Netgate pfSense Reviews

We are a solution provider and deploy this product for our customers. We also use it in our organization. We use both Cisco and pfSense but for our customers we mainly use Sophos and pfSense. I'm the CEO of our company. 

The solution has assisted us by preventing unwanted access. If the solution is configured properly, then you'll be protected to some degree, although you may also need other products. 

Content protection, content inspection, and the application level firewall are all good features. 

There's always room for improvement. In general terms, for someone who is not familiar with the product I think ease of use could be improved. When you're connecting, the interface is very difficult for an inexperienced user in the sense of setting everything up, as it all has to be set manually. I've also found that the more features you use influences performance and the drop can be drastic when you use advanced features. I want to achieve a certain level of security and at the same time maintain good performance.

The solution is feature rich enough, but one of the things usually outside the UTM system or gateway system is SIEM. It's an advanced system for managing the possibilities and it would be nice to have a kind of interface in the UTM, to enable connectivity with most SIEM systems.

pfSense is rated as one of the good solutions in it's field and stability is good. 

The solution is scalable to a degree but we never use it for big companies. We use it for mid-range companies. Our company has a data center and we have companies that are hooked to our data center. We're doing this on-premise for our customers so if the customer has an on-prem information system, we will implement the firewall and UTM at their location. We have plans to increase use because we have good feedback for the product and we have good experience with it. So we are increasing use of pfSense. Actually we are moving away from Sophos and more towards pfSense.

Technical support is well organized. Most of it is in-house, but in the case there's also a we have access to a second level if necessary. 

We were one of the first companies here making UTMs (before they were known as UTMs). We were the first partner of Cobalt, the first appliance creator. When Cobalt was bought from Sun, we made our first network defender line. It was the first appliance that had a firewall, content inspection, constant protection, intrusion prevention, intrusion detection, antivirus, and mail and web server in one box. Our line was mainly distributed all over the Middle East, Asia, and some parts of Europe. We expanded and worked with companies such as Palo Alto, Cisco, Sophos and pfSense. In some areas pfSense is better than Sophos which didn't make the advances they should have. They now have XG, so they have two totally different products in the same area which is one of the reasons I prefer pfSense.

If you carry out a straightforward setup, then you will have straightforward, basic protection, nothing else. It's more complex if you want other things included. We usually start with some research, carry out a basic setup and make the initial monitoring. From there we make additions based on the results of the complete monitoring. Then it's ongoing monitoring all the time and setting or adjusting to the situation.

For any compnay, ROI can be seen even if they look at the basic possibility of a crypto virus or the like. The savings on that would be at least two days of lost work and the cost would be more than the cost of the whole system plus maintenance. 

Licensing costs depend on company size. pfSense is an open source solution, so there's a charge for support. We offer a first line of support and a second line if required. Payment depends on the contract, because usually it's only covers the firewall. We offer a contract for the network which includes UTM. There's a hardware cost for HP servers and, again, depending on the size of the company, installation cost is about 500-800 Euro. There's an annual maintenance fee included in the networking agreement. 

I recommend this product, it's well-balanced, has a longer history than other solutions so it's not lacking in maturity. There is a lot of online support available via YouTube or blogs but professional support is available if required. I highly recommend taking the support because usually people look at the UTM as something which should be set up in the system and left, but that's not the case with these devices. I strongly suggest making an external agreement with a specialized company to deal with security. Users need to have decent protection, not just protection.

I would rate this solution a nine out of 10. 

Our main business is for WiFi networks. Customers also ask us for simple firewalls, and we use pfSense to add a firewall to provide the complete solution. We are working with the latest version of pfSense.

One of the advantages of pfSense is that it is very easy to work with. It is a very good open-source solution, and it works really well.

pfSense provides a complete package. For some features, it could be the first solution in the world. It is a very good alternative in the market for a firewall solution. You don't need to go to Cisco or other brands with expensive firewalls. pfSense also allows us to offer some support services.

There is more demand for UTMs than a simple firewall. pfSense should support real-time features for handling the latest viruses and threats. It should support real-time checks and real-time status of threats. Some other vendors, such as Fortinet, already offer this type of capability. Such capability will be good for bringing pfSense at the same level as other solutions. 

I have been using pfSense for about four or five months.

It is stable.

It is easily scalable. It is more of a hardware thing than a software thing.

It is easy to deploy. Our real deployments are for WiFi networks, and then we add one or two firewalls to protect the network. For a small network, it can take one week. For a more complex network, it could be two or three months. We have a few upcoming projects which would require severe thousand firewalls, and it would take us more than a year.

It is open source.

I would recommend pfSense, but it depends on the requirements. There could be other vendors who offer more services than pfSense. For example, Fortinet is a very good brand, and it offers services in a different way. Fortinet also offers more services, but it is very expensive. If you don't need some specific services, pfSense is an excellent solution.

I would rate pfSense a nine out of ten.

Typically, we implement this solution on an enterprise-level for our clients and set it up for them as required.

The solution offers good value.

The captive portal on the product is excellent.

The solution has a very nice load balancer.

It's a good solution for end-users. It's pretty easy to work with. 

The user interface is very nice. It's easy to navigate around the solution.

Technical support is very helpful.

The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them.

I've been working with the solution for enterprise-level organizations for four or five years at this point.

Our clients use the solution across 100-200 computers. Some of the implementations are sizeable.

I've dealt with technical support in the past and have found them to be helpful and responsive. we have been satisfied so far with the level of support provided. They are easy to work with.

We implement the solution for our clients, so we have a good sense of what is expected.

As an implementer, our company can handle the initial setup for our clients.

We implement the solution for our clients. I've personally implemented the solution on five projects so far.

We work with the latest version of the solution, typically.

Our companies are typically mid-level enterprises. 

This product is the very best. Overall, I would give it a rating of ten out of ten.

We have internet limitations here in Sudan. The financial institutions that I am working with do not have a lot of services on the internet.

It is difficult but at the same time, we are safer and are not faced with any kind of compromised data.

This solution is suitable for small businesses and charity organizations. Security is not just about the firewall, you need policies and procedures in place.

The developers of pfSense follow the principles of open-source.

They keep it simple. It's simple and good.

The problem with open-source is that no one can take responsibility.

It needs to be more secure. Security needs improvement.

It's always better to have an agreement, an SLA regarding security. You should outsource your security to another company.

I have been using pfSense in my home environment since 2010. I have a small lab, a small environment.

We have also deployed it in my workplace.

It's a stable solution.

pfSense is scalable.

At our peak time, we have reached more than 5,000 concurrent connections.

I do not have experience with technical support.

I am also using IPFire. It's also open-source.

It's very stable, and it meets my business needs.

The initial setup is straightforward.

If you have solid knowledge and experience in IP tables, then it will be easy for you to deal with this product or any firewall. For example, Palo Alto or Fortinet. It's the same concept.

Depending on your activities, it can take a long time to deploy if you are new to this solution. For me, it takes less than one hour.

You have to understand the network technology and you have to understand what you are going to protect, and what service are you looking to protect. If you address these questions correctly, the installation is just a matter of a couple of clicks.

I completed the implementation myself.

We are using the open-source version, not the commercial one. 

It's very affordable.

I would continue to use pfSense if the decision was mine, but it is out of my area. It depends on the CIO.

I would recommend this solution to others who are interested in using it.

pfSense will not cost you any money.

It depends on your business needs. You have to address your business needs correctly.

I would say to go with pfSense. If you feel that it is not compatible, you have other purchase options such as Palo Alto.

I would rate this solution a ten out of ten.

• Firewalling
• Routing
• DHCP
• Transparent proxy
• DNS cache
• VPN, etc.

• Outstanding support
• Great packages to expand the solution to your needs
• The same config can easily be migrated to better hardware when you need it.

• Super easy to manage. Anyone who has been working with firewalls can handle it.
• There is good documentation with a fantastic community and enterprise support.
• The strongSwan IPSec is a great implementation.
• Proxy features are excellent (except MITM).

• The central point of management, like the long-rumored pfCenter.
• Better parsing of logs: At the moment, you have to use an external server for this if you want a deeper analysis. 
  

Our appliance is under constant heavy load by several services, and it's rock solid stable.

I had stability issues only with a GUI that used to hang. It didn't affect any services, but it was a little annoying that we needed to restart the PHP often.

pfSense scales well.

They are just fantastic. They usually respond super fast, and usually with a solution if you describe the problem correctly. In more complex situations, they will set up a personal lab environment based on the customer's case.

We used to use a lot of different solutions.

After comparing a lot of solutions, the choice was Netgate pfSense.

It is very straightforward and much easier than the previous Clavister FW. Config is easy. 

99 percent in-house implementation and 1 percent Netgate implementation. Netgate has the highest level of expertise you can get.

This solution was about $150,000 cheaper than the closest competitor over a three year period. 

All costs are low compared to other solutions. The hardware is stable and cheap.

There is no licensing fee except for the enterprise support, if you want it.

We evaluated Cisco, Fortinet, and Sophos.

If you don't have a policy that says "only proprietary software" in your company, there is no reason not to go for pfSense. If you are still in doubt, take the cheap (and excellent) Netgate academy course. It's only for two days, and you will learn how to manage pfSense at a comprehensive level.

We mainly use pfSense at client locations where the client is looking for a free alternative for paid/subscription based Network gateway with enterprise grade features

Being free and open source, we replaced our network gateway with it. Works well on an old Pentium 4 PC with 1 GB of memory. Failover, URL Filtering, Proxy server, traffic monitoring features inbuilt with SNORT IDS/IPS is all we use and have never faced any problem for over 5 years now.

The most valuable feature for our company has been the extensibility of the platform which is great. It's a great solution and I have regularly been supplying it to my clients. 

The user interface could be improved, it's a bit clumsy and clunky.  

I've been using this solution for more than seven years. 

This solution is absolutely stable. With some systems there's a necessity to regularly redo the configurations inside the system. With Pfsense that's not the case. I have no issues with it at all. 

The solution is very scalable. It has a failover feature so it's highly skilled. 

Given that the solution is a free and open source product, it doesn't have any technical support center. We just have the online documentation which is not one of the best, but it's good. 

I previously used a solution from Cyberoam but we had issues with the licensing. That's the reason we mainly stick to Pfsense open source.

The initial setup is a little complex, of intermediate difficulty. It takes about a day. 
In terms of deployment, the entire system has been installed and configured to basically take care of a network of roughly around 35 to 40 computers. We have a dedicated physical machine which has been configured and installed throughout.

My only comment would be to suggest that if you wish to implement the solution read the documentation very carefully. 

I would rate this solution a nine out of 10. 

We use pfSense as our firewall. 

We install it for clients that don't have a network available or the network is not ready for phone deployments. We're a phone company. We use pfSense to connect to the router and normally we connect clients to client VPNs, and then from there, we can have access to the internal network so that we can see all of the files.

We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform.

I would like to see SD1 integration into the software. That would be fantastic.

The solution is pretty stable, that's why we use it. There aren't any problems.

The scalability is fine. If you need to have a bigger client or something like that, it's simple. You do a backup and then you restore into a new appliance and go from there. 

We provide technical support for our clients so we don't use a third party company for the support, we do the support in-house.

We also use MikroTik, Barracuda, and StoneWall.

The initial setup is fairly simple, not complex. We can get the deployment done in around half an hour. 

We deploy pfSense for our clients. We have one technician maintaining the whole thing.

Our return on investment is fast. We see a return on investment from day one, it's a fairly cheap router.

Any network engineer will understand how this solution works. It's not so complex to understand and be familiar with. It will require a certain level of networking knowledge to use it but we're at an enterprise level and we're a small-medium business and it works.

I would rate it a nine out of ten. 

I use pfSense to provide firewall and VPN services for small businesses. I have a handful of clients using it now and a new one in the works. 

What I like about pfSense is that it works well and runs on an inexpensive appliance. It's a minimal Intel system that has no fan and is all solid-state. It doesn't have a fan because it doesn't do enough to get hot. It's a box about the size of a Discman. I can download the pfSense software at no cost then connect a keyboard, mouse, monitor, and USB flash drive to the appliance. It's built on top of BSD and managed with a web server. And it's effortless to manage.

I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner. Unfortunately, it's not ready for pfSense, which is built on BSD, and WireGuard is not yet integrated with BSD. The issue is that pfSense is waiting for BSD to add WireGuard support. Once WireGuard is supported on BSD, you can bet pfSense will adopt it. 

I've never had any problems with stability. You plug it in, set it up, and it works.

I know a peer who set up pfSense in a Catholic parish school. It's not thousands of devices, but there are several devices in the parish office, the rectory, and throughout the school, as well as three different VPNs. There's a fourth VPN connection to the IT Director's house, where he manages most of it. So that's four locations with VPNs, and that's the biggest one I know. All you have to do is buy a big enough appliance. You can use the minimum appliance in the rectory, where there's a handful of computers, but you need a step up from that in the school, where there are a lot more computers to connect. And I think even the parish office, which is a handful of people, uses the minimum appliance.

I've never needed support. You can find anything you need to know in the pfSense knowledge base online or in the documentation.

You only need a couple of minutes to install pfSense, then it just sits and works. You boot the USB drive and install it. After that, there's no more management. Any IT professional can easily set it up. Business owners who don't know anything about technology might have a hard time, but the average IT person can do it with no problem. There's good documentation online.

The pfSense software is open source, so you only have to pay $90 a year for support. Of course, I could be wrong on that. It was that much when I looked into it a year ago. It might've gone up or down since then. You can buy the minimum appliance for under $300. It has two ethernet ports, one for your WAN and one for your LAN. 

I rate pfSense 10 out of 10. The appliance is inexpensive, and the software costs nothing. You plug it in and it works.