Netgate pfSense Reviews

We have internet limitations here in Sudan. The financial institutions that I am working with do not have a lot of services on the internet.

It is difficult but at the same time, we are safer and are not faced with any kind of compromised data.

This solution is suitable for small businesses and charity organizations. Security is not just about the firewall, you need policies and procedures in place.

The developers of pfSense follow the principles of open-source.

They keep it simple. It's simple and good.

The problem with open-source is that no one can take responsibility.

It needs to be more secure. Security needs improvement.

It's always better to have an agreement, an SLA regarding security. You should outsource your security to another company.

I have been using pfSense in my home environment since 2010. I have a small lab, a small environment.

We have also deployed it in my workplace.

It's a stable solution.

pfSense is scalable.

At our peak time, we have reached more than 5,000 concurrent connections.

I do not have experience with technical support.

I am also using IPFire. It's also open-source.

It's very stable, and it meets my business needs.

The initial setup is straightforward.

If you have solid knowledge and experience in IP tables, then it will be easy for you to deal with this product or any firewall. For example, Palo Alto or Fortinet. It's the same concept.

Depending on your activities, it can take a long time to deploy if you are new to this solution. For me, it takes less than one hour.

You have to understand the network technology and you have to understand what you are going to protect, and what service are you looking to protect. If you address these questions correctly, the installation is just a matter of a couple of clicks.

I completed the implementation myself.

We are using the open-source version, not the commercial one. 

It's very affordable.

I would continue to use pfSense if the decision was mine, but it is out of my area. It depends on the CIO.

I would recommend this solution to others who are interested in using it.

pfSense will not cost you any money.

It depends on your business needs. You have to address your business needs correctly.

I would say to go with pfSense. If you feel that it is not compatible, you have other purchase options such as Palo Alto.

I would rate this solution a ten out of ten.

We primarily use the solution to help our customers with firewall integration. 

I like the solution's stability and ease of use. 

There is a need to increase the technology on the area of WAF, the web application firewall. I would like to be more knowledgeable about the firewall, so I may best use it to solve customer problems. 

The integration should be improved. 

I have been using pfSense for around six years. 

The solution is stable. 

Technical support is perfect, excellent. 

The solution is easy to install for one who properly understands the nitty gritty of the firewall and network.

It is my engineers who are responsible for the installation, not I, so I cannot comment on its duration, although I know that it does not take them long. 

We don't buy the PS from Sophos, because we have in-house training and in-house trained engineers who always handle the implementation.

Our customers must pay for an annual license. 

The solution can be deployed both on-cloud and on-premises. 

When it comes to Sophos, we have around 18 to 20 customers making use of it. 

I would recommend the solution to others. 

I rate pfSense as an eight out of ten. It is good. 

We primarily use the solution for security purposes. We use it for a firewall.

The solution is quite stable. The performance is very good.

We've found the solution to be very easy to use. It's user-friendly.

The scalability potential of the product is quite good. 

We like the fact that the product is open-source. It's free to use. There are no costs associated with it.

The solution is very easy to install.

The solution is quite fast.

It does a good job of monitoring our systems.

The solution could always work at being more secure. It's a good idea to continue to work on security features and capabilities in order to ensure they can keep clients safe.

I've been using the solution for a while. It's been about six years or so.

The stability of the solution is very good. There are no bugs or glitches. it doesn't crash or freeze. Its performance is reliable. It's been very good over the years.

The solution scales quite well. If a company needs to expand it, it can do so with relative ease.

We have a few hundred users at this time.

We do have plans to continue to use the product.

We have used technical support in the past. They have always been very helpful and responsive. They are knowledgeable. We have no complaints. We're quite satisfied with their level of service. 

The installation of the solution is not overly complex or difficult. It's easy. It's straightforward. e didn't have any issues with eh implementation process. A company should find the setup very simple. 

The deployment was very fast. It only took a few minutes.

The solution is an open-source product. It's free to use. It's extremely affordable.

I'd rate the solution at a ten out of ten. It's been very good in terms of its overall capabilities.

I would recommend this solution to other companies and users. It's very fast and very easy to use.

We have all sorts of users. We have admins, we have the finance guys, and we have salespeople using it. We created a captive portal for our teams as well as a guest portal. So in general, we are more or less happy.

Right now, I use it not only for intrusion detection but also for ETLs. We are a telephony integrator. We use it for applications and radius, etc. I use it as much more than a firewall. I use it for telephony applications as a certificate authority. 

Well, we do have the versatility of a fully functional firewall at practically no cost impact... So its a good investment for us in terms of the time spent on it... Most of all, we can see where our Internet etc can be well managed from the real time graphs that we see...

It's quite an awesome product with so many good things packed into it. I am happy with the EPLS, the radius, and I am happy with the captive portal. All in all, it's a good product. And considering that I get it for paying nothing, it's really worth the time invested in it.

As I said, the product is fantastic. It could use a little bit of improvement in the reporting — the reporting is virtually non-existent. Something like a reporting module would be a benefit. Otherwise, in terms of the performance, at least for my organization, I don't see much of a problem.

By this, I mean that we cant generate reports of trends etc that could be exported out of PFSense in terms of a PDF etc to see how the firewall is functioning...

Though I must say that the work around for this could be to use the pfsense zabbix plugin and integrate to a Zabbix platform and then use the Zabbix reporting capabilities to get the required reports... Not much of an effort for the technically sound persons but definitely not in the scope of those from a non technical perspective... 

I have been using this solution for roughly 10 months. I started with version 2.4, but about four days ago, I upgraded to version 2.5. It's been a good product so far.

Stability-wise, it's fine. I've only experienced one issue in the last 10 months. But in general, I am happy with it. Scalability-wise, as I said, our organization is just about 10 to 15 people, so we have not had much of a problem. I can't comment on how it would scale up with hundreds of VLANs and tens of thousands of people operating on it. But in general, for a small organization, I think it's very stable.

As we are in SMB, I cant comment on big traffic situations but for a small organization like ours (10 to 20 users) and with various integrations that we need (e.g., OpenVPN, WireGuard, LDAP authentications, Tens of VLANS, Captive portal, DHCP Relay, EAP-TLS, IDS, Adblocks etc.) We are ok with it...

I think the documentation is good enough because I've never had the need to contact technical support. I just use Google to get the information that I need.

We used to use Fortinet in our office in Dubai. But where I am right now, I thought an open-source was the option for me because I'm very involved in open-source projects. It came down to pfSense and OPNsense — the first one we downloaded was pfSense and I stuck by it.

The initial setup was straightforward. I come from the IT industry, so I had no issues. Within 20 minutes, I had it up and running.

I implemented it myself.

Too early to comment... Though all I needed to invest was a small desktop and ofcourse, time and effort to configure it... 

Well, its opensource... So for the tech-minded, its not so difficult but yes, the configuration is understandable for those with good prior firewall knowledge... 

If you can get it working, its great... But yes, thats the first part... Get it working... 

Oncw working, all licenses etc are not a problem as it is opensource... So no restrictions there... so far...

I did use Sophos-XG free but I stick to pfsense as it is free and open source...

I would recommend pfSense for the simple reason that it's open-source and it's free. Anything for free is good. I personally got much more out of it than I expected. I never expected this product to be so worth the time. It's a good product. For my needs at least.

Overall, on a scale from one to ten, I would give this solution a rating of eight. I have not used it for thousands of users, but for our usage, for an SMB organization, I would give it a rating of eight.

I use pfSense as a firewall. I use it also as a VPN server and for the captive portal. Those are the main purposes.

It's difficult to say how it has made a difference in my organization.

The most valuable features are the VPN and the captive portal. Captive portal and VPN are easy to deploy.

I haven't experienced many problems when dealing with the solution, so I don't know if there are areas that need improvement.

If a user doesn't have a large amount of experience in Linux systems, they will have problems using this solution. Users need to be highly skilled in troubleshooting competency. Users who do not have such skills will find the product difficult to use.

Sometimes if your network goes down, you might experience an issue on the captive portal. This may require a restart and it also may require that you load it again. I'm used to the system, so I know what to do, but it can happen from time to time.

It can be really easy  to deal with Technical support. Technical support is avaible every time I call . But sometime if Technical support do not privide you the solution, so you should double check and solve the issue by your self.

I've been using the solution for about five or six years. 

The stability isn't bad, but there can occasionally be bugs within the system. The likelihood is lessened if you follow a few key protocols.

It's important to have a proper license, otherwise, you run the risk of bugs.

It's important to upgrade the solution regularly. This also helps users avoid running into bugs. If you experience a bug, it's a good idea to check the release and make a grid.

Those that have experience in troubleshooting will benefit from their knowledge when using this solution. Sometimes packages will not work and you'll have to be strategic with workarounds.

The support can be really difficult to deal with. I wouldn't say that we have been satisfied with them in any way.

It's not very complex to set up. However, it can become complex as you're using it, and when you are learning the systems. In that sense, it might not be straightforward for everyone.

When it comes to using pfSense, you need to have extreme skills in Linux and in troubleshooting. If you don't have any form of troubleshooting competency, it could be very difficult to use, and very hard to set it up.

I'm very proficient in the solution. I managed the implementation on my own. We didn't need to hire a consultant or bring on an integrator or reseller.

The pricing of the solution is fair. I've also paid for a license that includes Entreprise support. Our license lasts for two years.

We're just customers. We don't have a special relationship with the solution. We just use it on a regular basis.

I'm not sure if I'm using the latest version of the solution or not.

I'd rate the solution ten out of ten since I've never had any major issues with it.

The biggest thing a new user or company needs to be aware of, however, is that whoever the team is that's using it, they need to be very experienced Linux users. The system will be extremely difficult otherwise.

New users will need patience. However, it is easy to use due to its very good web interface. It's also easy to deploy and the process can be handled quickly. There's no need to have a really big fancy long-winded deployment process. That said, especially if you are using it within a complex Linux environment, you absolutely must have high skills in both Linux and security.

In the past, we had different locations in different countries, and in every location, we had the same pfSense firewall. Therefore, the connection between our different locations was good and manageable. However, in the last two years, we have had only one location here in Belgium, thus the performance of the pfSense has been good, and we can manage great with the open ports and the closed ports, but now a firewall has to be a little bit more than just that.

I do not have any big malware in my network, partly because of pfSense. The firewall blocks every malfunctioning malware or virus. Also, the access from outside our network has to be blocked, and I know by experience that our pfSense is very closed. You have to open every port in order to make sure that there can be a connection from outside our network.

1. I can manage it easily by myself.
2. The interaction between the same firewalls is good. We can connect VPNs over the same firewall easily.
3. It is an open source solution. Therefore, the price is good.
4. OPNsense.
5. The performance and functionality are good.

A malware blocker should be included. I do not know if it is included yet. However, until now, we have not experienced a large malware invasion.

There are a few features not included, and when you have to use those features, you have to pay for them.

I know that I should change the current pfSense solution. I should change it because we have only one key port on it. Our internet access also has a key port now, I should have two key ports, one to the LAN and one to the WAN.

Therefore, I want to change it, because it gives us less speed. I could provide the speed, but there are not two key ports on it. Therefore, I now have to choose a new pfSense solution, or I could look at another vendor similar to what we have.

I am satisfied with the stability.

Scalability was less important. When we started, we did not have to scale the pfSense. In the seven years that I have used the pfSense, once I had to renew it because the hardware was broken or was defective. The second one was a little bit faster and had more memory, so I did not have to scale it again. Therefore, the scalability has not been so important to us until now.

We came from OneStart. OneStart was out of data and at end of life. Thus, we had to switch. pfSense was originally proposed to us by the dealer and our external IT help.

The initial setup was straightforward, therefore I wanted to continue using the product.

I did not do it alone. I had help from the dealer. Once installed, I can manage now to change little things. For the initial setup, I was involved with it, but I did not do it myself.

It was straightforward to buy from pfSense.

From Sonic Wall, their price is much higher, because for every feature that you want to add, you have to pay. I can do the same things with pfSense, but everything is included in one price.

We originally evaluated Cisco, WatchGuard, and Barracuda. We chose pfSense because of the price and it was open source software. At the time, our team was called OpenERP (now called Odoo), so open source software was an advantage.

I would recommend it. It is manageable and straightforward. It is not so complex. You have to know the different rules, but you can manage it easily. The performance is good.

• Battery backup
• True processor power at low energy cost
• Expansion possibilities
• Low noise emission

We like it mostly for being able to use BSD compiled software inside it. It is flexible, fast, powerful and full of features, such as an easy proxy filter, and clustering along with an easy and well developed web based interface.

Kernel support for laptop features, USB/Firewire ethernet cards, and specially built in WLAN cards. If the WLAN functions work properly, pfSense makes a perfect "repeater" or controlled and robust accessed point with built in QoS and firewall. Wider support for 3G and 4G USB cards as backup networks would be nice too. It was impossible to get some USB stuff to work.

We've used it for two years, with an HP Elitebooks 8350 for battery backup.

No issues encountered.

I got terrible kernel crashes on HP laptops while trying to setup WLAN, but it worked better on Fujitsu ones.

It has worked as expected so far.

I have never needed it.

I have never used it.

We have mostly used Cisco products. Their products feels like we are back in the stoneage when compared to pfSense. We switched as we needed more power (as traffic, bandwidth and user accounts grew). pfSense was one good clear substitute, and Cisco is too expensive if you want real throughput power, and it was too hard to administrate when we compared it with pfSense. also, anyone can learn pfSense pretty fast because of the intuitive web interface), and there is never trouble with invalid licenses. The features like IPS (snort/suricata) are well developed and can be used for free or at a small cost for extra security. The most valuable of all though, is that we could recycle old hardware to make our perfect firewalls, reducing the hardware cost.

It was easy.

We implemented these ourselves.

It's hard to say. The setup goes pretty fast and, once you know the hardware to be used, it will work, so there was no significant amount of time there. The laptops used in this project were already recycled and had enough power for us to make a cluster and be happy with them, so it pretty much only cost us the price of some 3G modems and some USB network interfaces. Maybe not more than 200 Euros per machine.

We evaluated IPCop and m0n0wall. We took a vote on our team and pfSense won the deal.

If you are unsure, do a labtest before you implement it. If you are still stuck on the traditional "stoneage" products, you may get amazing results.

We are solution providers and this is one of the products that we deploy for our customers. We replaced old Cisco ASA with pfSense and it proves as a good choice.

PfSense gives tools to protect the network. If you configured things properly then you'll be protected to the distant level. PFsense gives a solid set of functionalities that work perfectly. VPN services are stable and easy to deploy.

The classic features such as content inspection, content protection, and the application-level firewall, and VPN Are most common. This is a feature-rich product and the documentation is good.

Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually. It would be more user-friendly if things were set automatically. 

The drop in performance can be drastic when you use more advanced techniques. There is some trade-off between having a certain level of security and maintaining acceptable performance.

We have more than ten years of experience with pfSense.

The stability of pfSense is standard. It is rated as one of the good solutions in this area.

This product is scalable to some point, although we have never used it for large companies. We use it for small to medium-sized organizations. For big companies, we more often implement Palo Alto.

In our company, we have a data center and some of our clients are hooked to it. This is something that we have on-premises for our customers.

We have plans to increase our usage with pfSense because we have had good feedback from our customers. In fact, with the good experience we have had, our sales have been slightly increasing. Our sales are shifting from Sophos to pfSense.

The technical support is organized well. We do most of the technical support for our customers in-house but there is a second level of outside support available. It is okay. 

Positive

We currently resell products from both pfSense, Sophos and Cisco. In some areas, pfSense is better than Sophos. I have been a bit disappointed with Sophos because I know their history, and I don't think that they have advanced as well as they should have in that time. Also, they have two different products, XG and UTM. This is another reason that I prefer pfSense, at least a little bit, over Sophos.

The initial setup is complex. If you have a straightforward setup then you will have straightforward, basic protection and nothing else.

It takes a few months to adjust where you start by setting it up, and then you have to monitor it and see what's happening. It's ongoing work because, after this, you have to keep monitoring and adjusting to the situation. This is part of the service that we perform for our customers.

We are the integrators for our customers and deploy with our in-house team. We have people in the company who are specialized in this area.

The return on investment depends on the predicted cost of failures of the system, or intrusion of the system, which is hard to give a straight answer on. In part, this is because different companies put a different value on their data.

For example, with medicine, if somebody were to steal the data related to the latest CORONA vaccine then the cost would be tremendous. On the other hand, if there is a company that is making chairs, stealing the design of the chair probably wouldn't be as high when compared to an application in medicine. So, there is not a straight answer for that.

Return on investment, in any case, I think for every company, this is a must. Put in a straightforward way, they can count just the possibilities of having an attack on their system with a cryptovirus. If they can save their data from attackers then it would save them at least two days of not working plus the cost of recovery, which would be much more than the cost of the system and maintenance.

The price of the licensing depends on the size of the deployment. pfSense is open-source, but the support is something that the customer pays for. We charge them for the first line of support and if they want, they can purchase the second line of support. Typically, they take the first-line option.

The term of licensing also depends on the contract. The firewall doesn't always have a contract but rather, there is a contract in place for the network, which includes UTM.

In addition to the licensing fees, there are costs for hardware, installation, and maintenance. We use HPE servers, and the cost depends on how large the installation is. The price of setup is approximately €500 to €800, which also includes the initial monitoring.

The maintenance cost isn't really included in the network fees.

For smaller companies, we charge them a few hours a month for monitoring. It takes longer if the client is bigger.

Palo Alto, Fortinet, Sophos, Cisco

It is important to remember that you can't just leave the device to do everything. You still have to know what you're doing.

I recommend the product. It's well-balanced and one with a long history, so it doesn't have child's diseases. There is a lot of online support available online, which they can consult themselves. But, in the case that they need support, they can hire a professional support line and that is highly recommended.

I say this because usually, people look at the UTM as something that should be put in the system, set up, and left alone. But, this is not the case with this type of solution. Therefore, I strongly suggest making an outside agreement with a specialized company that will take care of their security from that point on.

The biggest lesson that I have learned from using this kind of product is that you can't assume that the internet is a big place and nobody will find you. There is always a good possibility that robots will search your system for holes, and they are probably doing so this instant. This means that users should be aware and have decent protection.

In summary, this is a good product but there is always room for improvement.

I would rate this solution a nine out of ten.