I use it as a firewall and also as a router because you can address what you want to do with it. It can do network advanced translation (NAT). It is sitting on my own server. It is on a remote server on a private network.
We had been hit by crypto, and with our existing firewall infrastructure, we found out it didn't have geofiltering without an additional cost. That's still written from SonicWall and I think you have to pay extra for that. pfSense came with geofiltering and with logging as well, which I believe you have to pay extra for with SonicWall. So we didn't realize this until we got hit. We implemented GoIP filtering, and we also activated and stored the log files from within the firewall. I think there are some other feature sets that we used as well. The device seemed to be a little bit simpler to manage and configure through the interface. Of course with it being open source, we were able to stay current with that without having to incur annual purchasing or annual licensing fees like we do with SonicWall.
I use pfSense as a proxy and a firewall to monitor all the traffic to my network. It allows me to shape the traffic and eliminate bottlenecks that cause the network to slow down. You can use pfSense to catch some websites or make the network faster because we have applications connected remotely all over the country. We need to have a network with a reliable speed and no hiccups on the way because all our applications are on-premise, and the entire country goes to the same data center to get information.
We are a small business and we use pfSense as our interface for the WAN. We use it for a Firewall and to ensure that all devices are operating. It provides our basic network routing needs, reporting on usage, such as IDS, and for managing individuals on network devices for controlling bandwidth and destinations.
This solution is for my personal use, I've had a hobby of using it for a long time. I use it to protect my home network. Nothing is bulletproof but I'm happy to have a firewall at home scanning the ins and outs of my network so that I have a degree of security.
We have a client who's got a number of VMs on a single piece of hardware. They needed to have access over a VPN to those VMs from inside their network. We use pfSense to provide the VPN link using the IPsec. In others, let's say smaller organizations, we will put a Mini ITX system that then connects into their broadband - typically sort of fiber or something like that - and just gives protection. The solution also allows us then to manage port forwarding and things like that.
I mostly use basic firewall services like blocking unwanted traffic and I use the geolocation tools to predict where potential attacks could come from. That's the main purpose, to protect our business network using pfSense. Within our organization, with a single installation, about 500 users are covered.
We have all sorts of users. We have admins, we have the finance guys, and we have salespeople using it. We created a captive portal for our teams as well as a guest portal. So in general, we are more or less happy. Right now, I use it not only for intrusion detection but also for ETLs. We are a telephony integrator. We use it for applications and radius, etc. I use it as much more than a firewall. I use it for telephony applications as a certificate authority.
I was working for a firm that has 70 employees. They are mostly working from home, so I needed a very well-structured VPN for remote working. We put it on Supermicro, and it worked fine, and it was above their needs.
We are a solution provider and deploy this product for our customers. We also use it in our organization. We use both Cisco and pfSense but for our customers we mainly use Sophos and pfSense. I'm the CEO of our company.
Our main business is for WiFi networks. Customers also ask us for simple firewalls, and we use pfSense to add a firewall to provide the complete solution. We are working with the latest version of pfSense.
We have internet limitations here in Sudan. The financial institutions that I am working with do not have a lot of services on the internet. It is difficult but at the same time, we are safer and are not faced with any kind of compromised data. This solution is suitable for small businesses and charity organizations. Security is not just about the firewall, you need policies and procedures in place.
We have a hosted platform with our client. We've built a VPN site and the solution is deployed as a VM. The client connects to it and it protects anything that's behind it like a regular firewall. Everything we have there is hosted in a data center, all our servers and things that clients connect to. So we're using it as our gateway device. We are customers of pfSense and I'm the owner of our company.
The solution pretty much is our only firewall security at the moment. It handles the integration with our active directory and makes sure that all communications are channeled through a secure network.
I had an appliance that died six months ago. Then I didn't want that hardware anymore, so I bought two new servers. A single power supply but dual on a network with three times four network cards. On that, I installed the pfSense (Community Edition). From inside to outside, I have about 15 to 20 node servers and users going outside. From outside to inside, I have only three tech support people, myself and two other ones. With regard to clients using the platform from outside to inside, on the servers inside, I have about 1000.
We use this at all of our locations as our edge device, IPSec site-to-site VPN functionality between our offices and our AWS EC2. No matter what is thrown at this, the system handles it like a champ. We have both dedicated hardware and virtualized versions running in our infrastructure. So far we haven't found a reason why we need to spend thousands for an appliance like Cisco ASA when this handles all of our needs.
In the past, we had different locations in different countries, and in every location, we had the same pfSense firewall. Therefore, the connection between our different locations was good and manageable. However, in the last two years, we have had only one location here in Belgium, thus the performance of the pfSense has been good, and we can manage great with the open ports and the closed ports, but now a firewall has to be a little bit more than just that.