Netgate pfSense Reviews

We have all sorts of users. We have admins, we have the finance guys, and we have salespeople using it. We created a captive portal for our teams as well as a guest portal. So in general, we are more or less happy.

Right now, I use it not only for intrusion detection but also for ETLs. We are a telephony integrator. We use it for applications and radius, etc. I use it as much more than a firewall. I use it for telephony applications as a certificate authority. 

Well, we do have the versatility of a fully functional firewall at practically no cost impact... So its a good investment for us in terms of the time spent on it... Most of all, we can see where our Internet etc can be well managed from the real time graphs that we see...

It's quite an awesome product with so many good things packed into it. I am happy with the EPLS, the radius, and I am happy with the captive portal. All in all, it's a good product. And considering that I get it for paying nothing, it's really worth the time invested in it.

As I said, the product is fantastic. It could use a little bit of improvement in the reporting — the reporting is virtually non-existent. Something like a reporting module would be a benefit. Otherwise, in terms of the performance, at least for my organization, I don't see much of a problem.

By this, I mean that we cant generate reports of trends etc that could be exported out of PFSense in terms of a PDF etc to see how the firewall is functioning...

Though I must say that the work around for this could be to use the pfsense zabbix plugin and integrate to a Zabbix platform and then use the Zabbix reporting capabilities to get the required reports... Not much of an effort for the technically sound persons but definitely not in the scope of those from a non technical perspective... 

I have been using this solution for roughly 10 months. I started with version 2.4, but about four days ago, I upgraded to version 2.5. It's been a good product so far.

Stability-wise, it's fine. I've only experienced one issue in the last 10 months. But in general, I am happy with it. Scalability-wise, as I said, our organization is just about 10 to 15 people, so we have not had much of a problem. I can't comment on how it would scale up with hundreds of VLANs and tens of thousands of people operating on it. But in general, for a small organization, I think it's very stable.

As we are in SMB, I cant comment on big traffic situations but for a small organization like ours (10 to 20 users) and with various integrations that we need (e.g., OpenVPN, WireGuard, LDAP authentications, Tens of VLANS, Captive portal, DHCP Relay, EAP-TLS, IDS, Adblocks etc.) We are ok with it...

I think the documentation is good enough because I've never had the need to contact technical support. I just use Google to get the information that I need.

We used to use Fortinet in our office in Dubai. But where I am right now, I thought an open-source was the option for me because I'm very involved in open-source projects. It came down to pfSense and OPNsense — the first one we downloaded was pfSense and I stuck by it.

The initial setup was straightforward. I come from the IT industry, so I had no issues. Within 20 minutes, I had it up and running.

I implemented it myself.

Too early to comment... Though all I needed to invest was a small desktop and ofcourse, time and effort to configure it... 

Well, its opensource... So for the tech-minded, its not so difficult but yes, the configuration is understandable for those with good prior firewall knowledge... 

If you can get it working, its great... But yes, thats the first part... Get it working... 

Oncw working, all licenses etc are not a problem as it is opensource... So no restrictions there... so far...

I did use Sophos-XG free but I stick to pfsense as it is free and open source...

I would recommend pfSense for the simple reason that it's open-source and it's free. Anything for free is good. I personally got much more out of it than I expected. I never expected this product to be so worth the time. It's a good product. For my needs at least.

Overall, on a scale from one to ten, I would give this solution a rating of eight. I have not used it for thousands of users, but for our usage, for an SMB organization, I would give it a rating of eight.

The solution pretty much is our only firewall security at the moment. It handles the integration with our active directory and makes sure that all communications are channeled through a secure network.

The solution is very robust.

The solution can be complex. It needs a bigger team with more coding skills than what we have at our disposal. With our skillsets, we're facing a lot of limitations. We're a team of four who handles 12 independent companies under a larger umbrella. Our workload is already quite high. We need solutions that lessen it, not enhance it.

The solution requires a lot of administration.

The solution would work better for us if the user interface had some kind of unifying feature that didn't just do firewalls. Sophos, for example, offers so much more. You get one license and you're good to go. Everything's handled from the anti-virus to the network and the traffic and monitoring. Sophos is really user friendly and easy to master. It's easy to get rules put in. pfSense offers none of these things beyond just the firewall capabilities. 

We've been using pfSense as of early last year, around about February 2019. It's been just over a year.

We have about 350 people at our organization that this solution covers.

Although the solution offers a lot of documentation, has a large knowledge base, and has a support forum, when it comes to actually contacting technical support directly, we didn't have access to that level of attention. Everything, therefore, was really on the team. We had to figure out how to troubleshoot on our own and tried to use documentation to guide us.

We originally used this solution way back in 2011. We used it for about 18 months. Then we then migrated on to a system called Kerio Control. We realized that we needed something a little bit more robust than Kerio Control. So we then moved back to pfSense as of last year.

The deployment didn't take too long. I have experience in pfSense, as does my junior. We were able to deploy it within a couple of hours - at least for what we wanted it to do off the bat.

Basically, you need to get all the rules together. We were able to do that within a couple of hours. Obviously, I must say, if we wanted to do a lot more, it would take us quite some time. Unfortunately, we're quite a small team, so we've got quite a lot on our plate and we just honestly did not have the time to get really granular. 

That's the reason why we're moving to something a little bit more user friendly for our size.

We're just users of the product. We're not consultants or resellers.

It's your basic firewall setup. However, when we looked at Sophos, we found that Sophos offered a lot more as it's a fully unified solution and had a firewall, as well as anti-virus and network monitoring capabilities.

This solution really gives us a greater extensive array of modules or features than we would not necessarily see in managing the system as administrators. The solution is quite extensive in that there was a lot of material that we had to read about. It just was not user-friendly for the team. We needed a solution that can handle itself without our intervention.

I'd rate the solution five out of ten.

I stood up pfSense in a Large Telecom providers Lab environment for their next generation products. I was able to achieve 10G throughput (about 9.1 true throughput as tested over 4 days solid), and only hit a max of 20% CPU utilization on a DL380 G7. This server also had Suricata (in IPS mode and a heavy ruleset), as well as pfBlocker running.

I use pfSense because it gives me the flexibility to greatly expand basic firewall features. It's open source (and free - as in beer and speech), but also has commercial support. This can be run on any commodity hardware on the market (I've ran it on AMD and Intel - even Atom, processors) and throughput is excellent, even with lower speed CPUs and less RAM.

The GUI. There are TONS of plugins for pfSense, as such, if a user wants to add quite a bit of functionality, the GUI will feel a little congested.

A little... BUT, this was contributed to a failing Arista switch that would do a coredump and reboot. The pfSense installation at high speeds failed over perfectly though.

No - in our high-speed tests (10G), we were not able to push the CPU over 20% utilization.

I didn't really need any technical support. But was in contact with the Developers of pfSense as we were starting to work with them for an NFV setup.

Fortinet, SourceFire, etc.... the cost... oh the cost! Why pay these guys when I can use pfSense for free AND only pay for support when and if I need it?

Very straight forward. If anyone has ever installed any kind of OS or set up a firewall, it will be a piece of cake.

Open Source - just download! If you need support, it's available.

Fortinet, SourceFire.

It's an amazing product. There really are few issues with pfSense.

I install Netgate pfSense in various locations. It is also used for monitoring traffic and acting as a proxy.

I handle the scanning for the finance department. I recently encountered an issue with our company bills. I resolved the matter, cleared the bill, and received calls regarding it using pfSense. 

The user interface is extremely user-friendly, which is why we use it across various sites. Our IT representatives at the plants find it easy to use and manage because of its straightforward interface.

They rely on third-party tools, unlike Fortinet, for example, which has its own tools. In comparison, we also use third-party tools on pfSense. For example, we had a situation where we needed a tool to identify authorized users, and when I searched for a solution, I found a third-party tool. However, using such tools may come with additional costs.

I have been using Netgate pfSense for around one year. 

If I think about pfSense, I would rate the stability around six. There have been some issues with stability, causing occasional downtime. I haven't extensively worked with pfSense in the last year, so my experience is limited.

The scalability of pfSense is excellent, and it's easy to expand. Currently, we have around 200-plus users at our head office using pfSense. I would rate it 7 out of 10.

I haven't contacted Netgate technical support, so I can't provide feedback on that aspect.

Comparing pfSense with other vendors, I appreciate Fortinet for its all-in-one device with ALi involvement. However, for a country like Pakistan with limited resources, pfSense is suitable for small offices due to its cost-effectiveness.

Installation is straightforward, especially for IT professionals. During the installation process, you are prompted to input the brand of the internet and LAN cables. If you're unsure, you can simply connect the cables – one for the internet and one for LAN – and proceed. You can choose to use either one or two cards based on your preference.

Regarding maintenance and technical support, we have a team of around 14 technical staff who handle phone calls and work on maintenance when required.

On a scale of one to ten for pfSense overall, I would rate it a seven. In comparison with other top devices like Fortinet and UDMP, pfSense stands equal in my opinion.

We're using pfSense as a firewall and for web filtering.

The firewall sensor is highly effective, and it's easy to deploy. You can deploy pfSense with limited hardware resources. It's not necessary to have an appliance with much RAM to make it work. It's cost-effective and performs well.

The solution could be more user-friendly, and the graphical interface needs some work so that someone without an IT background can use the application. I would like the ability to manage the on-premise appliance from the cloud. When I'm not in the office, it would be great to connect to the pfSense server and administer the network remotely.

I've used pfSense for two and a half years.

pfSense is stable. 

You can scale up pfSense with multiple clusters for higher availability. It has that capability. It gives you that flexibility to set up a hybrid with part of the deployment in the cloud and a mural copy or to grow your network. 

At my previous company, we used a Cisco firewall and a router, but they kept having issues with the firewall and the device.  When I joined this company,  we introduced pfSense and haven't had any issues since. 

Setting up pfSense is easy, but it depends on your experience level. The average person with an IT background who is grounded in ICT can do install and configure pfSense in 15 to 30 minutes. 

PfSense is an open-source product, but you need to buy a license to get some features. 

I rate pfSense eight out of 10. It's an open-source solution that you can deploy on data warehouses with various resources. You're not tied to specific hardware. It's easier to manage and use.

Before deploying, you should find out the details about the environment where you will install pfSense. I would recommend pfSense for an enterprise environment with around 1,000 to 2,500 users.

We use the solution for a Firewall and a VPN.

We have found that this solution is better at keeping our business safe by having improved intrusion prevention than competitors.

I have found the firewall portion for the blocking most valuable.

The VPN feature of the solution could improve by adding better functionality and providing easier configure ability.

I have been using the solution for approximately six months.

The solution is very stable.

I have found the solution to be unlimited when it comes to scalability. The more memory and power you give it, it will use it all.

I found the technical support of the solution to be not very good at all.

I have used Fortinet previously and the installation took a lot less time to install. Additionally, I have also used SonicWall before but I switched to the current solution because it was getting too expensive. 

The initial installation was very difficult, it took approximately one week.

We did the implementation and maintenance of the solution ourselves.

The solution software does not require a license, it is free. The support contract is about $600 dollars. 

I would recommend for other people looking into implementing the solution to read the manual, go on to the videos, verify everything with the tutorials. Make sure you fully comprehend the size of the software.

I rate pfSense a seven out of ten.

I primarily use the solution for monitoring and learning about how to operate a firewall. I also use it for monitoring my home network as well as adblocking.

The solution is 100% free to use.

The product offers a lot of helpful plugins.

The solution is easy to use and has a elaborate GUI.

The initial setup is quite simple and straightforward.

The integration of the plugins into the GUI could be better. It's sometimes hard to find where a setting can be found or how it might interact with other settings. Some documentation is outdate and plugins sometime have no documentation. Information can always be found on the fora but for novice users this can be a challenge.

I've been using the solution for five years or so. It's been a while.

The solution is stable. Since last upgrade there hasn't been a crash, freeze or need for reboort. It's quite reliable.

I've tried to scale the solution previously. I've got two hardware platforms running. I wasn't quite able to run everything I wanted on a small ARM based device. Therefore,  I build my own Super-micro platform based on Intel Denverton.

It's actually easy to scale. It's just moving over most of the configuration: exporting, importing, or even going right into the original XML export file.

There are six users, 3 dozen of devices and a homelab server with VM running behind the solution at this time.

With what I am running now, I haven't had to reach out to technical support. However, an upgrade failed two years ago and I needed to contact technical support to get me the new image for the device. They were very efficient. I was satisfied with the level of support I received.

I've been switching back and forth between pfSense, OPNsense, and Untangle in the last five years or so.

OPNsense and Untangled are more integrated, however, more and more of the plugins are becoming paid offerings. OPNsense misses a plugin that pfSense has, Untangled it's adblocking is easy but not free.

The initial setup is not to complex.

It's good to have the basic information before attempting to set everything up. They've got a wiki with all basic information and there are the fora for questions.

I've got a CCNA certificate and that some comes in handy. For me, it works without any documentation, however, for a complete novice user you probably need some documentation to get you through the process.

Getting everything up and running only took about 30 minutes. You then have a complete firewall solution up-and-running.

There is some maintenance required. You do need to check for updates from time to time, for example. If you install more plugins more maintenance might be required to get everything tuned.

I handled the implementation myself. I have some knowledge about IP routing.

The solution is free to use. There are (currently) no licensing costs.

I'm just a home lab user.

I'd advise those considering the solution for your business to get a service contract.

It works great for someone with enough knowledge and time to get his head around everything. Otherwise, you need to look for a solution that offers support and can work with you on issues. It's nice to try to balance between open-source and support that costs money.

In general, I'd rate the solution at an eight out of ten.

It has improved our security. Users can work offsite and connect to the VPN.

• The VPN and the firewall. They are reliable and easy to manage.
• The VPN is valuable for setting up secure remote connections to our network.
• pfSense has the OpenVPN package which is a well-supported VPN software.
• The "OpenVPN Client Export" package is really helpful in exporting the VPN client software on most popular devices: iOS/Android, Windows, Mac, Linux, and a handful of SIP handsets.

Network monitoring and device inventory could use some improvements. I'm using SpiceWorks for this because it never really worked in pfSense.

Network monitoring is a big topic and I realize there is plenty of software out there like SpiceWorks, NTOPNG, PDQ, Zabbix, and Nagios.

I can easily log into pfSense and check "Status > Gateways" to see if the internet connection is online. However, I don't usually know if there's a problem until it's been down for a while and someone tells me about it. I realize this is a tricky problem, because if the pfSense internet goes down, how is it supposed to send out an email that relies on the internet connection?

I guess the only way that would make sense, is if an external monitor was set up in the cloud or something that could check the status of pfSense at given intervals.

As far as clients being up/down is concerned, I can use some alternative software and maybe there's a package in pfSense that I can use for it.

Another idea for pfSense device inventor: What if pfSense collected a list of newly connected clients? For security, it's important to know about all the clients connected to the network. A simple list of new clients that connect would be nice to have.

The alternative would be to lock pfSense down to only make address reservations, but that just creates more work for the Network Admin.

It seems to run stable, as long as the hardware is good. I tried running pfSense on a USB flash drive. After a month, I was having to re-install/re-configure pfSense on a new flash drive. I did that for a couple of months and collected a bunch of broken flash drives.

Even though their online documents claim that pfSense can run on flash drives, it really just breaks the flash drive after a month or less.

I have noticed that pfSense boots up really slowly as more users are connected to it. Occasionally, you have to re-install or delete broken packages that freeze up the system. However, the core pfSense software runs great.

I have never used pfSense technical support so I can't rate them. I used Google and figured everything out on my own. I do my own support.

We did not use a previous solution. I recommend pfSense because it's free, open source software.

The setup of pfSense was very straightforward for the most part. Usually, when something isn't working, it's because the "Apply" button wasn't clicked.

Spend at least $300 or more on a good pfSense box. Use a hard drive, and not a USB flash drive for pfSense storage.

We looked at some other solutions, but pricing and licensing was the problem. I looked at Palo Alto and SonicWall.

The learning curve is steep, but once you get the basics down, it's very robust and easy to use. There are plenty of resources online about setting it up.