Netgate pfSense Reviews

I am using it for personal use.

It is quite easy to manage firewall rules and policies in pfSense. It is not the most user-friendly, but it gets us there. We have to be sure of all the things that we are activating, but it is easy. It is alright.

Open source and support are valuable. I have community support.

Its performance is good. It is reliable. I would rate it a solid nine out of ten for performance.

There are several levels of firewall configuration such as beginner, advanced, and expert configurations. At each level, it becomes more complex and more tricky to set up the firewall. For example, if you want to install the firewall on your computer system, it would be a lot easier if it just tells you that this is the internet NIC and this is the Wi-Fi NIC. 

It would also be interesting if we could add an interface for DNS versions. It will be a multisystem to make all the blocks of the DNS. I know that firewalls are different from DNS, but if we could take advantage of everything in a single system, that would be lovely.

I have been using pfSense for half a year.

It is stable. I would rate it a nine out of ten in terms of stability.

I believe it is scalable. If I need more computers with more NICs, it is scalable, but it is not something related to pfSense. 

The support that I have is community support. 

Neutral

I also use WatchGuard Firebox. It is different from pfSense. I have Firebox on a rack mount server on a cabinet, whereas pfSense is on my computer, so it is quite different because I can use any kind of hardware to implement the firewall.

Firebox can make an open-source version, but that is not the target of the company. pfSense is doing a great job because they have covered both situations. They have an open-source version with community support, and if we purchase the license for hardware, we can also get support from their side. In the long run, pfSense has more advantages.

If I go to a company and they ask me to implement something, I would most definitely go with pfSense. Its price is lower. I have a great knowledge of pfSense. I can very easily find support in the community, and if the company buys a license, I can get support directly from pfSense. I believe it is a win-win for pfSense and for the customers.

I am implementing it in two phases. In the first phase, it was implemented directly on hardware on an old computer with five NICs, and everything went smoothly. The second stage is virtualizing this machine into a Proxmox server, which is a bit more tricky. It is quite difficult to make it work on the NIC hardware system.

The first phase is very easy. It is almost plug-and-play. We just have to install it and activate the NICs. Everything will go smoothly. The second phase is not easy because I have to make double configurations on Proxmox and on pfSense. I would rate it an eight out of ten in terms of the ease of setup.

In terms of our environment, I have one computer connected directly to the Internet's router, and then all the information is passed through and managed, so I can filter everything by MAC address in my network. I have it on one computer, but my whole network is using it.

I use the free version.

I would recommend it. For personal use, it is a great way to start. For companies, it is a great add-on. Companies can get support by buying the license.

I would rate pfSense a ten out of ten.

We are solution providers and this is one of the products that we deploy for our customers. We replaced old Cisco ASA with pfSense and it proves as a good choice.

PfSense gives tools to protect the network. If you configured things properly then you'll be protected to the distant level. PFsense gives a solid set of functionalities that work perfectly. VPN services are stable and easy to deploy.

The classic features such as content inspection, content protection, and the application-level firewall, and VPN Are most common. This is a feature-rich product and the documentation is good.

Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually. It would be more user-friendly if things were set automatically. 

The drop in performance can be drastic when you use more advanced techniques. There is some trade-off between having a certain level of security and maintaining acceptable performance.

We have more than ten years of experience with pfSense.

The stability of pfSense is standard. It is rated as one of the good solutions in this area.

This product is scalable to some point, although we have never used it for large companies. We use it for small to medium-sized organizations. For big companies, we more often implement Palo Alto.

In our company, we have a data center and some of our clients are hooked to it. This is something that we have on-premises for our customers.

We have plans to increase our usage with pfSense because we have had good feedback from our customers. In fact, with the good experience we have had, our sales have been slightly increasing. Our sales are shifting from Sophos to pfSense.

The technical support is organized well. We do most of the technical support for our customers in-house but there is a second level of outside support available. It is okay. 

Positive

We currently resell products from both pfSense, Sophos and Cisco. In some areas, pfSense is better than Sophos. I have been a bit disappointed with Sophos because I know their history, and I don't think that they have advanced as well as they should have in that time. Also, they have two different products, XG and UTM. This is another reason that I prefer pfSense, at least a little bit, over Sophos.

The initial setup is complex. If you have a straightforward setup then you will have straightforward, basic protection and nothing else.

It takes a few months to adjust where you start by setting it up, and then you have to monitor it and see what's happening. It's ongoing work because, after this, you have to keep monitoring and adjusting to the situation. This is part of the service that we perform for our customers.

We are the integrators for our customers and deploy with our in-house team. We have people in the company who are specialized in this area.

The return on investment depends on the predicted cost of failures of the system, or intrusion of the system, which is hard to give a straight answer on. In part, this is because different companies put a different value on their data.

For example, with medicine, if somebody were to steal the data related to the latest CORONA vaccine then the cost would be tremendous. On the other hand, if there is a company that is making chairs, stealing the design of the chair probably wouldn't be as high when compared to an application in medicine. So, there is not a straight answer for that.

Return on investment, in any case, I think for every company, this is a must. Put in a straightforward way, they can count just the possibilities of having an attack on their system with a cryptovirus. If they can save their data from attackers then it would save them at least two days of not working plus the cost of recovery, which would be much more than the cost of the system and maintenance.

The price of the licensing depends on the size of the deployment. pfSense is open-source, but the support is something that the customer pays for. We charge them for the first line of support and if they want, they can purchase the second line of support. Typically, they take the first-line option.

The term of licensing also depends on the contract. The firewall doesn't always have a contract but rather, there is a contract in place for the network, which includes UTM.

In addition to the licensing fees, there are costs for hardware, installation, and maintenance. We use HPE servers, and the cost depends on how large the installation is. The price of setup is approximately €500 to €800, which also includes the initial monitoring.

The maintenance cost isn't really included in the network fees.

For smaller companies, we charge them a few hours a month for monitoring. It takes longer if the client is bigger.

Palo Alto, Fortinet, Sophos, Cisco

It is important to remember that you can't just leave the device to do everything. You still have to know what you're doing.

I recommend the product. It's well-balanced and one with a long history, so it doesn't have child's diseases. There is a lot of online support available online, which they can consult themselves. But, in the case that they need support, they can hire a professional support line and that is highly recommended.

I say this because usually, people look at the UTM as something that should be put in the system, set up, and left alone. But, this is not the case with this type of solution. Therefore, I strongly suggest making an outside agreement with a specialized company that will take care of their security from that point on.

The biggest lesson that I have learned from using this kind of product is that you can't assume that the internet is a big place and nobody will find you. There is always a good possibility that robots will search your system for holes, and they are probably doing so this instant. This means that users should be aware and have decent protection.

In summary, this is a good product but there is always room for improvement.

I would rate this solution a nine out of ten.

We use this at all of our locations as our edge device, IPSec site-to-site VPN functionality between our offices and our AWS EC2. No matter what is thrown at this, the system handles it like a champ. We have both dedicated hardware and virtualized versions running in our infrastructure. So far we haven't found a reason why we need to spend thousands for an appliance like Cisco ASA when this handles all of our needs.

We're a small business growing rapidly. We recently overhauled the IT infrastructure, and after looking at a number of other competitors, pfSense has been a lifesaver, allowing us to scale up and provide compliance without the need to purchase additional licenses to offer services to our employees.

There are so many packages you can install which extends pfSense's capabilities including consuming from lists such as FireHOL, Pi-Hole, etc. Here are a few packages we use:

• IPSec: pfSense allows for both v1 and v2 IPSec configurations to secure your connections.
• IPS: You can use Snort or Suricata along with Snort packages, even subscribe to commercial packages if you wish. This alone starts making pfSense on par with Cisco.
• Proxy/content filtering: You can install Squid and SquidGuard to act as a proxy and content filter. Yes, it does filter HTTPS, and there's a number of ways you can do it out of the box.

pfSense also reformatted their logs so that they're compliant and standardized. We have our logs shipped to our SIEM and Logstash servers.

While I agree spam filtering is not included or an option with the system, I don't necessarily hold that against the product as there are a number of other services that do it far better than a firewall could. If you use Office 365, Microsoft's implementations are likely to be far superior to what you'll get from a firewall. However, with that said, the one item I wish it included, even if it was a subscription-based service, is the inclusion of an AV and/or threat intelligence. This would elevate the solution well above other alternatives. 

We have not encountered any stability issues and have upgraded to each version over the years. They've really made a rock solid solution.

Extremely high. We tested it on VMs running different configurations from extremely lightweight to overkill. It will run on anything and maintain it's high performance. Obviously the more you give it, the more amazing the solution becomes. 

I had one question, and they got back to me extremely quick. Not only are they knowledgeable about their product, but they're kind and courteous.

Old and outdated infrastructure procured before I joined the company.

Not only was it straightforward, but if you know nothing about firewalls, you can install this. Especially since they recently made their entire guidebook free to use. Not to mention the countless blogs and how to's. Low to intermediate level IT pros should be able to handle this baby.

In-house.

From day one you get a 100% ROI. If all you have is an older server you recently decommissioned, with multiple NICs, I strongly recommend installing this software on it and giving it a shot. Doing that alone will beat out any competitor hands down.

For the cost and what's included, you can't beat it, no way no how. If you're worried about enterprise solutions, the only thing you need to do then is to purchase a support contract, and you have an enterprise solution. You can even purchase hardware from the vendor if you choose.

Cisco, WatchGuard, Sophos, Fortinet, Untangle, Juniper.

I strongly recommend giving pfSense a hard look. I've been in IT for 20+ years, and I've run the gambit on other firewalls. pfSense definitely can hold it's own against any of them. 

I use the solution in my home network as the main firewall before all data heads out to the internet. I use it for DNS resolution as well.

I noticed the benefits of pfSense immediately after deployment. I was able to take complete control of my security to my house, and it gave me all the things that I needed in order to secure my home network.

The GUI and the user interface have been very clean, understandable, and feature-rich across the board.

The flexibility of pfSense is great. 

It is very easy to add features. 

There are features that help to prevent data loss. The rules engine of pfSense, a traditional firewall rule structure, has always been the same.

There's definitely a single pane of glass. There's definitely a lot there in front of you. 

pfSense provides visibility that enables users to make data-driven decisions. I'd rate the capabilities seven out of ten. 

Sometimes it's a bit of a challenge to know how to do something when you want to do something, for instance, setting up a point to point VPN.

Configuration is sometimes a challenge just due to a lack of knowledge on my side. I find that if I don't set up the rules correctly, and this goes to lack of knowledge of being an expert in the firewall space, it's a bit of a challenge sometimes in setting that up.

I would ask them to update it to a more modern interface, as it does look a little tired compared to GUIs today. However, the features are there. A redesign would be greatly appreciated, just from a human engineering aspect.

It might be easier if they separated things out a little bit more instead of putting all the aspects of what pfSense can do for you in a single menu. For instance, they have services, and they have all the services that you could have on your system. It's a lot.

Sometimes I find it difficult to find the data visibility that I would need in the interface to then go make a data-driven decision.

pfSense helps optimize performance. From a performance standpoint, setting up firewall rules does a great job of laying out exactly what those rules are. The layout of the firewall rules makes it easy to create a secure environment on my home network, albeit not very big. However, all the features are within the firewall, and I can create individual rules and organize the rules.

I've used the solution for six years. 

I have never experienced downtime from my pfSense device. I'd rate stability ten out of ten.

The scalability is very good. I'd rate it a ten out of ten.

I contacted technical support when there was a major upgrade a few years back, and I needed some assistance.

The quality was perfect. They were fast and very helpful. Even though I wasn't a paying customer for support, they still gave me great guidance and helped me focus on the issues at hand.

Positive

I've always had my service provider, Verizon, with their main router, and that router usually has a firewall built into it. I've never used anybody else besides pfSense outside of that.

The initial setup is straightforward. I've done it for my son at college in a matter of two hours, from unboxing to operation. It's easy to deploy a box. I can deploy it by myself.

It does not require any maintenance.

The ROI and the TCO are significant. You get a lot of features under one product. However, I don't use it as a router. I only use it for firewall and VPN capabilities and DNS.

The pricing and licensing are spot on. It's well below the industry average.

I did not look into other options. I knew of pfSense as being a leader in the industry, and that it is utilized by major corporations in large environments. To that end, I assumed it wouldn't hurt for me to have familiarity with the product and use it at home.

I'm an end-user.

I use the Plus version of pfSense. However, I do not pay for support.

I would rate the solution eight out of ten.

The solution is primarily used for anything to do with security. SMEs are using it to protect their businesses.

The companies we work with are fairly generic. What we see most is companies using the solution since it's affordable.

The price point is the most valuable aspect of the solution. Customers really value that.

Customers value the following features:  

• It's highly configurable
• It's flexible. 
• The features are easy to use.

The interface is somewhat challenging if you compare it to other commercial products. If you compare it to something like Sophos, where someone with decent firewall knowledge can get it up and running in a very short time, you need to be a fairly skilled security worker for this product.

Configuring the interface can be a bit hard.

We've found working with SAP networks challenging. The model that they have in terms of partner networks works very well in the US. However, it's very challenging in our part of the world. What works very well here (Kenya) is a distributor-reseller model, where you have the vendor appoint a distributor. Then the reseller can quickly serve the client. The partner support could be better here.

We've been selling the product for two or three years. 

The solution is quite stable. I'd rate stability nine out of ten. I rarely have a failure.

We largely work with SMBs. 

Support is excellent. 

Positive

We have used other products as well in the past. For example, I do have knowledge of Sophos. We are a reseller.  We've had it longer than pfSense. Sophos is a bit easier to set up. pfSense pricing is very good, however. It does need a more friendly UI.

The initial setup is a bit complex. There are other products that are easier to set up. The installation is not a problem, however, the complexity comes in with the configuration. The installation itself, which is basic, won't take long. The configuration process is longer since it can be from challenging to quite complex. 

There is some maintenance required. There are updates every quarter. Previous to the last update, you couldn't do an update without breaking. It's easier now, however, there is still maintenance. 

The solution is cost-effective, however, that does come at a cost to the client. They do have to buy the product in the US and ship it to Kenya. The total cost of ownership, including acquisition and support, can be quite competitive. 

We are resellers. 

I'd recommend the solution to other users.

I'd rate the product seven out of ten. There are a few challenges. However, it is stable and offers good support. 

We primarily use the solution for security purposes. We use it for a firewall.

The solution is quite stable. The performance is very good.

We've found the solution to be very easy to use. It's user-friendly.

The scalability potential of the product is quite good. 

We like the fact that the product is open-source. It's free to use. There are no costs associated with it.

The solution is very easy to install.

The solution is quite fast.

It does a good job of monitoring our systems.

The solution could always work at being more secure. It's a good idea to continue to work on security features and capabilities in order to ensure they can keep clients safe.

I've been using the solution for a while. It's been about six years or so.

The stability of the solution is very good. There are no bugs or glitches. it doesn't crash or freeze. Its performance is reliable. It's been very good over the years.

The solution scales quite well. If a company needs to expand it, it can do so with relative ease.

We have a few hundred users at this time.

We do have plans to continue to use the product.

We have used technical support in the past. They have always been very helpful and responsive. They are knowledgeable. We have no complaints. We're quite satisfied with their level of service. 

The installation of the solution is not overly complex or difficult. It's easy. It's straightforward. e didn't have any issues with eh implementation process. A company should find the setup very simple. 

The deployment was very fast. It only took a few minutes.

The solution is an open-source product. It's free to use. It's extremely affordable.

I'd rate the solution at a ten out of ten. It's been very good in terms of its overall capabilities.

I would recommend this solution to other companies and users. It's very fast and very easy to use.

I build my own firewalls, and I use pfSense.

It is very easy to use. The interface is quite understandable. There is a good community, and I can take over at any time I want. If there is anything wrong with it, I could just reinstall the whole thing and start all over again, and I'll be up again in less than a few minutes.

More documentation would be great, especially on new features because sometimes, when new features come out, you don't get to understand them right off the bat. You have to really spend a lot of time understanding them. So, more documentation would be awesome.

In terms of features, for my use, I don't see anything wrong with it. I basically get what I need from it by default. I build my firewall, so I only rely on the software. On the software side, there is not much to improve right now. So, at this point in time, I don't see anything, but I always welcome any kind of upgrades that they do. I always try them out and see if I can use them in the company or not, but so far, there are no complaints on my end.

I have been using this solution for more than eight years.

It is a very stable product.

It is quite scalable.

I don't have any experience dealing with technical support directly from the makers of pfSense. I am using its Community Edition. That's why when it comes to technical support, I rely on myself, the community, and the information on the internet, especially from those who are more adept at it than me.

It is quite easy. It is up in a few minutes even though I reinstalled the whole thing. For me, it is as straightforward as it can get. I'm a long-time user, and I don't see any problems with the configuration.

We are using its Community Edition, which is free. My company is a government school, and we don't have much budget.

There is a steep learning curve and you have to spend a lot of time with it to understand how you're going to use it and how you're going to customize it yourself. That's where you're going to have to spend a lot of time, but by the time you're done with everything and you have played with all the features you want, you will understand everything you need. You will always be up in minutes, even if it gets "destroyed" during the night, you can come back to it and reinstall the whole thing, and everything will be good.

I would rate it a 9 out of 10. It cannot get a 10 right now because it changes every day. It might be 10 today, but in a few seconds, it won't be a 10 because the whole internet changes in a few seconds, and the whole way of serving your clients can change in a few seconds. So, it can't get that perfect 10. 

The product makes our business more secure. It has increased the security of our business. We are using the two solutions. The first one is from Cisco, and the second is from pfSense.

A few months back, we were attacked, however, the attackers used the wrong software. We decided then it was important to start prioritizing our security, which is why we brought on this product. 

The solution is very flexible.

I find the product very easy to use. 

The initial setup is not complex. 

The solution has been very stable so far.

We can scale the solution if we need to.

The process can be challenging. We do not have one security team. We need a team that can guarantee the security of our company and we're not there yet. We only have the client's equipment, and one guy managing this equipment. This isn't necessarily a problem with the product, it's more about our own internal structure. 

Ultimately, we'd like something stronger, and something that can handle threats better in real-time. 

I've been using the solution for about five years now. 

The stability has been great so far. there are no bugs or glitches. It doesn't crash or freeze. Its performance has been great.

The scalability of the product is very good. If we want to expand, we can do so. 

We have 3,000 people on the solution right now. There are people from various teams that utilize it. It's not just IT. 

We previously used OpenBSD, a Linux solution. 

We switched to this product as it is free and open-source. It also increased the level of security we had on hand, even though OpenBSD was more user-friendly. 

When it comes to setting up the solution, it's not a complex process. It's pretty straightforward in general. 

The deployment took maybe a month and a half. 

We have two teams that handle deployment and maintenance tasks. One team is internal and the other is external. They're mostly engineers and they work together. 

We used an outside integrator to help us and we were pretty happy with the results. 

We are using the free version of the solution. We are not paying anything for it at this time. 

We're reading up on other solutions every day. We likely won't stay with this solution. It's good for now, however, we'd like something more robust further down the line. 

We are a customer and an end-user. 

We're using either version 5.3 or 5.4 at this time. 

While this is a good solution, we're looking for something stronger in the future. I'd recommend others also look for something strong, that fits their security needs. 

I would rate the solution at a nine out of ten.