had some kind of unifying feature that didn't just do firewalls. Sophos, for example, offers so much more. You get one license and you're good to go. Everything's handled from the anti-virus to the network and the traffic and monitoring. Sophos is really user friendly and easy to master. It's easy to get rules put in. pfSense offers none of these things beyond just the firewall capabilities. 

View full review »
AC
Chief Technology Officer at Xpro Networks

I would like to see SD1 integration into the software. That would be fantastic.

View full review »
it_user221862 - PeerSpot reviewer
Cloud Engineer at a tech services company with 1,001-5,000 employees

The GUI. There are TONS of plugins for pfSense, as such, if a user wants to add quite a bit of functionality, the GUI will feel a little congested.

View full review »
SF
CEO at netison

I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that.

View full review »
BH
Systems Administrator at a tech services company with 51-200 employees

Their support could be better in terms of the response time.

View full review »
MB
IT Support Specialist with 51-200 employees

I cannot recall any features that are lacking.

There's a bit of a learning curve during the initial implementation.

You do have to pay extra for better customer service.

View full review »
NR
IT Manager & Sr. Application Programmer with 11-50 employees

While I agree spam filtering is not included or an option with the system, I don't necessarily hold that against the product as there are a number of other services that do it far better than a firewall could. If you use Office 365, Microsoft's implementations are likely to be far superior to what you'll get from a firewall. However, with that said, the one item I wish it included, even if it was a subscription-based service, is the inclusion of an AV and/or threat intelligence. This would elevate the solution well above other alternatives. 

View full review »
it_user701439 - PeerSpot reviewer
IT Support Engineer

Network monitoring and device inventory could use some improvements. I'm using SpiceWorks for this because it never really worked in pfSense.

Network monitoring is a big topic and I realize there is plenty of software out there like SpiceWorks, NTOPNG, PDQ, Zabbix, and Nagios.

I can easily log into pfSense and check "Status > Gateways" to see if the internet connection is online. However, I don't usually know if there's a problem until it's been down for a while and someone tells me about it. I realize this is a tricky problem, because if the pfSense internet goes down, how is it supposed to send out an email that relies on the internet connection?

I guess the only way that would make sense, is if an external monitor was set up in the cloud or something that could check the status of pfSense at given intervals.

As far as clients being up/down is concerned, I can use some alternative software and maybe there's a package in pfSense that I can use for it.

Another idea for pfSense device inventor: What if pfSense collected a list of newly connected clients? For security, it's important to know about all the clients connected to the network. A simple list of new clients that connect would be nice to have.

The alternative would be to lock pfSense down to only make address reservations, but that just creates more work for the Network Admin.

View full review »
TO
VP of Business Development at a tech services company with 1-10 employees

In terms of areas of improvement, the interface seemed like it had a lot. The GUI interface that I had gotten into was rather elaborate. I don't know if they could zero in on some markets and potentially for small, medium businesses specifically, give them a stripped-down version of the GUI for pfSense.

View full review »
it_user222798 - PeerSpot reviewer
IT Support Specialist at Tech Solutions
  • Testing prior to deployment
  • Packages need better support
View full review »
MA
Technical Presales Consultant/ Engineer at a tech vendor with 10,001+ employees

I'd really love to see the web interface enhanced. It's good but it could be clearer and more straightforward. As a FreeBSD fan, I'd love to see a BSD license code, rather than a GPL license code. I'd also love to see a Sandbox and more security features. pfSense is a mature product, but if you compare it to other products in the market, you realize that pfSense is a little behind. 

View full review »
PG
Software Applications Manager at a engineering company with 201-500 employees

The integration of the plugins into the GUI could be better. It's sometimes hard to find where a setting can be found or how it might interact with other settings. Some documentation is outdate and plugins sometime have no documentation. Information can always be found on the fora but for novice users this can be a challenge.

View full review »
OM
Senior System Engineer at a financial services firm with 1,001-5,000 employees

The problem with open-source is that no one can take responsibility.

It needs to be more secure. Security needs improvement.

It's always better to have an agreement, an SLA regarding security. You should outsource your security to another company.

View full review »
Muhammad_Irfan - PeerSpot reviewer
Sr. Network Administrator at ACMC

The usage reports can be better.

View full review »
LP
Consultant and Head of Services at ILANZ LLC

As I said, the product is fantastic. It could use a little bit of improvement in the reporting — the reporting is virtually non-existent. Something like a reporting module would be a benefit. Otherwise, in terms of the performance, at least for my organization, I don't see much of a problem.

By this, I mean that we cant generate reports of trends etc that could be exported out of PFSense in terms of a PDF etc to see how the firewall is functioning...

Though I must say that the work around for this could be to use the pfsense zabbix plugin and integrate to a Zabbix platform and then use the Zabbix reporting capabilities to get the required reports... Not much of an effort for the technically sound persons but definitely not in the scope of those from a non technical perspective... 

View full review »
DM
Head of Department of operational and compliance at ACE GABON

I haven't experienced many problems when dealing with the solution, so I don't know if there are areas that need improvement.

If a user doesn't have a large amount of experience in Linux systems, they will have problems using this solution. Users need to be highly skilled in troubleshooting competency. Users who do not have such skills will find the product difficult to use.

Sometimes if your network goes down, you might experience an issue on the captive portal. This may require a restart and it also may require that you load it again. I'm used to the system, so I know what to do, but it can happen from time to time.

It can be really easy  to deal with Technical support. Technical support is avaible every time I call . But sometime if Technical support do not privide you the solution, so you should double check and solve the issue by your self.

View full review »
KV
Network and Office Manager at Belgo Metal CW n.v.

A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion.

There are a few features not included, and when you have to use those features, you have to pay for them.

I know that I should change the current pfSense solution. I should change it because we have only one key port on it. Our internet access also has a key port now, I should have two key ports, one to the LAN and one to the WAN.

Therefore, I want to change it, because it gives us less speed. I could provide the speed, but there are not two key ports on it. Therefore, I now have to choose a new pfSense solution, or I could look at another vendor similar to what we have.

View full review »
it_user266880 - PeerSpot reviewer
Senior System Administrator at a government with 501-1,000 employees

Kernel support for laptop features, USB/Firewire ethernet cards, and specially built in WLAN cards. If the WLAN functions work properly, pfSense makes a perfect "repeater" or controlled and robust accessed point with built in QoS and firewall. Wider support for 3G and 4G USB cards as backup networks would be nice too. It was impossible to get some USB stuff to work.

View full review »
BO
CEO at In.sist d.o.o.

Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually. It would be more user-friendly if things were set automatically. 

The drop in performance can be drastic when you use more advanced techniques. There is some trade-off between having a certain level of security and maintaining acceptable performance.

View full review »
Victor Hugo Morales Vivas - PeerSpot reviewer
Jefe de Infraestructura y Servicios de TI at Grupo ASD

It was difficult to configure our web printer through the solution. This process could be easier. Additionally, integration with SD-WAN solution.

View full review »
KK
Information Technology at a transportation company with 51-200 employees

I can't speak to if there are missing features. I'm not that familiar with it. 

The critical issue there for us was the lack of FIPs compliance, however, I don't know if that's something that they would consider adjusting for.

View full review »
TS
Principal at a tech services company with 1-10 employees

I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner. Unfortunately, it's not ready for pfSense, which is built on BSD, and WireGuard is not yet integrated with BSD. The issue is that pfSense is waiting for BSD to add WireGuard support. Once WireGuard is supported on BSD, you can bet pfSense will adopt it. 

View full review »
VO
Head Of Infrastructure at a transportation company with 201-500 employees

The hotspot and the portal feature in this solution are not stable for WiFi access. We use it at least once or twice every day and it crashes. Some modules can be better by improving detection and having new updates. Additionally, we have some issues with clustering and load balancing that could improve.

In a future release, they could redesign the policies because we need to write inbound and outbound simultaneous policies. They could change it to one policy, such as in FortiGate, Sophos, and Cyberoam. In these firewalls, we add rules in one way, and they add rules automatically. However, in this solution, we need to write every policy manually. 

They can improve in site-to-site tunnels with other devices, such as Cisco or FortiGate. It is not very easy to set up VPNs for site-to-site tunnels.

There have been some problems we have been facing with BGP routing that needs to be improved.

View full review »
BO
CEO at In.sist d.o.o.

There's always room for improvement. In general terms, for someone who is not familiar with the product I think ease of use could be improved. When you're connecting, the interface is very difficult for an inexperienced user in the sense of setting everything up, as it all has to be set manually. I've also found that the more features you use influences performance and the drop can be drastic when you use advanced features. I want to achieve a certain level of security and at the same time maintain good performance.

The solution is feature rich enough, but one of the things usually outside the UTM system or gateway system is SIEM. It's an advanced system for managing the possibilities and it would be nice to have a kind of interface in the UTM, to enable connectivity with most SIEM systems.

View full review »
VG
CEO and Founder at Indicrypt Systems

The user interface could be improved, it's a bit clumsy and clunky.  

View full review »
CV
National IT Coordenator at a government with 51-200 employees

The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus. For example, pfSense could add templates with firewall policies that a user can customize. I haven't tried to integrate pfSense with Microsoft Active Directory, but in Mozambique, we use many Kaspersky antivirus solutions. If pfSense integrated with these antivirus solutions, everything would be much more stable because most of the companies here have a different kind of security solution. Within a single company, you might find two or three different antivirus suites. So, for example, there could be an open-source solution that you get for free, but you can pay for the support if you want it. So for solutions like that, it would be great.

View full review »
HT
Founder and MD at Smart Solution

It has everything I need, but the main drawback of pfSense is that it's not user-friendly. I hope to have something to make the interfaces more user-friendly. I would also like to see some documentation that can help with use cases or that has advice and tips. I have found some documentation available but it's usually from an earlier version. If they develop this, pfSense will be the best. The only thing that Fortigate is better than pfSense is that they have 24/7 support. pfSense also needs improvements in the intrusion detection area.


View full review »
Ramy Mahmoud - PeerSpot reviewer
IT Support Specialist at SWATX

Netgate pfSense needs to improve the configuration for a VPN. 

View full review »
CA
Owner and business consultant at networks srl

I tried pfSense, and it has a big issue with file system consistency, and this is what drove me to OPNsense. The file system stability is quite a big issue for us. We have a lot of outages related to power issues, and OPNsense is much more stable on this side.

I would like it to be more stable on the file system part. It also has an issue with the ARP publishing, but it's common to BSD, and some providers experience issues with Layer 2 connectivity.

View full review »
RJ
Senior Systems Administrator at a non-tech company with 51-200 employees

Layer 7 filtering has been taken away from pfSense. They would like us to use Snort, which is a good thing, but I would like them to make the Layer 7 thing easier.

The one reason that we did not go with pfSense is that it is not centrally managed like Meraki, where you log into the website and can see all your services there. This is the only reason why we are going with Meraki.

We would like to be able to see is all the configurations from a central interface on all our pfSenses.

View full review »
EG
Defensive Security & BlueTeam at Global Research CO

The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them.

View full review »
AO
Systems Administrator at AB Edsbyverken
  • The central point of management, like the long-rumored pfCenter.
  • Better parsing of logs: At the moment, you have to use an external server for this if you want a deeper analysis. 
View full review »
FB
Infrastructure Administrator at CFA-INSTA

The configuration of the solution is a bit difficult.

View full review »
TS
Principal at a tech services company with 1-10 employees

I've never tried it in large environments. All my clients are small businesses with a handful of employees, so I am not sure how it works in large environments. I keep up with recent versions, and there's nothing I'm waiting for, and nothing breaks when I get a new version.

View full review »
it_user224253 - PeerSpot reviewer
Network Engineer at TLCWEB S.R.L.

Compatibility with virtualization system (like VMWare, Proxmox and so on and so forth); in some cases, it can create conflicts with virtualized hardware, and configuration export (sometimes the XML file creates a conflict with the hardware network MAC address).

View full review »
it_user700119 - PeerSpot reviewer
HTS Engineering - Heat Transfer Solutions at a construction company with 201-500 employees

There were some bugs in the version we used.

View full review »
it_user694707 - PeerSpot reviewer
IT Director

The GUI could use more “bells and whistles”. It's got plenty of info for a Sysadmin but some people like shiny things.

View full review »
it_user485088 - PeerSpot reviewer
Infrastructure Manager at a engineering company with 501-1,000 employees

Easy to deploy and easy to use, although the support of the community in the forums is excellent and there is always a solution

View full review »
EM
Sans emploi at a pharma/biotech company with 51-200 employees

The integration could be improved.

View full review »
DV
IT Infrastructure Analyst at TranspoTech Equipamentos

The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time.

View full review »
JG
Vice President - Engineering & Delivery at a tech services company with 51-200 employees

As an IT leader, it would be a benefit to have a mobile application to have certain features, such as mobile application notifications when a new device is added, or the ability to turn off or on firewall policies. Having these simple features would be very convenient and reduce the need to have to log into the console. I can use a web browser on my phone to access the pfSense site but I would prefer to have an application where I can toggle things, such as the policies. Some simple features within a mobile application would be valuable to me. I have evaluated other solutions and have determined this feature does not currently exist. However, Untangle has an application but it was not enough to compel me to change at this point.

In an upcoming release, the reporting could be more user-friendly. For example, the reporting in graphs and charts for the host can be cumbersome.

View full review »
MA
CEO at a tech services company with 1-10 employees

The main problem with pfSense is that we have to use proxy solutions. They don't have features like Layer 7 filtration. We can't filter based on applications. For this reason, we need to work with solutions from Cisco like OpenAPPID that help pfSense understand similar applications. For example, if I have to block WhatsApp, I need to use a third-party solution like OpenAPPID to help it understand what WhatsApp is. This capability is not native to pfSense, so I have to use another solution, like an add-on. I think that the proxy is the main problem with pfSense.

pfSense doesn't implement SD-WAN solutions. Competitors have this feature. If pfSense began doing this, it would be a big improvement.

View full review »
DS
CTO, Software Architect, founder at a tech services company with 11-50 employees

We did have a strange issue with an update at one point, however, that was resolved quickly.

If you want to take advantage of all of the solution's options, you need to have a bit of a technical background. It's not for a layperson.

You do get a good solution for free. However, the trade-off is you need to be technical to really take advantage of it.

The installation could potentially be faster.

View full review »
JL
Managing Director at VPN Technologies

This product needs improvements with respect to reporting and auditing.

View full review »
it_user700161 - PeerSpot reviewer
IT Systems Engineer at a manufacturing company with 201-500 employees

I would like more add-ons/packages for extending pfSense which are approved by the main community.

View full review »
TO
Managing Director at a comms service provider with 1-10 employees

There is a need to increase the technology on the area of WAF, the web application firewall. I would like to be more knowledgeable about the firewall, so I may best use it to solve customer problems. 

The integration should be improved. 

View full review »
MN
Owner at it logic

They do not provide support in India.

The security could be improved.

View full review »
HP
Engineering Manager at UTI Tech SA de CV

Many people have problems setting up the web cache for the web system.

They should put an anti-spam in a web application firewall.

View full review »
it_user511632 - PeerSpot reviewer
Owner with 51-200 employees

Reporting and real-time monitoring, since I'm used to Watchguard's reporting features, it would be nice to have an embedded solution for reporting. 

View full review »
it_user388629 - PeerSpot reviewer
Head of Operations at a tech services company with 51-200 employees

Whenever a new version rolls out, there are hidden bugs. That's why we normally run a version behind for a little while before rolling into the current build.

View full review »
it_user307602 - PeerSpot reviewer
Snr. VOIP Specialist at Digital Globe Services

As per my understanding VPN, Captive Portal user-level and MAC-level filtering need to be improved.

View full review »
it_user380763 - PeerSpot reviewer
Help desk Support Analyst at a energy/utilities company with 501-1,000 employees

The load balancing can be improved as it uses tier levels to balance. For it to function most effectively, you often need to have the same bandwidth on the ISPs.

View full review »
it_user277146 - PeerSpot reviewer
IT Specialist at a tech services company with 501-1,000 employees

So far, from my point of view everything is working perfect!

View full review »
it_user224265 - PeerSpot reviewer
Responsable IT & RMQ at a comms service provider with 51-200 employees

I always need to open different graphs on different windows of the web browser to have an overview,  Therefore, it would be good, if it is possible, to have a customizable, large dashboard.  At the moment though, the others options are good because I am a beginner with the pfSense.

View full review »
RS
IT Manager at a consultancy with 1-10 employees

I expect a better interface with more log analysis because I create my own interface.

View full review »
AS
Director at Pixels IoT Ltd

I'd like to see some instructional videos as opposed to documentation. It would be helpful for beginners and start-up companies. 

View full review »
MH
Owner with 11-50 employees

There are some bias issues and some intrusions in our network that have to be addressed. So, we're thinking of changing this firewall to something like a professional hardware-enabled firewall.

View full review »
HH
IT Infrastructure Analyst at ADRA Peru

The main problem with pfSense is that it lacks adequate ransomware protection. I would also like pfSense to be more robust like Cisco or Fortinet.

View full review »
KN
Owner at a tech services company with 11-50 employees

Right now we have to use a lot of third party plugins with other providers that have their own built-in features so I'd like to see layer 7 advanced firewall features included in the solution. It would definitely improve the product. 

View full review »
it_user219210 - PeerSpot reviewer
System Administrator at a tech services company with 51-200 employees

I think that areas for improvement are not closely related with the work of pfSense but with its components, meaning the packages. I am faced with little problems when I install none-recommended (beta) versions. But, I also understand that these versions are mostly for developers, who are trying to contribute their best efforts for open source.

View full review »
it_user219480 - PeerSpot reviewer
IT Administrator at Sharif Medical City

VPN ability needs to be improved.

View full review »
ET
Senior System Administrator at KnowledgeNet

pfSense has some limitations in detecting site sessions. We want to control internet usage based on sites and their content, and pfSense doesn't perform this function.

The site itself could be improved; it's not easy to find the things that you want to implement and apply.

It would be good if it had more features like Sophos does.

View full review »
AL
NOC Manager at a tech services company with 51-200 employees

The router monitoring needs improvement when compared with Sonicwall.

I would like an API that can sync to SolarWinds because we use SolarWinds for our monitoring platform. It would be great to be able to do all of the monitoring from SolarWinds instead of logging into the application to monitor it. It would be a nice feature to have.

View full review »
ES
IT analyst with 1,001-5,000 employees

The access control aspect of the product could be improved. There should be more control over everything that the user is doing. It should be able to log and report on everything users are doing. 

The product no longer complies with new rules in Brazil. Therefore, we need to move off the solution.

View full review »
SM
System Analyst at a tech services company with 11-50 employees

As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me.  

Integration with other products could be improved. It needs log research integrated within it to make it more useful for our purposes.

View full review »
it_user834579 - PeerSpot reviewer
student at a university with 51-200 employees

The product is good in many of its departments, but this should make HTTPS filtering more efficient since Squid falls short when using man in the middle. It works, but it is not 100% efficient. It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology.

View full review »
it_user223011 - PeerSpot reviewer
Systems Engineer II at a tech services company with 51-200 employees

I think the dashboard/interface could be improved and the ability to manage it from a mobile platform.

View full review »
RG
CEO at a tech services company with 11-50 employees

They could improve their commercial stance and be more agile when it comes to the commercial pricing of enterprise deals.

For a feature update, they should increase the API integrations into decentralized identity platforms making it stronger.

View full review »
AO
System Implementer at a tech vendor with 201-500 employees

ClamAV AntiVirus can cause some crashes. That service should be improved.

View full review »
it_user831174 - PeerSpot reviewer
Student

More regular patch updates, because this is very important for a firewall.

View full review »
it_user819144 - PeerSpot reviewer
Consultant

Services on additional features: 

  • SNMP Network Management 
  • Managing inventory
  • Generating IT reports.
View full review »
it_user803556 - PeerSpot reviewer
Analista Senior at a tech services company

pfSense serves us very well. My only observation is about the quality of the IPSec logs, which are difficult to interpret and are poor in filters. I have more than 10 IPSec VPN connections, and when there is a need for troubleshooting, the logs are of little help.

View full review »
LC
Specialist in IT Infrastructure, Networks and Software Quality at a tech services company with 51-200 employees

The connections should be shown in a more specific way, as Kerio Control does. It should integrate with LDAP, Active Directory, etc, to improve the way in which the traces and connections of each IP, or user connected through the firewall, are shown.

View full review »
it_user429552 - PeerSpot reviewer
Works with 51-200 employees

A way to clean squid cache from the GUI.

View full review »
it_user284163 - PeerSpot reviewer
System Administrator at a media company with 1,001-5,000 employees

I'm no expert on this subject, and the OS performs all that is required.

View full review »
CT
IT Consultant at a tech services company with 1-10 employees

I would like to see the dashboard modernized.

If you look at some of the other providers, their dashboard is more modern looking.

Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement.

View full review »
DJ
Full Stack Developer at Infrassist Technologies Pvt. Ltd.

The stability could be improved. Whenever there is an update, in spite of developments I may have made, I am required to make certain changes to the coding. 

View full review »
it_user280953 - PeerSpot reviewer
Network Engineer at a tech services company with 51-200 employees

FTP was not allowed, and it didn't indicate during set up whether FTP was to be allowed or disabled.

View full review »
it_user229803 - PeerSpot reviewer
CEO & Founder at a tech services company with 51-200 employees

RadiusServer needs some work done.

View full review »
it_user221874 - PeerSpot reviewer
Manager IT at a energy/utilities company with 501-1,000 employees

Proxy filters are not supported for the blocking of HTTPS sites.

View full review »
it_user79791 - PeerSpot reviewer
Network Admin at a tech consulting company with 51-200 employees
Graphic report implementation tool (now possible with extra software) View full review »
it_user279654 - PeerSpot reviewer
Network and Transmission Engineer at a tech services company

Load balancing of multiple networks

View full review »
it_user225414 - PeerSpot reviewer
IT Executive cum ICT Consultant at a healthcare company with 51-200 employees

I was satisfied with the overall features of the product, considering the limited capacity of our hardware at the time. It's probable that an improvement can be made to the user friendliness of the interface.

View full review »
RB
Senior Systems Engineer at KeyTrust
  • I would like to see multiple DNS servers running on individual interfaces. 
  • It would be useful to manage firewall policies on a source interface and destination interface basis.
View full review »
FA
System Administrator at a tech services company with 51-200 employees

It would be great to add more to security.

I know that pfSense has a lot of features, but I don't know how to configure and enable them. That is why I am looking into my support options. I am looking for better security and performance.

View full review »
it_user1136043 - PeerSpot reviewer
IT Manager at alfascan

We would like to see ready-made profiles to cover most users' needs. 

View full review »
it_user223023 - PeerSpot reviewer
IT Administrator at a tech services company with 51-200 employees

I think the product has improved greatly, so I actually don't know.

View full review »
RH
IT consultant at a tech services company with 1-10 employees

The solution could improve by having centralized management and API support online.

View full review »
RN
Solutions Architect at a tech services company with 51-200 employees

The domain blocking lists need to be improved. The supported list for domain blocking is community-maintained, and I would like to see something from the manufacturers of pfSense that is a little more global.

I would like to see different graphs available in the reporting.

View full review »
it_user499617 - PeerSpot reviewer
Managing Director at a comms service provider with 51-200 employees

We just did not like its QoS interface.

View full review »
it_user800241 - PeerSpot reviewer
CEO with 11-50 employees

Improve analysis of logs and dashboards (control panel) with improved alert functionality.

View full review »
it_user339831 - PeerSpot reviewer
System Administrator at a tech services company with 1-10 employees

The firewall feature could be improved.

View full review »
Buyer's Guide
Netgate pfSense
March 2024
Learn what your peers think about Netgate pfSense. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.