Netgate pfSense Reviews

We use Netgate pfSense as a firewall solution for small and medium-sized businesses.

Netgate pfSense offers firewall protection, VPN access, and a range of monitoring tools.

Adding features to pfSense is easy to do through the wizard.

Netgate pfSense is well documented, and the interface is easy to use when we consult the documentation.

Netgate pfSense was recommended, so the benefits were immediate.

It provides a single wizard. Some third-party tools out there allow us to manage remotely. It also helps us optimize performance by enabling us to turn features on and off.

With the inclusion of firewall, VPN, and router functionality, we love pfSense's total cost of ownership. 

The most valuable features are the alerting and local monitoring.

We are a security shop. It would be very useful if we could place pfSense appliances in customer environments and remotely manage them.

I have been using Netgate pfSense for four years.

Netgate pfSense is relatively stable. It has been running for four years now without any issues.

The scalability is limited without upgrading the appliance.

The technical support offers great quality and good response times.

Positive

The initial deployment is not a plug-and-play out of the box. It takes a little bit more than that. For us, it takes ten to 20 minutes for one person to deploy one pfSense firewall.

Netgate pfSense has a great pricing model.

I would rate Netgate pfSense ten out of ten.

Maintenance is required for software updates.

We use pfSense as our main router.

We implemented pfSense to address the instability and limited customization options we experienced with our previous router.

pfSense is highly flexible, allowing for creating IPsec tunnels and various other configurations.

Adding features to pfSense is easy.

Since implementing pfSense, our overall stability has improved significantly over the last ten years as we transitioned from Prosumer equipment to a more robust tool. This success has allowed me to implement more pfSense routers in other locations. We saw the benefits of pfSense in less than a couple of weeks. Having that added stability is great.

pfSense Plus provides us with the visibility to make data-driven decisions. We can see historical data and bandwidth utilization, allowing us to make informed decisions about our internet connection based on that information.

The most valuable aspects of pfSense are the stability, hardware compatibility, and low cost.

I want pfSense to add some next-generation firewall features.

The scalability has room for improvement.

I have been using Netgate pfSense for ten years. 

I rate the stability of pfSense ten out of ten.

Due to the absence of a single pane of glass management feature, scaling out pfSense becomes quite challenging. I'd rate its scalability a three out of ten, as the process is far from straightforward at present.

The few times we've had to engage support, they have been professional and incredibly knowledgeable. If we encounter someone who doesn't have the answer immediately, they can find it very quickly. In the past, they have even joined meetings with us and a client to work on a problem, providing a lot of insight and assistance throughout the process.

Positive

We previously used Prosumer routers, but their capabilities were insufficient for our needs.

Initially, it was a bit complex when I started using the system over ten years ago. pfSense required a deeper understanding than the Prosumer devices I had used before. I had to grasp the ramifications of every action. However, once I overcame that learning curve, it became knowledge I possessed.

It took us about two weeks to implement and learn how to use pfSense. I've noticed that with pfSense, I'm always learning something new. Just because we've used something for a long time doesn't mean we know all of its functionality. For example, I needed to establish an IPsec tunnel for the first time last year. I called in support, and we successfully established the tunnel to another location. There's always something new to learn, whether pfSense adds new features or we encounter a need for functionality we haven't used before.

pfSense Plus is cost-effective for what we're getting. I've been using Netgate hardware for a long time, and including the pfSense Plus license with the hardware offers significant value. Additionally, using pfSense software for free is of great value.

The total cost of ownership is very low. We've used pfSense historically in a simple configuration, and I've been able to train peers on how to use the Netgate hardware and pfSense Plus effectively.

I rate Netgate pfSense seven out of ten only because of the lack of ability to manage all our switching and WAP from one location.

We have three locations, and two to 25 users use a combination of wired and wireless devices and a typical broadband connection.

pfSense requires maintenance when new versions or patches are released. This does not happen often, but it does happen.

I recommend pfSense to others. Once you overcome the learning curve, it becomes almost second nature to use. The cost is also a major factor. Every year or so, I explore alternatives to Netgate hardware, but almost everything I find is subscription-based, like Cisco Meraki or other brands. I'd struggle to justify renewing a router license every 18 months or risk it stopping working. So, using a platform like pfSense without an annual fee is a huge benefit for our budget.

I use it as a firewall and also as a router because you can address what you want to do with it. It can do network advanced translation (NAT).

It is sitting on my own server. It is on a remote server on a private network.

It is very simple to use. I'm working faster now. I don't have to configure a switch and sync some VLANs on the switch. I can concentrate more on my work because I know that pfSense is guarding my network. It improves my workflow a lot. 

The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network.

It is not only a firewall; it can also do some routing or network advanced translation (NAT), which makes it very powerful.

It is very simple to use. As long as you understand the basics or fundamentals of networking, you can manage everything very quickly with it.

The web is evolving every day. So, the product should be constantly improved with more regular updates. Things are constantly changing. There are obsolete protocols, and then there are new protocols. For my own use, it is not an issue, but for somebody who is more at the forefront of internet browsing, it could be a problem.

There could be a way to remote to it through a mobile app. You can always browse through your browser on your mobile phone or tablet, but it would be good to have a dedicated app. I understand that iOS and Android developers are expensive, but there should be a mobile app.

I have been using this solution since May.

It is very stable as long as you don't change the winning theme. When it is working, leave it working. My rule number one is one computer, one function. So, pfSense does that one function, and I don't try to use it for anything else. I could do some File Transfer Protocol or things like that, but it is not made for them. I don't restart it and move it. I only do the security updates and change the username and password very often.

I don't require much scalability. It is fine for a small-scale company with about 30 devices, such as printers, computers, etc. I'm only working with a few people, and I don't have any traffic problems, but a company with 50 or 60 users could have problems with it. Currently, there are four to five users, and I'm providing multimedia services to four to five people. 

It is being used extensively. Sometimes, its usage is 50 times a day, and sometimes, there is no usage. I don't work on it on a daily basis. It also depends on the project I'm working on. We have plans to increase its usage.

Their support is good.

I didn't use any other solution previously. I didn't have a need for it. Only in May, I had the need to deploy my own service.

It is easy to set up if you understand the protocols. If you understand the theory of what is a firewall and what is a router, its initial setup is straightforward.

Its deployment took one week. The strategy was simple. It involved blocking certain traffic, allowing certain traffic, and making ACL or a list of undesired operations such as cookies so that if it is impossible to sniff, and there is complete security. If someone is trying to enter, I immediately get a message on my phone, whether I am in the county or abroad. I immediately get a message saying that somebody is trying to enter, and I am able to counterattack immediately. That's a big advantage of it.

I did it on my own with the advice of some of my friends who have much deeper knowledge than me. It is also very well-documented on the web, and there is a big community.

I am also taking care of its maintenance. I don't have any maintenance except that sometimes, the server on which this solution is implemented has issues. Its maintenance mainly involves regularly checking the systems.

There is a big return on investment because FortiGate is 60 to 70 times more expensive, which could be a big problem for me. It is more expensive than my car. I have a small budget and a small car.

It is about €1,000. It is a one-time payment. I do not have a monthly or yearly subscription. I don't subscribe to any subscription because I hate cloud services.

There are no additional costs.

I would advise others to try it and see if it is good for them. It is a very good product for me, but that might not be the case for other users. There are so many solutions, but I'm really happy with it. For my scale, it is good. If you are Amazon or a company with one million connections every minute, don't ever use this. It is not made for that. It is perfect for small-scale networks.

I would rate it a nine out of 10. It needs more regular updates, so I can't rate it a 10, but it is very easy to use, stable, and solid. 

I have used Netgate pfSense for a range of purposes. Initially, I employed it for VPN connections, mainly for personal and professional use. I also relied on it to maintain network equipment in a professional context. In the professional sphere, I have experience with both pfSense and Juniper, but eventually, I decided to phase out Juniper due to its high costs, especially for updates and the addition of new functionalities. pfSense's cost-effectiveness and the flexibility to transition to new hardware while retaining configurations made it a preferred choice. pfSense also stands out in terms of its rapid algorithm evolution compared to competitors like Juniper. Its scalability is another advantage, where adding a new box or reconfiguring can boost the firewall's capacity.

On a personal note, I use Netgate pfSense to connect to my equipment at the data center. Currently, I have a highly available installation that requires two instances of pfSense. While I considered pfSense for this setup, I had to assess whether OpenSense might offer better features for future requirements before delving deeper into pfSense.

It's worth noting that Netgate pfSense's performance is independent of the hardware it runs on. As I mentioned earlier, its scalability is a strong point. Most functions are readily available, and additional features can be obtained by downloading and installing plugins, which are generally free. When you compare this to the alternative of purchasing a firewall from a different supplier, you'll find that the latter option typically doubles the cost of the firewall itself. This cost increase is often attributed to additional licenses for deep inspection and similar functionalities. While configuring pfSense may require more time and effort upfront, the long-term cost savings make it a more cost-effective choice.   

One concern I have with Netgate pfSense is related to packet filtering. Specifically, issues can arise with certain functionalities like GP, and, at times, there may be bugs. When creating IP lists, I've noticed that synchronization doesn't always function correctly. While it's not entirely dysfunctional, troubleshooting these synchronization problems can be quite challenging.

I have been using Netgate pfSense since 2015-16.

I've experienced certain issues with Netgate pfSense in the past, particularly with the previous version, which was 2.5. It posed several problems. However, the current version appears to be more stable. Nonetheless, I still encounter troubleshooting challenges. For instance, there is an issue where it initially blocks an IP range but releases it after ten minutes. This behavior is somewhat peculiar, and it pertains to IP filtering.

The support for Netgate pfSense mainly comes from online forums. These forums are populated by a significant number of individuals who are knowledgeable in pfSense and its related areas, making it a valuable resource.

The choice of whether to use Netgate pfSense often depends on the company's preferences. In some cases, particularly in Switzerland, there is a strong preference for open source solutions. This choice is sometimes motivated by the desire for open source alternatives and can also be related to cost considerations.

The Initial setup is very easy.

Netgate pfSense is a cost-effective option. If you're not using a VPN, you can acquire a decent embedded PC for around a hundred dollars and install pfSense on it, effectively creating a robust firewall solution. With this setup, you can achieve a throughput of two hundred to three hundred megabits per second without any issues, provided you're handling relatively simple rules. The level of performance depends on the specific requirements and tasks.

If you're considering using Netgate pfSense for the first time, I would recommend giving it a try. It's relatively easy to set up and use, especially if you have some prior knowledge of network and IT work. The user manual provides helpful guidance, and the basic configuration is straightforward. Just ensure you pay attention to the hardware requirements to make the most of it.

It can be rated as an eight for simplicity. However, as you progress and introduce complexities, such as enabling deep packet inspection, adding extra features, or installing multiple plugins, the configuration can become more intricate. I encountered some issues with iOS in version 2.5, but they are expected to be resolved or have been resolved.

We use pfSense as a firewall to improve our security. 

pfSense is viable and works as it's supposed to. It prevents data loss. I've used it on several networks. It's there in the background and just works. It minimizes downtime by running dual WANs and automatically switching between two connections.

pfSense is relatively easy to set up and just runs. It's easy to use. The platform is flexible. We've been able to do everything we've tried. It seems very complete. I'm not using all of the capabilities, but it does what we want to do. 

Once you find what you're looking for, it's relatively easy to add features and configure them. Google helps out. I've been able to do anything I wanted.

The learning curve is a little long.

We deployed pfSense in the last five years. 

I rate pfSense 10 out of 10 for stability. 

It's a small firewall and we have a small network. 

I rate Netgate support 10 out of 10. I've only contacted them a couple of times, and it's been fine. They've responded quickly and done the job. 

Positive

I've only used off-the-shelf routers without a truly community-built firewall product. 

My background is in IT, so the installation is relatively straightforward once you understand a few concepts, but that's normal. I got pfSense running in a day.  d

The price of pfSense is fair. We have a relatively small network, and most of the competitors are pretty expensive. 

I rate pfSense 10 out of 10. It does everything it should do.

I had an appliance that died six months ago. Then I didn't want that hardware anymore, so I bought two new servers. A single power supply but dual on a network with three times four network cards. On that, I installed the pfSense (Community Edition).

From inside to outside, I have about 15 to 20 node servers and users going outside. From outside to inside, I have only three tech support people, myself and two other ones. With regard to clients using the platform from outside to inside, on the servers inside, I have about 1000.

I had some outages in the network and we provide services for our company. We sell mobile credits. The terminal gets access to our own server inside the network and if one internet fails, then the other one is still up and we have a back-up link on the devices. 

If the devices cannot send the first IP address, they make use of the second IP address, which is the back-up link to access the servers. In terms of outages, ever since I used pfSense, I have that feature. 

In terms of experiencing delays, the server has the primary IP and the secondary IP configured on the client terminals. The total solution works.

I'm still experimenting with some new features. I want to do a high availability configuration. I haven't done that yet, but I'm using OpenVPN, it's very handy. 

Some suggestions for improvement of pfSense are:

• Adjustment in the interfaces: I had to adjust those interfaces manually and of course that is a great feature that you can restore it but it is immediately also one point for improvement. If you don't have to adjust, if it's just stamped and it works, that's great.
• With regard to the Community Edition, when I installed it, we use Proxmox as an equivalent of PMWorks and I installed the Community Edition in Proxmox. That was very difficult to get to work at first. A lot of tweaking. That is very, very not easy.
• When I'm inside of my network and I go to a URL, the URL points to a server inside my network. It doesn't hang, but I don't get a response. It just stays blank. 
• I can imagine that inside my network, I am going outside, and it points to the public address, so I can reach it. With eSoft, without any adjustment, it worked, and I was able to do that. I went to search pfSense for an option, and I had some documents open to read about how it is done, but it isn't clear enough. It's not that easy. I would appreciate it if I could get easy help on that.

pfSense is very stable. My own disappointment is the appliance only worked for a year and two months. It might be just bad luck, but that was very disappointing.

I had to use pfSense Community Edition on a general desktop. That was done within three hours. It took me three hours just to get the hardware, download the software, and then set it up to get everything working again. 

After that, I ordered the new server with two servers: one has to be active and the other standby. I am going to try higher scalability on it using pfSense. 

The configuration is already on the servers. I did all this myself because of my experience. The utilization of the CPU, etc., it's very low. 

I like pfSense. It doesn't take too many resources and it's very stable.

I did not utilize pfSense customer support. You have documentation, there is enough documentation online to get you through. I haven't actually used tech support. When I bought the appliance, I was entitled to one year of tech support. I never used it, it wasn't needed. 

I previously evaluated eSoft by Untangle. Untangle is an open source company but you have to buy custom add-on's to get it to work. I bought eSoft and it's very good.

I am also the CEO of my company. This technical part, it's not my profession, but I get less and less time to invest, and more time playing around with this stuff. 

When we were growing, a small company, eSoft was small, so I needed a bigger one. I had to reset eSoft every week because of the growing traffic over it. I wanted a bigger one and it was not available. 

What I wanted to do was not possible with Untangle. Untangle was basic stuff. I bought the pfSense appliance and it's open source, but I support the project. 

I bought it and I got disappointed because I again wanted a bigger one. My first choice would be Cisco because of my background but Cisco is expensive.

eSoft was good. Before switching from eSoft to pfSense, Cisco at that time was not an option. 

Every software in our company, every desktop, every server, is open source. If it isn't CentOS then it's Red Hat or Ubuntu. 

Open source was preferred and pfSense was number one on the list.

Ever since the first time I used it, it's very straightforward, it's very easy.

My strategy was to get it connected to the internet first, then apply some rules for forwarding and VPN. 

The first one was very easy to set setup. VPN was not that straightforward but there is enough documentation to get you through it and that helped. 

In terms of time, the Community Edition took very long to install but once installed, to configure, it took around 15 to 20 minutes.

I did the setup all by myself. There is documentation online and that is sufficient. It's good enough, very good support in the documents.

If you haven't invested a lot of money, you will definitely see the return on investment with pfSense because you hardly spend anything, except for the hardware. 

With the appliances, pfSense should look into longevity issues. Your hardware should take, like Cisco's and others, years before they break. In terms of other retailer equipment, it's a safe bet towards pfSense.

That's why I purchased it but I have to look into the high availability. There is documentation of people that I know that are going to get it to work. I'm going to test it because that is our business that we are talking about also.

It should work because of the resale mobile credit for our customers. Another thing I will definitely try is the virtual IP because the virtual IP feature can bridge the two interfaces. The SSL certification is from Google. 

That was it for me, I'm 100% happy.

I prefer appliance licensing with pfSense (Community Edition). 

1. It's free. 
2. It's very stable. 
3. It's only on the hardware, it can be very fast.

Choose the appliances because it is nice to have the hardware cut out for it, i.e. the right hardware for the right software. 

I used to be a Cisco network expert. I used to train people and I've done some Cisco projects myself. I know Cisco by heart but I was less excited about Microsoft, so I went researching for open source solutions and I came across pfSense.

I was able to compare pfSense with Cisco. I used it for a client of mine as well, and it was interesting. After that, I started my own company and I came across pfSense again. 

I looked into pfSense. You have OPNsense from the Dutch and then you have pfSense. I've tried both and I like pfSense more.

I definitely plan to increase using pfSense. I am going for a higher capacity. If power fails or one server dies, or one gateway dies, the other servers will take over seamlessly. That's the ultimate for us.

I would definitely rate pfSense an eight and a half out of ten. Definitely eight and a half, not lower, could be a bit higher. Because it's stable, it's good. If the small issues I've mentioned are worked on then I would go to a 10.

We use it for home solutions and 200+ enterprises. We use it to address routing issues (NATing issues through VPNs).

Our environment consists of many enterprises with many subnets.

pfSense makes everything easier compared to Cisco or Fortinet.

Policy-based firewall rules are the most valuable feature because every other brand it is 200% more complicated to accomplish the same operation.

The flexibility is easy. We can implant in small businesses for less than 500 CAD and in 5k users enterprises. The only part that needs to be improved is the hardware, everything else is out of the box.

I would rate the ease of adding features a ten out of ten. With telecom knowledge, the product is crystal clear easy.

Evaluation and contracting could be improved. 

I have been using pfSense since 2016.

The scalability is good, they should offer filtration or a next-gen firewall.

From my experience, their support is very quick. 

Positive

I haven't evaluated any solutions since 2016. With pfSense you get the bang for your buck. pfSense routing, VPN, policy rules, NAT forwarding, everything is better.

The initial setup is straightforward. It was easy. We have 16 years of experience. I did the deployment, it only required one person. 

It is cheaper than other options. 

I would rate it a 9.5 out of 10. My advice would be to take the time to do an online course if you find using the solution a bit hard. It is worth it.

We use it for its firewall features and VPN.

I provide it to my customers, and I also use it in my office. It is a very good solution for enterprises that need a VPN for their employees. It is the best way to provide a remote work facility to employees at a very low cost. Other solutions that I have had in the past were very expensive. Enterprises don't always have that kind of money to invest.

Its firewall ability is very good. It is very good and smooth at stopping attacks. It is better than others because we have to perform quite a bit of programming.

It is a very good and affordable solution for enterprises.

Other solutions provide more scope for growth. For instance, we can have only 10 to 20 employees on VPN, but other solutions can support more users. We also have more capabilities to increase the performance of the solution.

I have been using this solution for four years. I am using it now, and I have also used it in the past.

It is very stable. Both pfSense and Netgate appliances are very stable. I have had some of these solutions working non-stop for about a year and a half.

It is very scalable. It is being used in an enterprise with 70 employees and about 30 terabytes of communication per month. I also have other small enterprises with 10 to 20 employees. In my office, I have four users. 

I usually use community forums for any tech support. I get very good information there.

I have also worked with Netgate appliances in the past. Both Netgate and pfSense are very stable.

It is not very easy, but it is straightforward. We have an agreement with the clients to have the equipment and install the appliance in three or four days.

It is very suitable in terms of the price. If a client cannot acquire a Netgate appliance, I provide a custom-made appliance, and I install the Community edition of pfSense. It is a very good and affordable solution for enterprises. Some of the clients pay monthly but usually, it is annually.

The maintenance cost varies depending on the kind of solution we have implemented. It could be €100 per month or around €800 per year.

I would absolutely recommend this solution. I would rate it a nine out of 10.