IT Central Station is now PeerSpot: Here's why

pfSense OverviewUNIXBusinessApplication

pfSense is #2 ranked solution in best firewalls. PeerSpot users give pfSense an average rating of 8.6 out of 10. pfSense is most commonly compared to OPNsense: pfSense vs OPNsense. pfSense is popular among the large enterprise segment, accounting for 49% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 41% of all views.
pfSense Buyer's Guide

Download the pfSense Buyer's Guide including reviews and more. Updated: July 2022

What is pfSense?

pfSense is a free and open-source operating system for routers and firewalls, and is typically configured as DHCP server, DNS server, WiFi access point, VPN server, all running on the same hardware device. It is operated through a user-friendly web interface, making administration easy even for users with limited networking knowledge.

In addition, pfSense is feature-rich, has a mature platform, is customizable, is flexible by design, and can be used on a small home router as well as run the entire network of a large corporation. pfSense puts you in control of your networking, is regularly updated, and works to promptly patch security issues. pfSense has recently become the favored alternative to the industry leader, Cisco.

pfSense is:

  • Robust
  • Powerful
  • Easy to use
  • Secure
  • Scalable

pfSense Key Features

pfSense has many key features and capabilities, including:

  • Strength and accuracy: pfSense is able to always follow either default or custom rules, making it a stronger firewall than some of its competitors. It also filters traffic separately, whether it’s coming from your internal network of devices or the open internet, allowing you to set different rules and policies for each.

  • Flexibility: pfSense can work both as a basic firewall and as a complete security system because it gives you the flexibility to integrate additional features as code where necessary.

  • Open-source: Because it is open-source, not only is pfSense free to use, but community members can contribute to the code to make it a better software.

  • User-friendly: Usually firewall products are not user-friendly because they often include complex settings, options, and features that require fine-tuning. pfSense’s interface is simple, direct, and easy to use.

  • WireGuard Support: Instead of building your own VPN using pfSense, or settling for a commercial VPN provider, you can directly integrate WireGuard with the pfSense firewall.

  • Speed Management and Fault Tolerance: pfSense’s multi-WAN feature allows your system to continue operating in case components fail.

  • Well-supported: pfSense regularly has security and feature updates. It also has a documentation site and a well-informed and knowledgeable support forum.

Reviews from Real Users

Below is some feedback from PeerSpot Users who are currently using the solution.

Bojan O., CEO at In.sist d.o.o., says, “The classic features, such as content inspection, content protection, and the application-level firewall, are the most important."

Another PeerSpot user, a chef at a media company, explains what he finds most valuable about pfSense: "The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is."

T.O., a VP of Business Development at a tech services company, mentions, "What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor."



pfSense Customers

Nerds On Site Inc., RKC Development Inc., Expertech, Fisher's Technology, Ncisive, Consulting, CPURX, Vaughn's Computer House Calls, Imeretech LLC, Digital Crisis, Carolina Digital Phone, Technigogo Technology Services, The Simple Solution, SwiftecITInc, Rocky Mountain Tech Team, Free Range Geeks, Alaska Computer Geeks, Lark Information Technology, Renaissance Systems Inc., Cutting Edge Computers, Caretech LLC, GoVanguard, Network Touch Ltd, P.C. Solutions.Net, Vision Voice and Data Systems LLC, Montgomery Technologies, Techforce, Concero Networks, ASONInc, CPS Electronics and Consulting, Darkwire.net LLC, IT Specialists, MBS-Net Inc., VOICE1 LLC, Advantage Networking Inc., Powerhouse Systems, Doxa Multimedia Inc., Pro Computer Service, Virtual IT Services, A&J Computers Inc., Envision IT LLC, CommunicaONE Inc., Bone Computer Inc., Amax Engineering Corporation, QPG Ltd. Co., IT 101 Inc., Perfect Cloud Solutions, Applied Technology Group Inc., The Digital Sun Group LLC, Firespring

Archived pfSense Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
System Analyst at a tech services company with 11-50 employees
Real User
Top 20
Cost effective, with an easy setup, but not suitable security at the gateway level
Pros and Cons
  • "The initial setup is easy."
  • "As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me."

What is our primary use case?

We primarily use the solution basically for the firewall, UTM content versioning, bandwidth shaping, routing, and IPS.

What is most valuable?

The solution is an open-source product, which makes it very cost-effective.

Overall, it covers all of the requirements our organization has at this time. 

The initial setup is easy.

What needs improvement?

As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me.  

Integration with other products could be improved. It needs log research integrated within it to make it more useful for our purposes.

For how long have I used the solution?

I've been using the solution for three years.

Buyer's Guide
pfSense
July 2022
Learn what your peers think about pfSense. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
622,358 professionals have used our research since 2012.

What do I think about the stability of the solution?

The stability is questionable. There are glitches. Since no one is really managing the solution, and no one takes ownership of it, there aren't many fixes that happen on it.

What do I think about the scalability of the solution?

We have about 500 people who are taking advantage of the solution within our organization.

The solution is quite scalable. We looked into scaling and found it would be easy enough to achieve if we decided to go ahead and do so in the future.

How are customer service and support?

We've never contacted technical support int he time that we have used the product. I can't speak to any level or service they provide.

Which solution did I use previously and why did I switch?

We did previously use a different solution before switching to pfSense. We originally switched to this solution due to the fact that it was so cost-effective.

How was the initial setup?

The initial setup of the solution is not complex at all. It's quite straightforward. It's also not our primary firewall. We have another solution for that. This operates as our secondary firewall, and we were able to add it rather easily into our security network.

Deployment is very quick. It only took us an hour or so to set up.

Our provider handled the maintenance for us as needed. We don't handle that in house.

What about the implementation team?

We had a few consultants and a list of vendors that assisted us in the process of procurement and implementation.

What's my experience with pricing, setup cost, and licensing?

The solution is open-source and therefore the solution is very cost-effective.

What other advice do I have?

We're just using this solution; we don't have a relationship with the vendor.

In terms of the version of pfSense we are using, we have that basic boss, 1.0 however, that is behind the firewall. The firewall which we were using is UTM1240B.

While we are satisfied with the netting features and the bandwidth controlling and routing, we find cannot expose our entire network to pfSense as there's no underlying ownership fo the product itself. We prefer a hardened firewall.

Due to the fact that it is an open-source solution, no one at an enterprise-level would ever think of putting pfSense at the gateway level or even at the main level. I would definitely recommend pfSense as the second lane of action, just not on a workload.

I'd rate the solution six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Kenwyn Nero - PeerSpot reviewer
Owner at IKON Business Group, Inc
Real User
We have good firewall protection and use this as our gateway device
Pros and Cons
  • "Good basic firewall features."
  • "Layer 7 advanced firewall features are not included in the solution."

What is our primary use case?

We have a hosted platform with our client. We've built a VPN site and the solution is deployed as a VM. The client connects to it and it protects anything that's behind it like a regular firewall. Everything we have there is hosted in a data center, all our servers and things that clients connect to. So we're using it as our gateway device. We are customers of pfSense and I'm the owner of our company. 

What is most valuable?

I like the site-to-site VPN and the basic firewall features.

What needs improvement?

Right now we have to use a lot of third party plugins with other providers that have their own built-in features so I'd like to see layer 7 advanced firewall features included in the solution. It would definitely improve the product. 

For how long have I used the solution?

We've used pfSense over the past three years. 

What do I think about the stability of the solution?

The stability is very good, it's just that it's not as easy to use as SonicWall. There are limits as to who we can put to work on the solution, a limited number of our engineers work with it.

What do I think about the scalability of the solution?

The solution is very scalable. We don't sell pfSense to the end users, we use it ourselves. Our clients have SonicWall but the whole company benefits from the firewall. 

How are customer service and technical support?

We've never used technical support but we're looking into it now and I think it's very comparable to SonicWall.

How was the initial setup?

It's harder to set up pfSense than SonicWall. Only a couple of people in our company can do that. 

What's my experience with pricing, setup cost, and licensing?

We are currently using the open source solution so it's free. 

What other advice do I have?

There's a learning curve to this solution, it's not as simple to use as some of the other GUI based firewalls. You need to play around with it a bit. 

I would rate this solution an eight out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
pfSense
July 2022
Learn what your peers think about pfSense. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
622,358 professionals have used our research since 2012.
Manager, Operations at SUS-TECH Limited
Real User
Robust but complex and requires quite a bit of technical knowledge
Pros and Cons
  • "The solution is very robust."
  • "The solution requires a lot of administration."

What is our primary use case?

The solution pretty much is our only firewall security at the moment. It handles the integration with our active directory and makes sure that all communications are channeled through a secure network.

What is most valuable?

The solution is very robust.

What needs improvement?

The solution can be complex. It needs a bigger team with more coding skills than what we have at our disposal. With our skillsets, we're facing a lot of limitations. We're a team of four who handles 12 independent companies under a larger umbrella. Our workload is already quite high. We need solutions that lessen it, not enhance it.

The solution requires a lot of administration.

The solution would work better for us if the user interface had some kind of unifying feature that didn't just do firewalls. Sophos, for example, offers so much more. You get one license and you're good to go. Everything's handled from the anti-virus to the network and the traffic and monitoring. Sophos is really user friendly and easy to master. It's easy to get rules put in. pfSense offers none of these things beyond just the firewall capabilities. 

For how long have I used the solution?

We've been using pfSense as of early last year, around about February 2019. It's been just over a year.

What do I think about the scalability of the solution?

We have about 350 people at our organization that this solution covers.

How are customer service and technical support?

Although the solution offers a lot of documentation, has a large knowledge base, and has a support forum, when it comes to actually contacting technical support directly, we didn't have access to that level of attention. Everything, therefore, was really on the team. We had to figure out how to troubleshoot on our own and tried to use documentation to guide us.

Which solution did I use previously and why did I switch?

We originally used this solution way back in 2011. We used it for about 18 months. Then we then migrated on to a system called Kerio Control. We realized that we needed something a little bit more robust than Kerio Control. So we then moved back to pfSense as of last year.

How was the initial setup?

The deployment didn't take too long. I have experience in pfSense, as does my junior. We were able to deploy it within a couple of hours - at least for what we wanted it to do off the bat.

Basically, you need to get all the rules together. We were able to do that within a couple of hours. Obviously, I must say, if we wanted to do a lot more, it would take us quite some time. Unfortunately, we're quite a small team, so we've got quite a lot on our plate and we just honestly did not have the time to get really granular. 

That's the reason why we're moving to something a little bit more user friendly for our size.

What other advice do I have?

We're just users of the product. We're not consultants or resellers.

It's your basic firewall setup. However, when we looked at Sophos, we found that Sophos offered a lot more as it's a fully unified solution and had a firewall, as well as anti-virus and network monitoring capabilities.

This solution really gives us a greater extensive array of modules or features than we would not necessarily see in managing the system as administrators. The solution is quite extensive in that there was a lot of material that we had to read about. It just was not user-friendly for the team. We needed a solution that can handle itself without our intervention.

I'd rate the solution five out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Davy MOUSSAVOU - PeerSpot reviewer
Head of Department of operational and compliance at ACE GABON
Real User
A very good firewall with excellent VPN and captive portal capabilities
Pros and Cons
  • "The most valuable features are the VPN and the capture photo."
  • "If a user doesn't have a large amount of experience in Linux systems, they will have problems using this solution. Users need to be highly skilled in troubleshooting competency. Users who do not have such skills will find the product difficult to use."

What is our primary use case?

I use pfSense as a firewall. I use it also as a VPN server and for the captive portal. Those are the main purposes.

How has it helped my organization?

It's difficult to say how it has made a difference in my organization.

What is most valuable?

The most valuable features are the VPN and the captive portal. Captive portal and VPN are easy to deploy.

What needs improvement?

I haven't experienced many problems when dealing with the solution, so I don't know if there are areas that need improvement.

If a user doesn't have a large amount of experience in Linux systems, they will have problems using this solution. Users need to be highly skilled in troubleshooting competency. Users who do not have such skills will find the product difficult to use.

Sometimes if your network goes down, you might experience an issue on the captive portal. This may require a restart and it also may require that you load it again. I'm used to the system, so I know what to do, but it can happen from time to time.

It can be really easy  to deal with Technical support. Technical support is avaible every time I call . But sometime if Technical support do not privide you the solution, so you should double check and solve the issue by your self.

For how long have I used the solution?

I've been using the solution for about five or six years. 

What do I think about the stability of the solution?

The stability isn't bad, but there can occasionally be bugs within the system. The likelihood is lessened if you follow a few key protocols.

It's important to have a proper license, otherwise, you run the risk of bugs.

It's important to upgrade the solution regularly. This also helps users avoid running into bugs. If you experience a bug, it's a good idea to check the release and make a grid.

Those that have experience in troubleshooting will benefit from their knowledge when using this solution. Sometimes packages will not work and you'll have to be strategic with workarounds.

How are customer service and technical support?

The support can be really difficult to deal with. I wouldn't say that we have been satisfied with them in any way.

How was the initial setup?

It's not very complex to set up. However, it can become complex as you're using it, and when you are learning the systems. In that sense, it might not be straightforward for everyone.

When it comes to using pfSense, you need to have extreme skills in Linux and in troubleshooting. If you don't have any form of troubleshooting competency, it could be very difficult to use, and very hard to set it up.

What about the implementation team?

I'm very proficient in the solution. I managed the implementation on my own. We didn't need to hire a consultant or bring on an integrator or reseller.

What's my experience with pricing, setup cost, and licensing?

The pricing of the solution is fair. I've also paid for a license that includes Entreprise support. Our license lasts for two years.

What other advice do I have?

We're just customers. We don't have a special relationship with the solution. We just use it on a regular basis.

I'm not sure if I'm using the latest version of the solution or not.

I'd rate the solution ten out of ten since I've never had any major issues with it.

The biggest thing a new user or company needs to be aware of, however, is that whoever the team is that's using it, they need to be very experienced Linux users. The system will be extremely difficult otherwise.

New users will need patience. However, it is easy to use due to its very good web interface. It's also easy to deploy and the process can be handled quickly. There's no need to have a really big fancy long-winded deployment process. That said, especially if you are using it within a complex Linux environment, you absolutely must have high skills in both Linux and security.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Solutions Architect at a tech services company with 51-200 employees
Real User
Easy to install, good support, and good value for the price

What is our primary use case?

We use pfSense for our firewall protection.

What is most valuable?

The most valuable features are ease of installation and support.

What needs improvement?

The domain blocking lists need to be improved. The supported list for domain blocking is community-maintained, and I would like to see something from the manufacturers of pfSense that is a little more global.

I would like to see different graphs available in the reporting.

For how long have I used the solution?

We have been using pfSense for two months.

What do I think about the stability of the solution?

pfSense is quite stable. It is one of the pros.

What do I think about the scalability of the solution?

The scalability is very good, where you can do an HA configuration and then bring in another box, if necessary. We have ten users in the organization.

We get very little usage and have no plans to increase it.

How are customer service and technical support?

The technical support is A+, pretty good.

How was the initial setup?

The initial setup was straightforward.

What's my experience with pricing, setup cost, and licensing?

This solution provides enterprise-level features at a fraction of the cost of an enterprise firewall.

What other advice do I have?

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user1136043 - PeerSpot reviewer
IT Manager at alfascan
Real User
Provides more control and a deeper insight into network traffic

What is our primary use case?

We use this solution as our firewall, proxy, IDS, IPS, and VPN.

How has it helped my organization?

This solution has increased the level of security, given us more control, provided a deep insight into network traffic, and is a great VPN solution.

What is most valuable?

The most valuable features are the Proxy IPS and VPN.

What needs improvement?

We would like to see ready-made profiles to cover most users' needs. 

For how long have I used the solution?

Three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Managing Director at VPN Technologies
Real User
Protects our network from attacks

What is our primary use case?

Our primary uses for this solution are as a network firewall and a VPN Server. 

How has it helped my organization?

This solution has helped our organization by protecting our network from attacks.

What is most valuable?

The most valuable feature is the proactive network protection.

We also find the following components valuable:

  1. pFBlocker
  2. Squid
  3. SquidGuard
  4. Firewall

What needs improvement?

This product needs improvements with respect to reporting and auditing.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Ray Ost - PeerSpot reviewer
CEO at Private
Vendor
The terminal gets access to our own server inside the network and if one internet fails, then the other one is still up
Pros and Cons
  • "I had some outages in the network and we provide services for our company. We sell mobile credits. The terminal gets access to our own server inside the network and if one internet fails, then the other one is still up and we have a back-up link on the devices."
  • "Adjustment in the interfaces: I had to adjust those interfaces manually and of course that is a great feature that you can restore it but it is immediately also one point for improvement. If you don't have to adjust, if it's just stamped and it works, that's great."

What is our primary use case?

I had an appliance that died six months ago. Then I didn't want that hardware anymore, so I bought two new servers. A single power supply but dual on a network with three times four network cards. On that, I installed the pfSense (Community Edition).

From inside to outside, I have about 15 to 20 node servers and users going outside. From outside to inside, I have only three tech support people, myself and two other ones. With regard to clients using the platform from outside to inside, on the servers inside, I have about 1000.

How has it helped my organization?

I had some outages in the network and we provide services for our company. We sell mobile credits. The terminal gets access to our own server inside the network and if one internet fails, then the other one is still up and we have a back-up link on the devices. 

If the devices cannot send the first IP address, they make use of the second IP address, which is the back-up link to access the servers. In terms of outages, ever since I used pfSense, I have that feature. 

In terms of experiencing delays, the server has the primary IP and the secondary IP configured on the client terminals. The total solution works.

What is most valuable?

I'm still experimenting with some new features. I want to do a high availability configuration. I haven't done that yet, but I'm using OpenVPN, it's very handy. 

What needs improvement?

Some suggestions for improvement of pfSense are:

  • Adjustment in the interfaces: I had to adjust those interfaces manually and of course that is a great feature that you can restore it but it is immediately also one point for improvement. If you don't have to adjust, if it's just stamped and it works, that's great.
  • With regard to the Community Edition, when I installed it, we use Proxmox as an equivalent of PMWorks and I installed the Community Edition in Proxmox. That was very difficult to get to work at first. A lot of tweaking. That is very, very not easy.
  • When I'm inside of my network and I go to a URL, the URL points to a server inside my network. It doesn't hang, but I don't get a response. It just stays blank. 
  • I can imagine that inside my network, I am going outside, and it points to the public address, so I can reach it. With eSoft, without any adjustment, it worked, and I was able to do that. I went to search pfSense for an option, and I had some documents open to read about how it is done, but it isn't clear enough. It's not that easy. I would appreciate it if I could get easy help on that.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

pfSense is very stable. My own disappointment is the appliance only worked for a year and two months. It might be just bad luck, but that was very disappointing.

I had to use pfSense Community Edition on a general desktop. That was done within three hours. It took me three hours just to get the hardware, download the software, and then set it up to get everything working again. 

After that, I ordered the new server with two servers: one has to be active and the other standby. I am going to try higher scalability on it using pfSense. 

The configuration is already on the servers. I did all this myself because of my experience. The utilization of the CPU, etc., it's very low. 

I like pfSense. It doesn't take too many resources and it's very stable.

How are customer service and technical support?

I did not utilize pfSense customer support. You have documentation, there is enough documentation online to get you through. I haven't actually used tech support. When I bought the appliance, I was entitled to one year of tech support. I never used it, it wasn't needed. 

Which solution did I use previously and why did I switch?

I previously evaluated eSoft by Untangle. Untangle is an open source company but you have to buy custom add-on's to get it to work. I bought eSoft and it's very good.

I am also the CEO of my company. This technical part, it's not my profession, but I get less and less time to invest, and more time playing around with this stuff. 

When we were growing, a small company, eSoft was small, so I needed a bigger one. I had to reset eSoft every week because of the growing traffic over it. I wanted a bigger one and it was not available. 

What I wanted to do was not possible with Untangle. Untangle was basic stuff. I bought the pfSense appliance and it's open source, but I support the project. 

I bought it and I got disappointed because I again wanted a bigger one. My first choice would be Cisco because of my background but Cisco is expensive.

eSoft was good. Before switching from eSoft to pfSense, Cisco at that time was not an option. 

Every software in our company, every desktop, every server, is open source. If it isn't CentOS then it's Red Hat or Ubuntu. 

Open source was preferred and pfSense was number one on the list.

How was the initial setup?

Ever since the first time I used it, it's very straightforward, it's very easy.

What about the implementation team?

My strategy was to get it connected to the internet first, then apply some rules for forwarding and VPN. 

The first one was very easy to set setup. VPN was not that straightforward but there is enough documentation to get you through it and that helped. 

In terms of time, the Community Edition took very long to install but once installed, to configure, it took around 15 to 20 minutes.

I did the setup all by myself. There is documentation online and that is sufficient. It's good enough, very good support in the documents.

What was our ROI?

If you haven't invested a lot of money, you will definitely see the return on investment with pfSense because you hardly spend anything, except for the hardware. 

With the appliances, pfSense should look into longevity issues. Your hardware should take, like Cisco's and others, years before they break. In terms of other retailer equipment, it's a safe bet towards pfSense.

That's why I purchased it but I have to look into the high availability. There is documentation of people that I know that are going to get it to work. I'm going to test it because that is our business that we are talking about also.

It should work because of the resale mobile credit for our customers. Another thing I will definitely try is the virtual IP because the virtual IP feature can bridge the two interfaces. The SSL certification is from Google. 

That was it for me, I'm 100% happy.

What's my experience with pricing, setup cost, and licensing?

I prefer appliance licensing with pfSense (Community Edition). 

  1. It's free. 
  2. It's very stable. 
  3. It's only on the hardware, it can be very fast.

Choose the appliances because it is nice to have the hardware cut out for it, i.e. the right hardware for the right software. 

Which other solutions did I evaluate?

I used to be a Cisco network expert. I used to train people and I've done some Cisco projects myself. I know Cisco by heart but I was less excited about Microsoft, so I went researching for open source solutions and I came across pfSense.

I was able to compare pfSense with Cisco. I used it for a client of mine as well, and it was interesting. After that, I started my own company and I came across pfSense again. 

I looked into pfSense. You have OPNsense from the Dutch and then you have pfSense. I've tried both and I like pfSense more.

What other advice do I have?

I definitely plan to increase using pfSense. I am going for a higher capacity. If power fails or one server dies, or one gateway dies, the other servers will take over seamlessly. That's the ultimate for us.

I would definitely rate pfSense an eight and a half out of ten. Definitely eight and a half, not lower, could be a bit higher. Because it's stable, it's good. If the small issues I've mentioned are worked on then I would go to a 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Founder and MD at Smart Solution
Real User
The intrusion detection capabilities work well
Pros and Cons
  • "My company mainly works in the health and educational domain, schools and universities. I prevent the improper use of content from schools and universities. I defend the medical records for the patients in our hospitals. That is the main use case for me for the firewall."
  • "pfSense is not user-friendly. I hope to have something to make the interfaces more user-friendly."

What is our primary use case?

My primary use case for pfSense is as a firewall. We also use it for intrusion detection, intrusion prevention, website filtering, and quality of service (QoS).

How has it helped my organization?

My company mainly works in the health and educational domain, schools and universities. I prevent the improper use of content from schools and universities. I defend the medical records for the patients in our hospitals. That is the main use case for me for the firewall.

What is most valuable?

One of the most valuable features of this solution is that it's almost entirely free and I can do everything with it.

What needs improvement?

It has everything I need, but the main drawback of pfSense is that it's not user-friendly. I hope to have something to make the interfaces more user-friendly. I would also like to see some documentation that can help with use cases or that has advice and tips. I have found some documentation available but it's usually from an earlier version. If they develop this, pfSense will be the best. The only thing that Fortigate is better than pfSense is that they have 24/7 support. pfSense also needs improvements in the intrusion detection area.


For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

I depend on and use VMware ESXi with vSphere in my deployment, virtualization. pfSense is more stable and reliable if you install it directly on the server, i.e. not being installed as a virtual machine. That makes it very stable.

What do I think about the scalability of the solution?

The scalability is good. You can integrate some nodes of pfSense but it's not very user friendly.

How are customer service and technical support?

I would be more relieved and more happy to have support. You need to have some people who can help you in any use case.

How was the initial setup?

Lots of reading and trial and error. It's tough for the network engineer, but it is magnificent in performance from my point of view.

What about the implementation team?

We implemented in-house. Not user friendly, but if you want to do anything you can do it with pfSense.

What was our ROI?

Free. Would purchase for better customer support.

What's my experience with pricing, setup cost, and licensing?

It is completely free.

Which other solutions did I evaluate?

We also evaluated Fortigate.

What other advice do I have?

I would rate this solution an eight out of ten. I give it this rating because of the rich features available. pfSense is free and I can do everything with it. It works as a firewall for servers also.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Alfredo Cornell - PeerSpot reviewer
Chief Technology Officer at Xpro Networks
Reseller
Compatible with VoIP platform and is easy to understand
Pros and Cons
  • "We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform."
  • "I would like to see SD1 integration into the software. That would be fantastic."

What is our primary use case?

We use pfSense as our firewall. 

How has it helped my organization?

We install it for clients that don't have a network available or the network is not ready for phone deployments. We're a phone company. We use pfSense to connect to the router and normally we connect clients to client VPNs, and then from there, we can have access to the internal network so that we can see all of the files.

What is most valuable?

We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform.

What needs improvement?

I would like to see SD1 integration into the software. That would be fantastic.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

The solution is pretty stable, that's why we use it. There aren't any problems.

What do I think about the scalability of the solution?

The scalability is fine. If you need to have a bigger client or something like that, it's simple. You do a backup and then you restore into a new appliance and go from there. 

How are customer service and technical support?

We provide technical support for our clients so we don't use a third party company for the support, we do the support in-house.

Which solution did I use previously and why did I switch?

We also use MikroTik, Barracuda, and StoneWall.

How was the initial setup?

The initial setup is fairly simple, not complex. We can get the deployment done in around half an hour. 

What about the implementation team?

We deploy pfSense for our clients. We have one technician maintaining the whole thing.

What was our ROI?

Our return on investment is fast. We see a return on investment from day one, it's a fairly cheap router.

What other advice do I have?

Any network engineer will understand how this solution works. It's not so complex to understand and be familiar with. It will require a certain level of networking knowledge to use it but we're at an enterprise level and we're a small-medium business and it works.

I would rate it a nine out of ten. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
Elie Cattan - PeerSpot reviewer
Elie CattanIT Specialist and Senior Consultant at Netserve
Consultant

pfSense's only current issue is that it's moving away from being open-source, otherwise I agree with all the above.

IT Manager & Sr. Application Programmer with 11-50 employees
Real User
It allows for both v1 and v2 IPSec configurations to secure your connections

What is our primary use case?

We use this at all of our locations as our edge device, IPSec site-to-site VPN functionality between our offices and our AWS EC2. No matter what is thrown at this, the system handles it like a champ. We have both dedicated hardware and virtualized versions running in our infrastructure. So far we haven't found a reason why we need to spend thousands for an appliance like Cisco ASA when this handles all of our needs.

How has it helped my organization?

We're a small business growing rapidly. We recently overhauled the IT infrastructure, and after looking at a number of other competitors, pfSense has been a lifesaver, allowing us to scale up and provide compliance without the need to purchase additional licenses to offer services to our employees.

What is most valuable?

There are so many packages you can install which extends pfSense's capabilities including consuming from lists such as FireHOL, Pi-Hole, etc. Here are a few packages we use:

  • IPSec: pfSense allows for both v1 and v2 IPSec configurations to secure your connections.
  • IPS: You can use Snort or Suricata along with Snort packages, even subscribe to commercial packages if you wish. This alone starts making pfSense on par with Cisco.
  • Proxy/content filtering: You can install Squid and SquidGuard to act as a proxy and content filter. Yes, it does filter HTTPS, and there's a number of ways you can do it out of the box.

pfSense also reformatted their logs so that they're compliant and standardized. We have our logs shipped to our SIEM and Logstash servers.

What needs improvement?

While I agree spam filtering is not included or an option with the system, I don't necessarily hold that against the product as there are a number of other services that do it far better than a firewall could. If you use Office 365, Microsoft's implementations are likely to be far superior to what you'll get from a firewall. However, with that said, the one item I wish it included, even if it was a subscription-based service, is the inclusion of an AV and/or threat intelligence. This would elevate the solution well above other alternatives. 

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

We have not encountered any stability issues and have upgraded to each version over the years. They've really made a rock solid solution.

What do I think about the scalability of the solution?

Extremely high. We tested it on VMs running different configurations from extremely lightweight to overkill. It will run on anything and maintain it's high performance. Obviously the more you give it, the more amazing the solution becomes. 

How are customer service and technical support?

I had one question, and they got back to me extremely quick. Not only are they knowledgeable about their product, but they're kind and courteous.

Which solution did I use previously and why did I switch?

Old and outdated infrastructure procured before I joined the company.

How was the initial setup?

Not only was it straightforward, but if you know nothing about firewalls, you can install this. Especially since they recently made their entire guidebook free to use. Not to mention the countless blogs and how to's. Low to intermediate level IT pros should be able to handle this baby.

What about the implementation team?

In-house.

What was our ROI?

From day one you get a 100% ROI. If all you have is an older server you recently decommissioned, with multiple NICs, I strongly recommend installing this software on it and giving it a shot. Doing that alone will beat out any competitor hands down.

What's my experience with pricing, setup cost, and licensing?

For the cost and what's included, you can't beat it, no way no how. If you're worried about enterprise solutions, the only thing you need to do then is to purchase a support contract, and you have an enterprise solution. You can even purchase hardware from the vendor if you choose.

Which other solutions did I evaluate?

Cisco, WatchGuard, Sophos, Fortinet, Untangle, Juniper.

What other advice do I have?

I strongly recommend giving pfSense a hard look. I've been in IT for 20+ years, and I've run the gambit on other firewalls. pfSense definitely can hold it's own against any of them. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer963351 - PeerSpot reviewer
reviewer963351IT Manager & Sr. Application Programmer with 11-50 employees
Real User

Yes you can use Squid and SquidGuard to act as your web/content filter. We have it running and are able to filter out HTTP and HTTPS. As far as App Filtering, you can setup Snort to filter out applications. See Netgate's blog for more information: https://www.netgate.com/blog/application-detection-on-pfsense-software.html

See all 2 comments
Anders Olsson - PeerSpot reviewer
Systems Administrator at AB Edsbyverken
Real User
It has good documentation with a fantastic community and enterprise support
Pros and Cons
  • "Super easy to manage. Anyone who has been working with firewalls can handle it."
  • "There is good documentation with a fantastic community and enterprise support."
  • "It needs better parsing of logs. At the moment, you have to use an external server for this if you want a deeper analysis."

What is our primary use case?

  • Firewalling
  • Routing
  • DHCP
  • Transparent proxy
  • DNS cache
  • VPN, etc.

How has it helped my organization?

  • Outstanding support
  • Great packages to expand the solution to your needs
  • The same config can easily be migrated to better hardware when you need it.

What is most valuable?

  • Super easy to manage. Anyone who has been working with firewalls can handle it.
  • There is good documentation with a fantastic community and enterprise support.
  • The strongSwan IPSec is a great implementation.
  • Proxy features are excellent (except MITM).

What needs improvement?

  • The central point of management, like the long-rumored pfCenter.
  • Better parsing of logs: At the moment, you have to use an external server for this if you want a deeper analysis. 

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

Our appliance is under constant heavy load by several services, and it's rock solid stable.

I had stability issues only with a GUI that used to hang. It didn't affect any services, but it was a little annoying that we needed to restart the PHP often.

What do I think about the scalability of the solution?

pfSense scales well.

How are customer service and technical support?

They are just fantastic. They usually respond super fast, and usually with a solution if you describe the problem correctly. In more complex situations, they will set up a personal lab environment based on the customer's case.

Which solution did I use previously and why did I switch?

We used to use a lot of different solutions.

After comparing a lot of solutions, the choice was Netgate pfSense.

How was the initial setup?

It is very straightforward and much easier than the previous Clavister FW. Config is easy. 

What about the implementation team?

99 percent in-house implementation and 1 percent Netgate implementation. Netgate has the highest level of expertise you can get.

What was our ROI?

This solution was about $150,000 cheaper than the closest competitor over a three year period. 

What's my experience with pricing, setup cost, and licensing?

All costs are low compared to other solutions. The hardware is stable and cheap.

There is no licensing fee except for the enterprise support, if you want it.

Which other solutions did I evaluate?

We evaluated Cisco, Fortinet, and Sophos.

What other advice do I have?

If you don't have a policy that says "only proprietary software" in your company, there is no reason not to go for pfSense. If you are still in doubt, take the cheap (and excellent) Netgate academy course. It's only for two days, and you will learn how to manage pfSense at a comprehensive level.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Systems Engineer at KeyTrust
User
Perform packet captures on the command line and via the GUI which is useful for diagnosing problems

What is our primary use case?

  • We only use our pfSense as a stateful packet inspection firewall. 
  • We have around 10 VLAN interfaces with many allow/block policies, VIPs, and NATs. 
  • Running on VMware as a virtual machine.

How has it helped my organization?

The main improvement was we were able to replace our old hardware-based firewall with a virtual machine having HA.

What is most valuable?

The ability to perform packet captures on the command line and via the GUI is useful for diagnosing problems.

What needs improvement?

  • I would like to see multiple DNS servers running on individual interfaces. 
  • It would be useful to manage firewall policies on a source interface and destination interface basis.

For how long have I used the solution?

One to three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Systems Administrator at a non-tech company with 51-200 employees
Real User
I have not had one issue with it at all, which is amazing
Pros and Cons
  • "Stability has been excellent. We have experienced no issues; it never fails."
  • "It is not centrally managed, where you log into the website and can see all your services there. We would like to be able to see is all the configurations from a central interface on all our pfSenses."

What is our primary use case?

We have mainly been using for our internet workstations.

How has it helped my organization?

After we started with testing with it a bit, it showed that it can be utilized in a way that we wanted to utilize it.

What is most valuable?

I have not had one issue with pfSense at all, which is amazing.

What needs improvement?

Layer 7 filtering has been taken away from pfSense. They would like us to use Snort, which is a good thing, but I would like them to make the Layer 7 thing easier.

The one reason that we did not go with pfSense is that it is not centrally managed like Meraki, where you log into the website and can see all your services there. This is the only reason why we are going with Meraki.

We would like to be able to see is all the configurations from a central interface on all our pfSenses.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Stability has been excellent. We have experienced no issues; it never fails.

What do I think about the scalability of the solution?

There is a lot of stuff that you can add-on. You can actually write your own APIs to connect to it and so on. So, there is a lot of scalability in pfSense that other products do not have.

How are customer service and technical support?

We have not using technical support. We have only been using the community version.

Which solution did I use previously and why did I switch?

We used to use Empalis. We actually started to replace our Empalis with pfSense first to do testing, and see if it would actually work for us. This was just a test phase, before we went over to Meraki. So far, pfSenses outperform Merakis.

How was the initial setup?

I setup all of it. I set it up for our country, and I did it all remotely. I learned from the community how to do it. The process to install and configure is very straightforward.

What's my experience with pricing, setup cost, and licensing?

It is a free solution.

Which other solutions did I evaluate?

We originally looked at SonicWall, but we chose pfSense because of pricing (since it is free) and it has issues that pfSense does not have. 

We are currently migrating over to Meraki and are having a lot of issue with it. Also, with Meraki, you pay through your neck for it.

I would not have made the decision to move away from pfSense. pfSense has been giving us better options than what Meraki is giving us at the moment. I have got login problems with Meraki which takes about two days for them to sort out. If I was on pfSense, I would sort it out myself.

What other advice do I have?

They need to look at all the communities, comparisons, etc. and read up about the issues and problems people are having with some of the solutions, then see if those problems might be related to what they may be experiencing.

Main criteria when selecting a vendor: 

  • How easy is it to learn.
  • How easy is it to implement.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Joshua Simmons, P.E., PMP - PeerSpot reviewer
Owner / Principle Engineer at Cogito Innovations
Real User
Powerful, flexible, and intuitive with features that rival many high cost solutions

pfSense has been a perfect fit for my small business needs. It is economical (i.e., free), yet powerful, flexible, and intuitive. Its features rival many of the high cost solutions out there.

The GUI could use improvements, though it is manageable.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network and Office Manager at Belgo Metal CW n.v.
Real User
The performance and functionality are good. I can manage it easily by myself.
Pros and Cons
  • "The initial setup was straightforward, therefore I wanted to continue using the product."
  • "I can manage it easily by myself."
  • "The performance and functionality are good."
  • "A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion."

What is our primary use case?

In the past, we had different locations in different countries, and in every location, we had the same pfSense firewall. Therefore, the connection between our different locations was good and manageable. However, in the last two years, we have had only one location here in Belgium, thus the performance of the pfSense has been good, and we can manage great with the open ports and the closed ports, but now a firewall has to be a little bit more than just that.

How has it helped my organization?

I do not have any big malware in my network, partly because of pfSense. The firewall blocks every malfunctioning malware or virus. Also, the access from outside our network has to be blocked, and I know by experience that our pfSense is very closed. You have to open every port in order to make sure that there can be a connection from outside our network.

What is most valuable?

  1. I can manage it easily by myself.
  2. The interaction between the same firewalls is good. We can connect VPNs over the same firewall easily.
  3. It is an open source solution. Therefore, the price is good.
  4. OPNsense.
  5. The performance and functionality are good.

What needs improvement?

A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion.

There are a few features not included, and when you have to use those features, you have to pay for them.

I know that I should change the current pfSense solution. I should change it because we have only one key port on it. Our internet access also has a key port now, I should have two key ports, one to the LAN and one to the WAN.

Therefore, I want to change it, because it gives us less speed. I could provide the speed, but there are not two key ports on it. Therefore, I now have to choose a new pfSense solution, or I could look at another vendor similar to what we have.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

I am satisfied with the stability.

What do I think about the scalability of the solution?

Scalability was less important. When we started, we did not have to scale the pfSense. In the seven years that I have used the pfSense, once I had to renew it because the hardware was broken or was defective. The second one was a little bit faster and had more memory, so I did not have to scale it again. Therefore, the scalability has not been so important to us until now.

Which solution did I use previously and why did I switch?

We came from OneStart. OneStart was out of data and at end of life. Thus, we had to switch. pfSense was originally proposed to us by the dealer and our external IT help.

How was the initial setup?

The initial setup was straightforward, therefore I wanted to continue using the product.

What about the implementation team?

I did not do it alone. I had help from the dealer. Once installed, I can manage now to change little things. For the initial setup, I was involved with it, but I did not do it myself.

What's my experience with pricing, setup cost, and licensing?

It was straightforward to buy from pfSense.

Which other solutions did I evaluate?

From Sonic Wall, their price is much higher, because for every feature that you want to add, you have to pay. I can do the same things with pfSense, but everything is included in one price.

We originally evaluated Cisco, WatchGuard, and Barracuda. We chose pfSense because of the price and it was open source software. At the time, our team was called OpenERP (now called Odoo), so open source software was an advantage.

What other advice do I have?

I would recommend it. It is manageable and straightforward. It is not so complex. You have to know the different rules, but you can manage it easily. The performance is good.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Anders Olsson - PeerSpot reviewer
Anders OlssonSystems Administrator at AB Edsbyverken
Real User

Comment for what? More than great, simple, inexpensive firewalling.

it_user834579 - PeerSpot reviewer
student at a university with 51-200 employees
User
Creation of certificates and the facility to administer services are valuable features
Pros and Cons
  • "Creation of certificates and the facility to administer services are valuable features."
  • "It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology."

What is our primary use case?

I have used it in town halls with a number of employees ranging between 40 and 60. I have also used it in educational institutions.

How has it helped my organization?

The use and results may vary according to the objectives of the institutions. 

In the case of city councils, I have taken the maximum advantage, taking into account that they were small institutions for which the tools provided by pfSense were sufficient according to the requirements of those institutions. 

However, in educational institutions, it was more difficult. Sometimes, the tools have fallen short.

What is most valuable?

  • The part of the firewall and aliases
  • The content filter in non-transparent mode and transparent mode with Squid and SquidGuard
  • The possibility of adding packages to perform network analysis
  • Creation of certificates
  • The facility to administer services

What needs improvement?

The product is good in many of its departments, but this should make HTTPS filtering more efficient since Squid falls short when using man in the middle. It works, but it is not 100% efficient. It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology.

For how long have I used the solution?

Three to five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user607749 - PeerSpot reviewer
it_user607749Manager, Live Production at a computer software company with 1,001-5,000 employees
Real User

Thanks for the information!

User
A good firewall with good performance

What is our primary use case?

For security testing in network functions virtualization (NFV). 

How has it helped my organization?

It is a good firewall with good performance.

What is most valuable?

Stateful packet inspection. It works quite well for an open source product. 

What needs improvement?

More regular patch updates, because this is very important for a firewall.

For how long have I used the solution?

Still implementing.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user607749 - PeerSpot reviewer
it_user607749Manager, Live Production at a computer software company with 1,001-5,000 employees
Real User

Thanks for the information!

it_user819144 - PeerSpot reviewer
Consultant
User
Centralized administration with multiple services, which allows for execution in important functionalities of information security

What is our primary use case?

Works with:

  • Routers
  • Firewalls
  • Network address translation (NAT)
  • VPN
  • OpenVPN
  • DHCP Server.

How has it helped my organization?

  • More control of the access to network resources
  • More control of the security policies
  • Integration with Active Directory
  • Centralized administration

What is most valuable?

Centralized administration with multiple services, which allows for execution in several important functionalities of information security.

What needs improvement?

Services on additional features: 

  • SNMP Network Management 
  • Managing inventory
  • Generating IT reports.

For how long have I used the solution?

One to three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Analista Senior at a tech services company
Real User
The gain in performance and security from configuring the VPN connections was significant
Pros and Cons
  • "The gain in performance and security from configuring the VPN connections was significant."
  • "It is a stable solution."
  • "My only observation is about the quality of the IPSec logs, which are difficult to interpret and are poor in filters."

What is our primary use case?

I use pfSense firewall, especially as an IPSec VPN Server. There are several VPN connections with equipment of various manufacturers at the other end.

I use ServerU as hardware instead of an ordinary PC, as most other people usually do.

How has it helped my organization?

The gain in performance and security from configuring the VPN connections was significant, since pfSense has replaced a server with a custom Linux open source version, which was running on outdated hardware.

What is most valuable?

Security and stability. The pfSense server acts as "IPSec VPN Server" for a small financial institution, but regardless of the company size, interruptions would cause significant financial impact.

What needs improvement?

pfSense serves us very well. My only observation is about the quality of the IPSec logs, which are difficult to interpret and are poor in filters. I have more than 10 IPSec VPN connections, and when there is a need for troubleshooting, the logs are of little help.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

With regard to this configuration, I consider it a stable solution.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user607749 - PeerSpot reviewer
it_user607749Manager, Live Production at a computer software company with 1,001-5,000 employees
Real User

Thanks for the information!

it_user800241 - PeerSpot reviewer
CEO with 11-50 employees
User
Improved service performance and availability through redundancy

What is our primary use case?

Firewall and VPN, Internet link balancing, as the proxy was installed on another machine. Used redundant firewall as a cluster.

How has it helped my organization?

Improved service performance and availability through redundancy. The company already had specialists in Linux, which facilitated the project.

What is most valuable?

Ease of monitoring and placement of other packages and functionalities next to the equipment.

What needs improvement?

Improve analysis of logs and dashboards (control panel) with improved alert functionality.

For how long have I used the solution?

Three to five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Luis Castro - PeerSpot reviewer
Specialist in IT Infrastructure, Networks and Software Quality at a tech services company with 51-200 employees
Real User
An incomparable stability is achieved with other firewall systems
Pros and Cons
  • "An incomparable stability is achieved with other firewall systems."
  • "Firewall system for small, medium, and large data networks. It allows you to provide security to your environment: DMZ networks, LAN, WAN, etc."
  • "A very stable product that lasts over time, easy to understand, and administer."
  • "It is easy to use and has integrity with other systems, such as proxies and quality of service."
  • "It should integrate with LDAP, Active Directory, etc, to improve the way in which the traces and connections of each IP, or user connected through the firewall, are shown."

What is our primary use case?

Firewall system for small, medium, and large data networks. It allows you to provide security to your environment: DMZ networks, LAN, WAN, etc. A very stable product that lasts over time, easy to understand, and administer.

How has it helped my organization?

With pfSense, an incomparable stability is achieved with other firewall systems. It is easy to use and has integrity with other systems, such as proxies and quality of service.

What is most valuable?

Security

  • Stability
  • Integration with other systems
  • Easy assimilation of its features
  • Easy administration
  • Multiple network management tools
  • Load balancing
  • Multiple links
  • High availability, etc.

What needs improvement?

The connections should be shown in a more specific way, as Kerio Control does. It should integrate with LDAP, Active Directory, etc, to improve the way in which the traces and connections of each IP, or user connected through the firewall, are shown.

For how long have I used the solution?

More than five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user511632 - PeerSpot reviewer
Owner with 51-200 employees
Real User
By installing pfSense and configuring load balancing and limiting bandwidth, we now have a reliable and stable connection.​
Pros and Cons
  • "Routing, load balancing, Traffic Limiter and queues. Since this company relies on an Internet connection, having these features is a must."
  • "Reporting and real-time monitoring, since I'm used to Watchguard's reporting features, it would be nice to have an embedded solution for reporting."

What is our primary use case?

Primary we use it for bandwidth limiting and load balancing our ISPs. And Pfsense excels doing that. 

How has it helped my organization?

We had two ISPs, and still our Internet connection was awful. By installing pfSense and configuring load balancing and limiting bandwidth, we now have a reliable and stable connection.

What is most valuable?

Routing, load balancing, Traffic Limiter and queues. Since this company relies on an Internet connection, having these features is a must.

What needs improvement?

Reporting and real-time monitoring, since I'm used to Watchguard's reporting features, it would be nice to have an embedded solution for reporting. 

What do I think about the stability of the solution?

Close to none. One time, while upgrading, the system crashed and had to install from scratch. After some research, it was due to an unsupported package that I had installed which the new version didn't like. I just installed and restored my configuration and that was it. No biggy.

What do I think about the scalability of the solution?

Haven't tested this part since the company hasn't grown much.

How are customer service and technical support?

Haven't used the official support channels. The community forum is awesome when you're looking for quick answers.

Which solution did I use previously and why did I switch?

Actually, PfSense replaced a Watchguard firewall, mostly due to costs. But I haven't missed it since.

How was the initial setup?

Very straightforward. For a small company with few configuration options it works almost out-of-the-box. The firewall comes with basic outgoing and incoming rules, and you take it from there.

What about the implementation team?

The implementation was made in-house. 

What's my experience with pricing, setup cost, and licensing?

If you need to buy hardware onto which to install PfSense, go with their boxes on their website, they are great. If you already have the hardware, just download and install, it works great either way.

Which other solutions did I evaluate?

I did, I evaluated Untangle, IPCop and MikroTik.

What other advice do I have?

Just go with it, can't go wrong.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user221862 - PeerSpot reviewer
Cloud Engineer at a tech services company with 1,001-5,000 employees
Consultant
I use pfSense because it gives me the flexibility to greatly expand basic firewall features.
Pros and Cons
  • "I use pfSense because it gives me the flexibility to greatly expand basic firewall features."
  • "The GUI. There are TONS of plugins for pfSense, as such, if a user wants to add quite a bit of functionality, the GUI will feel a little congested."

How has it helped my organization?

I stood up pfSense in a Large Telecom providers Lab environment for their next generation products. I was able to achieve 10G throughput (about 9.1 true throughput as tested over 4 days solid), and only hit a max of 20% CPU utilization on a DL380 G7. This server also had Suricata (in IPS mode and a heavy ruleset), as well as pfBlocker running.

What is most valuable?

I use pfSense because it gives me the flexibility to greatly expand basic firewall features. It's open source (and free - as in beer and speech), but also has commercial support. This can be run on any commodity hardware on the market (I've ran it on AMD and Intel - even Atom, processors) and throughput is excellent, even with lower speed CPUs and less RAM.

What needs improvement?

The GUI. There are TONS of plugins for pfSense, as such, if a user wants to add quite a bit of functionality, the GUI will feel a little congested.

What do I think about the stability of the solution?

A little... BUT, this was contributed to a failing Arista switch that would do a coredump and reboot. The pfSense installation at high speeds failed over perfectly though.

What do I think about the scalability of the solution?

No - in our high-speed tests (10G), we were not able to push the CPU over 20% utilization.

How are customer service and technical support?

I didn't really need any technical support. But was in contact with the Developers of pfSense as we were starting to work with them for an NFV setup.

Which solution did I use previously and why did I switch?

Fortinet, SourceFire, etc.... the cost... oh the cost! Why pay these guys when I can use pfSense for free AND only pay for support when and if I need it?

How was the initial setup?

Very straight forward. If anyone has ever installed any kind of OS or set up a firewall, it will be a piece of cake.

What's my experience with pricing, setup cost, and licensing?

Open Source - just download! If you need support, it's available.

Which other solutions did I evaluate?

What other advice do I have?

It's an amazing product. There really are few issues with pfSense.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user700161 - PeerSpot reviewer
IT Systems Engineer at a manufacturing company with 201-500 employees
Vendor
The most valuable features are the open VPN capabilities and the firewall service.

What is most valuable?

The most valuable features for me and my current company are the open VPN capabilities and the firewall service.

How has it helped my organization?

pfSense has provided my current organization with remote access to the internal services and additional protection via its firewall.

What needs improvement?

I would like more add-ons/packages for extending pfSense which are approved by the main community.

For how long have I used the solution?

I have been using pfSense for the last five years, in three different companies in Denmark.

What do I think about the stability of the solution?

We never had any stability issues, even during high load usages.

What do I think about the scalability of the solution?

We never had any scalability issues. It's easy to add additional services, or even a second or third pfSense product which works with the others.

How are customer service and technical support?

Unfortunately, I never used the technical support. However, the community forums provided me with answers to the implementation and configuration questions that I had.

Which solution did I use previously and why did I switch?

I was using FortiGate and other firewall and VPN solutions. They were all ou0dated and too complicated to maintain. The change was made due to the ease of use of pfSense and the features that it provides.

How was the initial setup?

For an IT person, the setup was more or less straightforward.

What's my experience with pricing, setup cost, and licensing?

pfSense is free and open source software. Modification is easy and you can adapt it to your company's requirements.

Which other solutions did I evaluate?

As I already had experience with pfSense and I knew how it would help me and my company, I didn't evaluate other options.

What other advice do I have?

The product is flexible, scalable, and has logic in using it. It is easy to integrate and implement into your IT environment.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user701439 - PeerSpot reviewer
IT Support Engineer
Vendor
Users can work offsite through the VPN.
Pros and Cons
  • "The "OpenVPN Client Export" package is really helpful in exporting the VPN client software on most popular devices: iOS/Android, Windows, Mac, Linux, and a handful of SIP handsets."
  • "Network monitoring and device inventory could use some improvements. I'm using SpiceWorks for this because it never really worked in pfSense."

How has it helped my organization?

It has improved our security. Users can work offsite and connect to the VPN.

What is most valuable?

  • The VPN and the firewall. They are reliable and easy to manage.
  • The VPN is valuable for setting up secure remote connections to our network.
  • pfSense has the OpenVPN package which is a well-supported VPN software.
  • The "OpenVPN Client Export" package is really helpful in exporting the VPN client software on most popular devices: iOS/Android, Windows, Mac, Linux, and a handful of SIP handsets.

What needs improvement?

Network monitoring and device inventory could use some improvements. I'm using SpiceWorks for this because it never really worked in pfSense.

Network monitoring is a big topic and I realize there is plenty of software out there like SpiceWorks, NTOPNG, PDQ, Zabbix, and Nagios.

I can easily log into pfSense and check "Status > Gateways" to see if the internet connection is online. However, I don't usually know if there's a problem until it's been down for a while and someone tells me about it. I realize this is a tricky problem, because if the pfSense internet goes down, how is it supposed to send out an email that relies on the internet connection?

I guess the only way that would make sense, is if an external monitor was set up in the cloud or something that could check the status of pfSense at given intervals.

As far as clients being up/down is concerned, I can use some alternative software and maybe there's a package in pfSense that I can use for it.

Another idea for pfSense device inventor: What if pfSense collected a list of newly connected clients? For security, it's important to know about all the clients connected to the network. A simple list of new clients that connect would be nice to have.

The alternative would be to lock pfSense down to only make address reservations, but that just creates more work for the Network Admin.

What do I think about the stability of the solution?

It seems to run stable, as long as the hardware is good. I tried running pfSense on a USB flash drive. After a month, I was having to re-install/re-configure pfSense on a new flash drive. I did that for a couple of months and collected a bunch of broken flash drives.

Even though their online documents claim that pfSense can run on flash drives, it really just breaks the flash drive after a month or less.

What do I think about the scalability of the solution?

I have noticed that pfSense boots up really slowly as more users are connected to it. Occasionally, you have to re-install or delete broken packages that freeze up the system. However, the core pfSense software runs great.

How are customer service and technical support?

I have never used pfSense technical support so I can't rate them. I used Google and figured everything out on my own. I do my own support.

Which solution did I use previously and why did I switch?

We did not use a previous solution. I recommend pfSense because it's free, open source software.

How was the initial setup?

The setup of pfSense was very straightforward for the most part. Usually, when something isn't working, it's because the "Apply" button wasn't clicked.

What's my experience with pricing, setup cost, and licensing?

Spend at least $300 or more on a good pfSense box. Use a hard drive, and not a USB flash drive for pfSense storage.

Which other solutions did I evaluate?

We looked at some other solutions, but pricing and licensing was the problem. I looked at Palo Alto and SonicWall.

What other advice do I have?

The learning curve is steep, but once you get the basics down, it's very robust and easy to use. There are plenty of resources online about setting it up.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user700119 - PeerSpot reviewer
HTS Engineering - Heat Transfer Solutions at a construction company with 201-500 employees
Vendor
Any new hire straight out of school who has network knowledge is able to operate the software without the complication of a CLI.

What is most valuable?

The easy to use GUI. Less training is required for the newcomers in IT.

How has it helped my organization?

Any new hire straight out of school who has network knowledge is able to operate the software without the complication of a CLI.

What needs improvement?

There were some bugs in the version we used.

For how long have I used the solution?

We have been using the solution for one year.

What do I think about the stability of the solution?

We had a stability issue. A handful of times the firewall box froze and needed a power cycle.

What do I think about the scalability of the solution?

We had a scalability issue. The fail over did not work automatically.

How are customer service and technical support?

Our infrastructure manager tried contacting their support but it was not helpful. Response time was bad as expected for an open source software.

Which solution did I use previously and why did I switch?

FreeBSD box was an old setup from 1998, so it was time to upgrade without it being costly.

How was the initial setup?

The setup was straightforward.

What's my experience with pricing, setup cost, and licensing?

It's open source so it's free. We did not buy their hardware.

Which other solutions did I evaluate?

We evaluated Cisco .

What other advice do I have?

If your organization has the budget, go with a paid solution. We've had our days with it and went with a paid solution (another firewall) due to the company growing and we couldn't have any downtime. It would likely cost the company more money with downtime than to purchase a good quality firewall.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Sócio at a tech services company with 1-10 employees
Consultant
Helps us maintain internet access for the company we support.

What is most valuable?

Outbound Load Balance for internet links work great. It's very good to keep internet access for the company we support.

How has it helped my organization?

I could keep my customers working even if they lose one internet link. Most of them have at least two links.

For how long have I used the solution?

We have been using this for 10 years.

What was my experience with deployment of the solution?

There was a problem when I ran a version update, then the server just stopped working. This was because pfSense (in this case FreeBSD) was no longer supporting the hardware of the server (HPE).

What do I think about the stability of the solution?

There were no stability issues. If there are issues, they usually stem from a hardware fault.

What do I think about the scalability of the solution?

There were no scalability issues.

How are customer service and technical support?

Customer Service:

It is usually easy to find answers in the forum.

Technical Support:

Technical support is good.

Which solution did I use previously and why did I switch?

I used Kerio and Microsoft. I switched because I was looking for something with better security and for someone who could fix bugs faster.

How was the initial setup?

The setup was easy. You can install it in two minutes. It takes more than five minutes to put it to work with a single internet link plus NAT.

What's my experience with pricing, setup cost, and licensing?

It is free.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Snr. VOIP Specialist at Digital Globe Services
Vendor
The GUI is an all in one solution that includes DHCP, VPN, Squid and Firewall. VPN, Captive Portal user-level and MAC-level filtering need to be improved.

What is most valuable?

The GUI is an all in one solution that includes features such as DHCP, VPN, Squid, Firewall, etc.

How has it helped my organization?

I am using this product as a firewall for site-to-site connectivity and also, the Dynamic DNS (DynDNS).

What needs improvement?

As per my understanding VPN, Captive Portal user-level and MAC-level filtering need to be improved.

For how long have I used the solution?

I have used this solution for the last one and a half years.

What do I think about the stability of the solution?

There were no stability issues.

What do I think about the scalability of the solution?

There were no scalability issues.

How are customer service and technical support?

I am using the community version so there is no need for any support.

Which solution did I use previously and why did I switch?

Earlier, I was using FortiGate. Due to budget issues we moved to pfSense.

How was the initial setup?

The setup is simple, if you have some Linux and firewall administration expertise.

Which other solutions did I evaluate?

We evaluated FortiGate, Cisco ASA and Palo Alto.

What other advice do I have?

I would recommend joining the community and ask questions.

You should also read the installation and configuration documentation on the website.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user694707 - PeerSpot reviewer
IT Director
Vendor
Most valuable feature is a 50/50 between no licensing and ability to repair a firewall
Pros and Cons
  • "The redundancy and scalability ARE very nice."
  • "The GUI could use more “bells and whistles”. It's got plenty of info for a Sysadmin but some people like shiny things."

How has it helped my organization?

Increasing customer satisfaction by not having to ask for license fees any time a new feature is needed. The redundancy and scalability is very nice too.

What is most valuable?

Most valuable is a 50/50 between no licensing (cough Cisco) and being able to actually repair a firewall instead of replace since pfSense can be loaded to any x86/x64 PC or Server.

What needs improvement?

The GUI could use more “bells and whistles”. It's got plenty of info for a Sysadmin but some people like shiny things.

What do I think about the stability of the solution?

Rarely and almost always due to bad configuration or failing hardware.

What do I think about the scalability of the solution?

No, pfSense can be installed on a decommissioned PC or a brand new 4U quad CPU server. If you need better hardware from the first install it's easy to either simply move the drive to the new firewall or backup/restore to new disks.

How are customer service and technical support?

I've only ever used community-based support and it's very solid with thousands of knowledgeable people on their forums.

Which solution did I use previously and why did I switch?

NETGEAR or Cisco. Switched because NETGEAR didn’t always offer the functionality and Cisco was very complicated and expensive.

How was the initial setup?

Simple if you just want a firewall up and going to NAT your network. It can be as complex as you need it to be. Just run the install from an ISO and it's like any other out-of-the-box SMB router.

What's my experience with pricing, setup cost, and licensing?

Unless they have specific requirements that demand a particular device, I always suggest pfSense specifically because of the absence of pricing and licensing.

Which other solutions did I evaluate?

Monowall, Tomato, DD-WRT.

What other advice do I have?

Stop googling and head over to pfSense to download the ISO and get started. It will do almost everything the most expensive Cisco device will.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user429552 - PeerSpot reviewer
User with 51-200 employees
Vendor
VPN has allowed me to deploy applications just for the organization and not to public servers.

How has it helped my organization?

VPN has allowed me to deploy applications just for the organization and not to public servers.

What is most valuable?

The ability to create a VPN allows me to monitor branch offices from a central location.

What needs improvement?

A way to clean squid cache from the GUI.

What do I think about the stability of the solution?

Not at all.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user461160 - PeerSpot reviewer
Gérant chez
Vendor
Easy backup restore, independent platform not linked to a commercial vendor.

What is most valuable?

We use the open source version and we chose the hardware platform.

For pfSense the valuable features are:

  • High availability
  • VPN (openVPN)
  • Easy administration
  • Extensibility (by modules)
  • Easy backup/restore, independent platform not linked to a commercial vendor

For how long have I used the solution?

We have been using the solution since version 2.1, which was three years ago.

What do I think about the stability of the solution?

We did not encounter any issues with stability.

What do I think about the scalability of the solution?

We did not encounter any issues with scalability. It depends on the hardware, not the software.

How are customer service and technical support?

I can't say. We provide our own support to our customers, as we are Linux, FreeBSD and IP specialists.

Which solution did I use previously and why did I switch?

We used Watchguard and Endian, but pfSense is the most complete for layer 3 firewalls. We split the roles. We use pfSense only for the layer 3 and other products for proxy and reverse proxy (Diladele, Nginx) so we are not dependent of a constructor and easily update each part.

How was the initial setup?

Setup is easy and done in a few steps.

What's my experience with pricing, setup cost, and licensing?

You pay only the support and the price depends on the hardware not the functionalities.

What other advice do I have?

The pfSense product is very powerful in layer 3 but you must add some products to match a viable commercial product which generally has all the functions integrated in one hardware system (proxy, antivirus, etc.).

For us pfSense is better for layer 3. We use MailCleaner for the mail relay, and Diladele for the web proxy. We like to split the functionalities for security reasons.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user485088 - PeerSpot reviewer
Infrastructure Manager at a engineering company with 501-1,000 employees
Vendor
Easy to deploy and easy to use, traffic graphics are excellent.
Pros and Cons
  • "Easy to deploy and easy to use."
  • "Easy to deploy and easy to use."
  • "Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
  • "​Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."

How has it helped my organization?

Use it to filter traffic and restrict browsing by profiles, use ACLs with Squid.
When using the load balancing functionality the performance is excellent, the best I could have 3 operators at the time.

What is most valuable?

Among the most valuable features I have found in PFsense are: Easy to deploy and easy to use, traffic graphics are excellent and tools that can be included as squid, snort, squidguard, ntop, pfblogNG, support wonderfully the purpose of generating PFsense.

What needs improvement?

Easy to deploy and easy to use, although the support of the community in the forums is excellent and there is always a solution

What do I think about the stability of the solution?

No, in fact I have one more than 4 years ago in production and it works perfect

What do I think about the scalability of the solution?

No

How are customer service and technical support?

Customer Service:

8

Technical Support:

8

Which solution did I use previously and why did I switch?

Fortinet, TMG Microsoft, SonicWall, scalability, cost

How was the initial setup?

After istalar pfsense the initial configuration is simple, and works without problems

What about the implementation team?

The implementation was internally, clear before in production were made several laboratories

What was our ROI?

The power to use old hardware allows an exceptional ROI the investment is little just a few network cards

Which other solutions did I evaluate?

Of course, the tools he knew and those that are offered in the local market including FORTINET and SONICWALL

What other advice do I have?

It is worth to enter the world of PFsense is rewarding to belong to an open-minded community that does not hesitate to share their experiences and knowledge

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer963351 - PeerSpot reviewer
reviewer963351IT Manager & Sr. Application Programmer with 11-50 employees
Real User

Good info. How do you think PFsense compares to Fortinet or sonicwall? Personally I found certain competitors a little more cumbersome.

it_user499617 - PeerSpot reviewer
Managing Director at a comms service provider with 51-200 employees
Real User
Setup was straightforward; the interface is self-explanatory. ​We did not like its QoS interface.​

What needs improvement?

We just did not like its QoS interface.

For how long have I used the solution?

We tested the solution for a very short period (one week), to compare it to Zeroshell. The idea was to decide which one to use. Our main focus was QoS.

What was my experience with deployment of the solution?

No issues to deploy PFSense; it was straight forward.

Which solution did I use previously and why did I switch?

PFSense sounded like the de-facto standard for simple SOHO solutions. We just did not like its QoS interface. For us, it seemed very "rigid" compared to Zeroshell. So we went back to Zeroshell because we considered that its QoS interface had much more flexibility and its latest version now even included nDPI too.

How was the initial setup?

Initial setup was very straightforward; the interface is very self-explanatory.

What about the implementation team?

Implementation was done in-house.

Which other solutions did I evaluate?

We also evaluated Zeroshell.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user380763 - PeerSpot reviewer
Help desk Support Analyst at a energy/utilities company with 501-1,000 employees
Vendor
The web UI gives you an overview of everything you want to see​.

What is most valuable?

  • Fail-over of between multiple ISPs
  • Firewall
  • Graphs
  • Real time interface monitoring
  • The web UI gives you an overview of everything you want to see
  • For an open-source solution it has performed fantastically
  • OSPF
  • It contains loads of optional packages e.g Snort (IDS), asterix (PBX), network monitors etc.

How has it helped my organization?

We have pfSense across three sites where it manages the VPN and firewalls between them. Also, it has reduced costs drastically and has outperformed its expectations.

What needs improvement?

The load balancing can be improved as it uses tier levels to balance. For it to function most effectively, you often need to have the same bandwidth on the ISPs.

For how long have I used the solution?

We've used it for six years.

What was my experience with deployment of the solution?

There were no issues with the deployment.

What do I think about the stability of the solution?

There were stability issues with certain versions, but fixes were released and the right hardware helped.

What do I think about the scalability of the solution?

We do have issues as the right hardware needs to be deployed in order to expand correctly in certain areas.

How are customer service and technical support?

Customer Service:

We use a vendor team, Shrike Technologies who have been excellent, and once a while I consulted the pfSense cookbook.

Technical Support:

The online forum has lots of answers.

Which solution did I use previously and why did I switch?

We previously used Monowall and switched because we needed more functionality.

What about the implementation team?

We used a vendor team, Shrike Technologies whose experience was very high.

What's my experience with pricing, setup cost, and licensing?

Pricing is fantastic, we have gold subscription which covers on-line backup of device configurations, premium support, webinars and lots more.

What other advice do I have?

Proper planning is necessary in order to select the right hardware and configuration required (rules, services etc.).


Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Head of Operations at a tech services company with 51-200 employees
Consultant
There's no expensive licensing costs, which helps us save money.

Valuable Features:

Flexibility is the most valuable feature for us.

Improvements to My Organization:

There's no expensive licensing costs, which helps us save money.

Also, its capacity and functionalities are great for our needs.

Room for Improvement:

Whenever a new version rolls out, there are hidden bugs. That's why we normally run a version behind for a little while before rolling into the current build.

Deployment Issues:

We've had no issues with deployment.

Stability Issues:

We've had no issues with stability.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
System Administrator at a tech services company with 1-10 employees
Consultant
The load-balancer function support multiple servers, load balancing two gateways on the same tier. However, the firewall could be improved.

Valuable Features:

The features I've found most valuable are--

  • Proxy server (to filter traffic, act as intermediary between our server and our client, and analyze and load-balance traffic)
  • Load balancer (support multiple servers, load balances two gateways on the same tier)
  • Hot spot (with captive portal, forces authentication or click-through for network access)

Improvements to My Organization:

It's provided us with a fair internet speed for all users. We're also able to control web contents of our users.

Room for Improvement:

The firewall feature could be improved.

Deployment Issues:

We had no issues with deployment.

Stability Issues:

We had no issues with instability.

Scalability Issues:

We were able to scale just fine.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
IT Specialist at a tech services company with 501-1,000 employees
Consultant
Installation is relatively simple and acts as our main firewall and router with professional functions, but you need to have the right hardware setup as well.

What is most valuable?

- Firewall/router

- OpenVPN server

- DHCP server

- High availability cluster

- It's for FREE!

How has it helped my organization?

Before I started working for my present company, they used to use a small (for home use :) ) Linksys router. The main problem of Linksys was the limitation of firewall rules of up to 50 entries. I suggested using a main firewall/router because it has professional functions, has no limitation, and it's for free.

What needs improvement?

So far, from my point of view everything is working perfect!

For how long have I used the solution?

I started working with pfSense in 2009.

What was my experience with deployment of the solution?

Deployment is very easy and quite intuitive. Installation is very simple.

What do I think about the stability of the solution?

No, I didn't have any issues. Every issue I had with pfSense was with hardware (not caused by pfSense).

What do I think about the scalability of the solution?

Never.

How are customer service and technical support?

Customer Service:

I never use customer service.

Technical Support:

I never use technical support.

Which solution did I use previously and why did I switch?

Before pfSense I had in the company an old Cisco router, but it had problems with stability so I was looking for an alternative and I found pfSense.

How was the initial setup?

If you have some knowledge about router and firewall, initial setup won't be a problem for you. Ask google about it and you will find a lot of documentation, instructions and video.

What about the implementation team?

I implemented pfSense by myself, so I can't rate the vendor team level of expertise.

What was our ROI?

System is totally free. I spent two days to implement it.
As hardware, I used old workstations which were prepared to scrap.
So ROI = use some cheap hardware with 2 NICs and you will get a professional firewall/router.

What's my experience with pricing, setup cost, and licensing?

It's absolutly free, no pricing and no licensing.

Which other solutions did I evaluate?

I was checking some other alternatives (right now I don't remember which) but pfSense had the best documentation, so the choice was simple.

What other advice do I have?

For professional use, I advise using two computers with three NICs

Why 2 computers???
To create a HA cluster.

You will need 3 WAN IP addresses, 3 LAN IP addresses, and a quite simple NIC configuration:

1st NIC use to WAN connection (CARP)

2nd NIC use to heartbeat and sync between two pfSense

3rd NIC use to LAN connection (CARP)

For more details ask Google :)

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user284163 - PeerSpot reviewer
System Administrator at a media company with 1,001-5,000 employees
Vendor
It's stable and features load balancing, although we've rebooted once in six months.

What is most valuable?

  • Snort
  • CARP
  • Load balancing
  • VPN

How has it helped my organization?

  • Reduced the cost of our firewall solution
  • Enhanced throughput compared with similar priced devices
  • Stability
  • Reliability

What needs improvement?

I'm no expert on this subject, and the OS performs all that is required.

For how long have I used the solution?

I've used it for over one year.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

We've only had to do one reboot in six months.

What do I think about the scalability of the solution?

None as yet, because the solution hasn't reached capacity yet.

How are customer service and technical support?

I'm yet to use the official tech support as the community provides all that I have required.

Which solution did I use previously and why did I switch?

  • Sonicwall
  • Cisco ASA

We switched due to licensing costs and scalability.

How was the initial setup?

It's relatively simple and straightforward, with enough documentation avalable online for the average user to install and setup.

What was our ROI?

£2000+

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user280953 - PeerSpot reviewer
Network Engineer at a tech services company with 51-200 employees
Consultant
It supports multiple ISP's, making it good for implementation, but it doesn't allow FTP.

Valuable Features

This product supports multiple ISP's, so it's good for implementation.

Improvements to My Organization

It's made us more productive.

Room for Improvement

FTP was not allowed, and it didn't indicate during set up whether FTP was to be allowed or disabled.

Use of Solution

I've used it for about one year.

Stability Issues

The stability is good.

Scalability Issues

The stability is good.

Customer Service and Technical Support

The technical support is good.

Pricing, Setup Cost and Licensing

It's free.

Other Advice

All the other features are good, and with it being free, it is very attractive to the users.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Network and Transmission Engineer at a tech services company
Consultant
We've found multiple features, such as multi-WAN capability and dynamic DNS, valuable, but the load balancing of multiple networks could be improved.

What is most valuable?

  • Firewall
  • State Table
  • Network Address Translation (NAT)
  • High Availability
  • Multi-WAN
  • Server Load Balancing
  • Virtual Private Network (VPN)
  • PPPoE Server
  • Reporting and Monitoring Applications
  • Dynamic DNS
  • Captive Portal
  • DHCP Server and Relay

How has it helped my organization?

The reporting and monitoring applications improve our organization.

What needs improvement?

Load balancing of multiple networks

For how long have I used the solution?

3 Year

What was my experience with deployment of the solution?

Compatibility Issues

What do I think about the stability of the solution?

None

What do I think about the scalability of the solution?

None

How are customer service and technical support?

Customer Service:

None

Technical Support:

Excellent

Which solution did I use previously and why did I switch?

Yes

How was the initial setup?

Simplest

What about the implementation team?

Extraordinary

What's my experience with pricing, setup cost, and licensing?

pfSense software has the flexibility to integrate into wide area on a worldwide range of hardware. Among all monitoring and firewalls application. I haven't see powerful tools like PfSense.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user266880 - PeerSpot reviewer
Senior System Administrator at a government with 501-1,000 employees
Vendor
Kernel support for laptop features need to be updated, but it offers true processor power at low energy cost.

What is most valuable?

  • Battery backup
  • True processor power at low energy cost
  • Expansion possibilities
  • Low noise emission

How has it helped my organization?

We like it mostly for being able to use BSD compiled software inside it. It is flexible, fast, powerful and full of features, such as an easy proxy filter, and clustering along with an easy and well developed web based interface.

What needs improvement?

Kernel support for laptop features, USB/Firewire ethernet cards, and specially built in WLAN cards. If the WLAN functions work properly, pfSense makes a perfect "repeater" or controlled and robust accessed point with built in QoS and firewall. Wider support for 3G and 4G USB cards as backup networks would be nice too. It was impossible to get some USB stuff to work.

For how long have I used the solution?

We've used it for two years, with an HP Elitebooks 8350 for battery backup.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

I got terrible kernel crashes on HP laptops while trying to setup WLAN, but it worked better on Fujitsu ones.

What do I think about the scalability of the solution?

It has worked as expected so far.

How are customer service and technical support?

Customer Service:

I have never needed it.

Technical Support:

I have never used it.

Which solution did I use previously and why did I switch?

We have mostly used Cisco products. Their products feels like we are back in the stoneage when compared to pfSense. We switched as we needed more power (as traffic, bandwidth and user accounts grew). pfSense was one good clear substitute, and Cisco is too expensive if you want real throughput power, and it was too hard to administrate when we compared it with pfSense. also, anyone can learn pfSense pretty fast because of the intuitive web interface), and there is never trouble with invalid licenses. The features like IPS (snort/suricata) are well developed and can be used for free or at a small cost for extra security. The most valuable of all though, is that we could recycle old hardware to make our perfect firewalls, reducing the hardware cost.

How was the initial setup?

It was easy.

What about the implementation team?

We implemented these ourselves.

What's my experience with pricing, setup cost, and licensing?

It's hard to say. The setup goes pretty fast and, once you know the hardware to be used, it will work, so there was no significant amount of time there. The laptops used in this project were already recycled and had enough power for us to make a cluster and be happy with them, so it pretty much only cost us the price of some 3G modems and some USB network interfaces. Maybe not more than 200 Euros per machine.

Which other solutions did I evaluate?

We evaluated IPCop and m0n0wall. We took a vote on our team and pfSense won the deal.

What other advice do I have?

If you are unsure, do a labtest before you implement it. If you are still stuck on the traditional "stoneage" products, you may get amazing results.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user299496 - PeerSpot reviewer
it_user299496Cloud Engineer at a tech services company with 1,001-5,000 employees
Consultant

Long time pfSense user here... to counter on your comment about Laptop support, it's not meant to be ran on Laptops, hence the lack of features you were looking for concerning the laptops you had it installed on. Throw it on a NUC, Server, Atom, a Desktop or even a VM and it's going to be perfect. Pushing two servers at work with dual - dual 10G Chelsio cards. (2 10G ports for WAN and 2 10G ports for LAN in LACP each).

See all 2 comments
it_user245433 - PeerSpot reviewer
Professional Internship - System Engineer at a tech services company with 51-200 employees
Consultant
It's simple and easy to understand to begin using.

Valuable Features:

It's easy to access and configure in general.  As for features, the firewall and security  options were valuable.  These are valuable because I like simple things that are easy to work with, as too much difficulty or too much constraint is not good, and boring.

Improvements to My Organization:

It provided us with better security.

Use of Solution:

I used it for two months.

Deployment Issues:

There were no issues during the time I used it.

Stability Issues:

There were no issues during the time I used it.

Scalability Issues:

There were no issues during the time I used it.

Customer Service:

It was straightforward because it's simple and easy to understand to begin using.

Implementation Team:

We used a vendor team who had a good amount of knowledge,

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user179136 - PeerSpot reviewer
it_user179136Network Engineer at a tech services company with 501-1,000 employees
Real User

I find PfSense to be just what it claims to be. An enterprise class firewall for the world to enjoy for free! It has all the features and none of the costs. If you understand network engineering concepts, PfSense is your "Swiss-Army-Knife"
Need a firewall? PfSense
Need to do static routing? PfSense
Need to route with RIPv2, RIPng, BGP or OSPF? PfSense
Need VPNs? PfSense Yes that includes GRE tunnels over IPSEC
Need Dynamic DNS Clients? PfSense
Need enhanced object tracking for static routing? PfSense
Need multiple WAN connections load balanced? PfSense
Need traffic shaping? PfSense
Need a proxy server? PfSense
Need IDS? PfSense... install the snort package

I've only listed a few of the things it can do. It's been my home router firewall for 10 years.
I recommend it to SOHO owners and home IT enthusiasts alike whom are on a tight budget. It's got a great interface and it's rock stable. It'll run like a dream on an Intel P3 Processor with 640 Megabytes of RAM installed. It works great on a multitude of used / outdated hardware and offers paid support if you can't do the research/reading yourself. What else could you possibly ask for?

it_user240036 - PeerSpot reviewer
Senior IT Architect at a university with 5,001-10,000 employees
Vendor
Unfortunately, my experience with pfSense hasn’t been so good. Operational-wise it's fine but I've had issues with firmware upgrades.

I must be getting quite comfortable with upgrading pfSense. I just finished an upgrade from 2.2 to 2.2.1, and only midway remembered that I hadn’t done a config export and backup. Just the last upgrade exercise, I was still very paranoid about something that might go wrong. I would set aside time for the upgrade, make backups, and cross my fingers.

This should have been the way, always, that firmware, or device software, get upgraded. You just do it, and it should just work. The upgrade process should test that everything is good to go, and let you know if anything is amiss, before commencing the upgrade.

In the unlikely event that something does go wrong after starting the upgrade, there should be some automatic rollback, returning the system to its original state, leaving the user with no more than a small annoyance that the upgrade did not happen.

Unfortunately, my experience with pfSense hasn’t been so good. By and large, everything about pfSense has been good, operational-wise. It’s just that I’ve not been very lucky with the firmware upgrades.

Version 2.2.1 is a minor upgrade. There are a number of security fixes, but none terribly critical. The recent SSL FREAK vulnerability doesn’t affect version 2.2. However, there’s no reason why you should skip this version either. If you’re running pfSense, just do the upgrade. I’m beginning to have more faith in the pfSense upgrade process!

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
IT Chief at a construction company with 1,001-5,000 employees
Real User
The pfSense OS is stable, but if the service packages are not updated to their new version when the OS is updated, we can't use those features.

What is most valuable?

  • Load balancer
  • Multi-WAN

How has it helped my organization?

Network security and speed have both improved.

For how long have I used the solution?

I've been using it since 2010. I have used both the free version (5/10) and as a gold member (9/10).

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

When they make an update available, the problem is that pfSense service packages are not updated, it's just the OS. The pfSense OS is stable, but if the service packages are not updated to their new version when the OS is updated, we can't use those features.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

5/10.

Technical Support:

5/10.

Which solution did I use previously and why did I switch?

We used -

  • Debian IPtables
  • Squid
  • I7 Patch
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user267969 - PeerSpot reviewer
it_user267969Sr. Sys Admin at a tech services company with 51-200 employees
Consultant

Hi,

SG-4860 pfSense® Security Gateway Appliance which we bought.

Also could u please tell me how will contact pfsense support?

Is there any on call facility to pfsense?

How many times they will support if we device buy?

Regards,
Giridharreddy Daida.

See all 3 comments
it_user229803 - PeerSpot reviewer
CEO & Founder at a tech services company with 51-200 employees
Consultant
It was very straightforward to implement but the RadiusServer needs to be improved.

What is most valuable?

  • Captive Portal 
  • DHCP

How has it helped my organization?

pfSense made my life easier for controlling users and their bandwidth. My internet is not misused anymore.

What needs improvement?

RadiusServer needs some work done.

For how long have I used the solution?

I've been using it for five years.

What do I think about the stability of the solution?

I've never had any problems.

What do I think about the scalability of the solution?

Yes I did.

How are customer service and technical support?

Since it's open source, the only support is available in public forums.

Which solution did I use previously and why did I switch?

I used different routers, but because I wasn’t happy, I was trying different solutions and I found this one which was the most effective of all those I tried.

How was the initial setup?

It was very straightforward.

What about the implementation team?

I did it on my own.

What's my experience with pricing, setup cost, and licensing?

It was free.

Which other solutions did I evaluate?

I looked at many hardware solutions.

What other advice do I have?

Go ahead and just implement it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user225414 - PeerSpot reviewer
IT Executive cum ICT Consultant at a healthcare company with 51-200 employees
Vendor
Remote users may access it on a local network via VPN but an improvement can be made to the user friendliness of the interface.

Valuable Features

  • Firewall
  • DHCP
  • VPN

Improvements to My Organization

The organization relies on pfSense for DHCP, and remote users may access it on a local network via VPN.

Room for Improvement

I was satisfied with the overall features of the product, considering the limited capacity of our hardware at the time. It's probable that an improvement can be made to the user friendliness of the interface.

Use of Solution

I've used it for over three years.

Stability Issues

I believe that the issue of stability that we encountered was linked to our hardware limitation. For example, we would need to soft reboot the system manually after a power failure to get the DHCP functioning again.

Scalability Issues

This is linked to our hardware limitation as well, however it has been working fine for company with 30-40 users.

Customer Service and Technical Support

Customer Service:

8/10.

Technical Support:

9/10,

Initial Setup

It was done by external technical support.

Implementation Team

It was implemented by a vendor who were 10/10.

Pricing, Setup Cost and Licensing

I don't know the setup costs but the day-to-day maintenance is done by myself, and I occasionally need to engage the vendor for technical issues.

Other Advice

pfSense is good for a company that is looking for a solution with a reasonable cost for implementation.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
System Administrator at a tech services company with 51-200 employees
Consultant
It uses less resources than a physical machine but the beta versions of some packages have issues.

What is most valuable?

pfSense is very valuable as previously I had to use Microsoft's TMG solution. After some research, when I got stuck configuring a physical machine with many VMs, I noticed that pfSense, as a firewall, uses less resources. I started to test it on a simple PC, and I have now seen how I can benefit from open source software. So therefore, the most valuable feature is that it uses less resources than a physical machine.

How has it helped my organization?

It is free of charge. I am living in country where this is not so important yet, as no one controls the licenses of software. However, our company tries to look forward and prevent issues that may happen in the future. So it being free, and easy to configure, are the benefits for us.

What needs improvement?

I think that areas for improvement are not closely related with the work of pfSense but with its components, meaning the packages. I am faced with little problems when I install none-recommended (beta) versions. But, I also understand that these versions are mostly for developers, who are trying to contribute their best efforts for open source.

For how long have I used the solution?

I have been using pfSense as a firewall solution for approximately eight months.

What was my experience with deployment of the solution?

When I started to test it in a real environment, it was on a physical machine and I was faced with problems. It was that the freeBSD wouldn't detect my USB keyboard, but after waiting a while, it eventually worked. In a virtual environment, I had no problems.

What do I think about the stability of the solution?

Just once. One of our customers had an issue with their electrical stability. The electrical supply was jumping, and playing about, and when it was happening pfSense stopped.

What do I think about the scalability of the solution?

It depends actually, and to be honest, I have never used all the available features of this product, but I believe that there should not be any issues with the scalability.

How are customer service and technical support?

Customer Service:

I have never used the customer service for pfSense. I have read the manuals, but have never contacted customer service.

Technical Support:

I have never used it.

Which solution did I use previously and why did I switch?

I previously used Microsoft's TMG solution. I switched because after some research when I got stuck configuring a physical machine with many VMs, I decided to use pfSense.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user219210 - PeerSpot reviewer
it_user219210System Administrator at a tech services company with 51-200 employees
Consultant

I am sorry for grammatical mistakes.

it_user224265 - PeerSpot reviewer
Responsable IT & RMQ at a comms service provider with 51-200 employees
Vendor
Having a customizable, large dashboard would be good, however, it is very straightforward for a beginner to set up.

What is most valuable?

  • Load balancing multi-WAN (High latency)
  • Queues with CBQ algorithm
  • Traffic shaper (limiter)
  • Aliases for grouping anything 
  • VPN (OpenVPN)
  • DHCP server (with ARP reservation)
  • DNS forwarder
  • Firewall 
  • Graphs for monitoring
  • NAT

How has it helped my organization?

Before using pfSense:

  • I always had problems with internet connection for users
  • I had no idea what users were downloading and, therefore, what was killing the internet connection
  • I did not have not statistics on the quality and stability of the internet
  • To get a VPN I had use a pay software that offered lower performance than I have now

What needs improvement?

I always need to open different graphs on different windows of the web browser to have an overview,  Therefore, it would be good, if it is possible, to have a customizable, large dashboard.  At the moment though, the others options are good because I am a beginner with the pfSense.

For how long have I used the solution?

I've used it for six months.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

There was an issue with the Layer 7 filters on an old PC.

What do I think about the scalability of the solution?

No issues encountered.

Which solution did I use previously and why did I switch?

No previous solution was used.

How was the initial setup?

It's very straightforward, even for beginners.  There is documentation and different tutorials and videos available in different languages.

What about the implementation team?

I implemented it myself.

What's my experience with pricing, setup cost, and licensing?

The only cost to set up is the hardware for a standard PC and any ethernet card extensions.

Which other solutions did I evaluate?

No, as I asked a friend they told me to get pfSense without doing other research.

What other advice do I have?

Don't install pfSense on a machine with only the minimal recommended hardware configuration, but on a better machine.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Senior Technology Consultant Cosmocall/Microsoft at a tech services company
Consultant
There aren't any deployment issues unless there are some complex configurations.

What is most valuable?

  • Port routing policies
  • Load balancing
  • Clustering

How has it helped my organization?

We've been able to get call center traffic optimisation over multiple WAN and Point2Point Connections with a failover policy. The call center has different types of traffic (VoIP, Internet, Stream etc.) and every kind of traffic has its own policy. For example VoIP needs to be have high availability & a priority to maintain a non-stop custom service, while that of internet traffic can be lowered in priority and even cut when some WANs are unavailable to prioritize VoIP. I think that having this kind of complex configuration & tunning with a robust open solution, is a good value.

For how long have I used the solution?

  • v0.x for three years
  • v1.x for two years
  • v2.x for three years

What was my experience with deployment of the solution?

There have been no deployment issues since v0.x.

What do I think about the stability of the solution?

Yes, sometimes there are issues if there are some complex configurations. When working with load balancing ADSL modems, I've noticed that pfSense "fools" the modem and it becomes unresponsive until it is restarted. This issue doesn't affect pfSense, but it is the root cause of a hung ADSL modem.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

I've never used them.

Technical Support:

I've never used them.

Which solution did I use previously and why did I switch?

No previous solution was used.

How was the initial setup?

The initial setup is easy. This is because the pfSense setup is like a Windows installation (wizards, choose option, click next etc.) unlike some others.

What about the implementation team?

We implemented it in-house.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Network Engineer at TLCWEB S.R.L.
Consultant
Sometimes updates can mess up the running configuration but it is a powerful tool.

What is most valuable?

First of all scalability of this solution. It's an all-in-one solution useful for every kind of company. It's also very easy to set up rules and NAT, and it has several modules like transparent proxy, VPN, and traffic shaping which are the daily modules for me.

How has it helped my organization?

pfSense software was designed to be a customizable platform that can be hardware agnostic. This allows the engineer to meet the needs of a project with a device that's got the right I/O and specifications, and then customize the pfSense settings to their needs.
So power consumption and less hardware requirement can save our money!

What needs improvement?

Compatibility with virtualization system (like VMWare, Proxmox and so on and so forth); in some cases, it can create conflicts with virtualized hardware, and configuration export (sometimes the XML file creates a conflict with the hardware network MAC address).

For how long have I used the solution?

I've been using it for three years.

What was my experience with deployment of the solution?

  • Compatibility with some virtualized system
  • Configuration export in some cases
  • Sometimes updates can mess up the running configuration

What do I think about the stability of the solution?

Never had any issues. In fact, I've had a pfSense firewall with the uptime of a year.

What do I think about the scalability of the solution?

No, and it doesn't matter how many rules or not that you have. It can manage different network interfaces (virtual and physical) without a problem.

How are customer service and technical support?

Customer Service:

We never use it, but it has a large community so you can find whatever you need in the pfSense forum.

Technical Support:

We never use it, but it has a large community so you can find whatever you need in the pfSense forum.

Which solution did I use previously and why did I switch?

Previously we've used hardware firewalling solutions like SonicWall, Zyxel and others but they're not powerful like this solution. Also, they are hardware so the cost is much higher than software. I've also used IPtables which is a software Linux solution but it's complicated to setup when you need to manage several rules.

How was the initial setup?

It's easy to setup the solution because there's a wizard that guides you through it, and therefore, you cannot make mistakes. Then, you can configure the different aspects to fit your needs.

What about the implementation team?

We have become experts in this solution. We installed it in our lab and tested the solution. After that we implemented it throughout our company, and then began using the solution with our customers.

What was our ROI?

We've a strong know how, and we've use this solution with our customers so we can be more competitive than hardware solutions.

What's my experience with pricing, setup cost, and licensing?

It's a software solution, and also open source, so it's cost is zero!

Which other solutions did I evaluate?

We tested IPCop, Smoothwall, IPTables and others. When we have an OS project, we want to test so we can compare it to our technology, and if it's better, we build it!

What other advice do I have?

Test, test, test and...test! It's powerful but only with testing will you realize what you need.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
IT Administrator at Sharif Medical City
Vendor
It's got a fabulous web interface but lacking in VPN abilities.

What is most valuable?

The Captive Portal (pass through MAC) feature.

How has it helped my organization?

We have been able to gain control of our bandwidth and improve our web security.

What needs improvement?

VPN ability needs to be improved.

For how long have I used the solution?

I've used it for one year.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

No issues encountered.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

9/10.

Technical Support:

8/10.

Which solution did I use previously and why did I switch?

Before pfSense I was using a different solution, but I like this product due to the low cost of hardware, its stability, web interface, and the fact its open source etc.

How was the initial setup?

it's a straightforward setup.

What about the implementation team?

I implemented this, in our office, myself.

What's my experience with pricing, setup cost, and licensing?

There was no cost.

Which other solutions did I evaluate?

We didn't look at any other options.

What other advice do I have?

I would recommend that you use and implement this product. I say that because it is open source, has a low hardware cost, its fabulous web interface, the backup and restore feature, the pass through MAC, and many other features etc.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user223023 - PeerSpot reviewer
IT Administrator at a tech services company with 51-200 employees
Consultant
The product is stable although there were some small problems with setting up the modules.

What is most valuable?

  • Firewall rules 
  • Modules, e.g. Squid

How has it helped my organization?

It was very useful for our DHCP network (guests) and web browsing filtering.

What needs improvement?

I think the product has improved greatly, so I actually don't know.

For how long have I used the solution?

I've used it for one year.

What was my experience with deployment of the solution?

No, it's very easy to deploy.

What do I think about the stability of the solution?

Absolutely not, as the product is stable like a rock.

What do I think about the scalability of the solution?

No need to scale in.

How are customer service and technical support?

We've used the community version.

Which solution did I use previously and why did I switch?

We have WatchGuard Firewall and pfSense firewall.  They are used together and not as a substitution.

How was the initial setup?

We just had some small problems with setting up the modules.  However, there was lots of documentation available online so there were no problems at all.

What about the implementation team?

We implemented it in-house.

What was our ROI?

Well it was great as I didn't need to buy a new firewal..

What's my experience with pricing, setup cost, and licensing?

Close to zero, because we've used an internal server for it.

Which other solutions did I evaluate?

No other options were evaluated.

What other advice do I have?

It's a good product, and it really could be a valid firewall solution.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Systems Engineer II at a tech services company with 51-200 employees
Consultant
The product offers many additional functions except the ability to manage it from a mobile platform, which would be good to add.

What is most valuable?

Two particular features stand out to me:

  1. The WAN load balancing feature
  2. The product offers many additional functions such as router, WLC, and traffic analysis etc.

How has it helped my organization?

It has enhanced our organization because of its versatility. It doesn't need expensive hardware to build a robust firewall, therefore, providing a saving on cost. Also, its reliability is quite remarkable which allows IT to focus on other tasks, and how efficiently it manages our WAN traffic.

What needs improvement?

I think the dashboard/interface could be improved and the ability to manage it from a mobile platform.

For how long have I used the solution?

I have used this solution for the past two years.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

No issues encountered.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

I have never had to use customer service.

Technical Support:

I've never used it, but their technical knowledge base, and via online documents and forums, is quite good, but not excellent.

Which solution did I use previously and why did I switch?

We didn't have a previous solution.

How was the initial setup?

It wasn't straightforward but at the same time not complex. The only issue was identifying relevant static routes to move traffic in and out our network.

What about the implementation team?

I implemented it myself.

What's my experience with pricing, setup cost, and licensing?

The setup cost was practically zero because we had servers in stock. Also, there is no real day-to-day cost attached with it either.

Which other solutions did I evaluate?

No evaluation took place, we just looked at the initial cost to implement a solution using the hardware we have, and how fast it could be rolled out

What other advice do I have?

Plan, research and test certain features and configurations in a lab environment first.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Corporate Trainer / Systems Administrator at a computer software company with 51-200 employees
Vendor
It has the ability to do what other firewalls seem to fail at however, some of the available plug-ins that work very well on older pfSense versions, actually break the newer ones.

What is most valuable?

  • Reliable
  • Easily configurable
  • Awesome plug-ins
  • Very low maintenance

How has it helped my organization?

This product has allowed my current employer the ability to do what other firewalls seem to fail at, providing a reliable and secure point for allowing SIP traffic to pass. Training other admins how to use the features, and also creating custom user levels for various parts of access within the system has never been easier.

What needs improvement?

Some of the available plug-ins that work very well on older versions, and actually break the newer versions. If using a newer version of the software, then the list of available plug-ins should only list those capable/known to work with the version that you are running. Outside of that- it is a rock-solid firewall, now with support.

For how long have I used the solution?

I have used this product for a very long time, over 10 years.

What was my experience with deployment of the solution?

I have had very very few minor glitches in upgrading the product over the years. Most recently, I had the WAN side DNS change to default values. This is not a huge deal, but it took a little while to figure out why the external services were suddenly failing.

What do I think about the stability of the solution?

Stability is not a concern. I've enabled the HA features, and spread them across multiple ESXi hosts. The only thing that could take down my network, would be a lack of power to the hosts, or all of my ISP tanks at the same time.

What do I think about the scalability of the solution?

I've had no issues. I am using this on multiple sites, with reliable VPN tunnels and the traffic seems to remain a constant.

How are customer service and technical support?

Customer Service:

I have generally only used the forums. In fact, I don't recall *ever* using customer service, but that's only because this product rocks.

Technical Support:

I have generally only used the forums. In fact, I don't recall *ever* using Technical Support, but that's only because this product rocks.

Which solution did I use previously and why did I switch?

I have merged pfSense with other products, but I have never chosen another product over pfSense unless I was unable to convince my client that free doesn't mean shoddy.

How was the initial setup?

The initial setup has gotten to be much more streamlined. I think that for the average home user experimenting with networks, this *might* be a *little* hard to figure out at first, but the overall setup is generally a breeze. There shouldn't be any reason that someone can't figure it out in more than 15 minutes a BASE installation and network configuration.

What about the implementation team?

I implemented it myself.

What was our ROI?

It's very high. I have replaced high-end Cisco, Juniper and Sonicwall systems with pfSense on very low-scale machines, and VMs. I have also created networks that are far more complex than any of those are capable of handling without some sort of annual license costing thousands of dollars.

What's my experience with pricing, setup cost, and licensing?

My original setup cost was US$40 for a used x86 Pentium 2 machine, purchased through Boeing Surplus, and additional US$20 ($10 x 2) for two additional NICs to run LAN and OPT1 networks. So, $60 total for self-installation of pfSense v1.1.

Which other solutions did I evaluate?

I looked at low-end Cisco/Linksys devices for physical hardware, and I played around with a variety of free *nix based installations including customized IPTables, IPCop, SmoothWall, and Enodian.

What other advice do I have?

If you want reliable, highly-customizable, and rock solid firewall, do not hesitate for one second to install/purchase this product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user222798 - PeerSpot reviewer
IT Support Specialist at Tech Solutions
Consultant
It has provided us with a low cost security solution but their testing prior to deployment needs to be improved.

What is most valuable?

  • Open source
  • Proximity security
  • Content filtering

How has it helped my organization?

It has provided us with a low cost security solution using a quality router at a fraction of the cost of our previous solution.

What needs improvement?

  • Testing prior to deployment
  • Packages need better support

For how long have I used the solution?

I've used it for eight years.

What was my experience with deployment of the solution?

Rarely as long as the right precautions are taken during migration.

What do I think about the stability of the solution?

Sometimes there are issues with package deployment and one must refer to the forums for support.

What do I think about the scalability of the solution?

Being open source, scalability is not limited. The limits in place, are only set by available resources and time.

How are customer service and technical support?

Customer Service:

Customer service is available at a rate of $399 for 2 incidents, $899 for 5 incidents and $1,699 for 10 incidents. Most people refer to the forum and/or chat room.

Technical Support:

Over 10/10.

Which solution did I use previously and why did I switch?

Yes, I have used many other routers but nothing offers the options pfSense does without spending a fortune. pfSense is constantly being improved on.

I switched due to router limitations and vulnerabilities.

How was the initial setup?

It's straight forward for anyone that's installed an OS before, however, I wouldn't recommend it for the novice.

What about the implementation team?

It has been implemented in house and at client locations. If implemented at client locations it does require some care if Snort (The proximity security system) is used as it needs to be fine tuned and touched up from time to time due to newly found vulnerabilities that cause legitimate sites to be blocked.

What was our ROI?

You can invest as little or as much as you want. Granted, some features require more hardware than others but some end users use old machines that no longer have a purpose.

What's my experience with pricing, setup cost, and licensing?

It's between US$50 to US$1500 depending on the hardware that is used.

Which other solutions did I evaluate?

We also looked at -

  • Smoothwall
  • Moonwall
  • SonicWall
  • Netgear
  • IPCop

What other advice do I have?

Become familiar with the router before implementing it at customer sites. Realize that basic features require a basic amount of hardware. Advanced features require more RAM and if using an SSD, use the embedded installer to reduce wear and tear on your drive.

I would recommend having the following hardware as a minimum:

  • At least 8GB for storage
  • 256MB+ RAM
  • A dual core 1.8Ghz CPU for single typical Internet connection
  • The faster the internet connection, a faster CPU and more RAM are required
  • If you run Snort and Squid it is recommended you have between 4GB to 8GB of RAM

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user222801 - PeerSpot reviewer
Technical Program Manager at a healthcare company with 51-200 employees
Vendor
Straightforward set-up but it does require some technical expertise to do it.

What is most valuable?

  • Free
  • Open source
  • Robust
  • Strong community support
  • Strong author support

How has it helped my organization?

Critical network infrastructure has improved.

For how long have I used the solution?

I've used it for two years.

Which solution did I use previously and why did I switch?

I've also used Untangle and Sophos firewalls

How was the initial setup?

Straightforward, but it requires some technical expertise and tweaking.

What about the implementation team?

We implemented it entirely in-house.

What other advice do I have?

Make sure the implementer has programming experience.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user149982 - PeerSpot reviewer
it_user149982Project Manager at a tech vendor with 1,001-5,000 employees
Vendor

Indeed this is a very powerful opensource solution but as you say it requires some technical expertise and tweaking (but actually which firewall technology does not require some now?). Fortunately the community and project documentation are rich and very helpful. Extra packages availability is also rich, it goes from the simple CLI tool like bmon to fully graphically managed RADIUS, SQUID, SNORT servers for instance (see : https://doc.pfsense.org/index.php/Category:Packages). It also support natively High Availability Sync thanks to CARP and pfsync protocols (see: https://doc.pfsense.org/index.php/Configuring_pfSense_Hardware_Redundancy_%28CARP%29). Few days ago I set up VPN SSL configuration with OpenVpn in TAP mode, all done through the GUI (no need to edit any files through CLI) what quite impressed me (usually bridge creation is done through CLI).
To conclude I really invite people looking for a free firewall solution to give a try with pfsense :-)
Just keep in mind such a solution is devoted to projects requiring "not so much speed", I mean 40G or even 100G firewalling and either not UTM inspection.

PeerSpot user
Manager IT at a energy/utilities company with 501-1,000 employees
Vendor
The proxy filtering is valuable except for blocking HTTPS which it can't do.

What is most valuable?

  • MAC Filtered DHCP and DNS
  • Captive Portal
  • VPN
  • Proxy Server
  • Proxy Filter

How has it helped my organization?

It has provided us with secure internet browsing and a strong monitoring ability.

What needs improvement?

Proxy filters are not supported for the blocking of HTTPS sites.

For how long have I used the solution?

I've used it for two to three years.

What was my experience with deployment of the solution?

No issues encountered yet.

What do I think about the stability of the solution?

No issues encountered yet.

What do I think about the scalability of the solution?

No issues encountered yet.

How are customer service and technical support?

Customer Service:

I have not gotten any support from the customer service center because I can get all the solutions on their web blogs.

Technical Support:

I think it is perfect.

Which solution did I use previously and why did I switch?

I was using another product, but it didn't have a bandwidth controller and monitoring tool like this product does. I switched because I can find everything in one window.

How was the initial setup?

Its installation setup & procedure is so simple that a layman could install it.

What about the implementation team?

I installed it by myself and used Google for assistance.

What was our ROI?

It's positive.

What's my experience with pricing, setup cost, and licensing?

I just downloaded the program from the website free of chard. The best thing is, this product can be installed on any machine.

Which other solutions did I evaluate?

No other options were evaluated.

What other advice do I have?

It is recommended, as it is a stable product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user221874 - PeerSpot reviewer
it_user221874Manager IT at a energy/utilities company with 501-1,000 employees
Vendor

Can any one have experienced to deploy Pfsense on Hyper-V ... I am planning to deploy this scenario.

See all 2 comments
PeerSpot user
Network Admin at a tech consulting company with 51-200 employees
Consultant
The product is missing a graphic report implementation tool but performance, scalability and customization are valuable

What is most valuable?

Performance, cost effective, scalable, customizable

How has it helped my organization?

After switching from Cisco, Juniper, Astaro and Microsoft network response improved and more control of packet (for me, pfpacket technology is better than packet filter.)

What needs improvement?

Graphic report implementation tool (now possible with extra software)

For how long have I used the solution?

5+ years.

What do I think about the scalability of the solution?

No, perfect scalability from 20 to 500 users

Which solution did I use previously and why did I switch?

Cisco, Microsoft and when TMG progressively died it was necessary to switch to unix technology, many corporations require low budget and high performance.

How was the initial setup?

The initial approach is very complex because of the multiple functions, but after a short learning curve it is able to handle the standard functions.

What about the implementation team?

In my case, I buy network appliance from Lanner Inc. ltd (watchguard supplier) and deploy the image depending on the desired size and functionality required by the customer.

What's my experience with pricing, setup cost, and licensing?

Identify the most suitable hardware for the required size.

Which other solutions did I evaluate?

Yes, Astaro and PaloAlto plus Juniper, but the renewal planes (AV, UTM, etc.) are very expensive.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free pfSense Report and get advice and tips from experienced pros sharing their opinions.
Updated: July 2022
Product Categories
Firewalls
Buyer's Guide
Download our free pfSense Report and get advice and tips from experienced pros sharing their opinions.