I primarily use the solution for monitoring and learning about how to operate a firewall. I also use it for monitoring my home network as well as adblocking.
Free to use with great plugins and good stability
Pros and Cons
- "The solution is very easy to use and has a very nice GUI."
- "The product could offer more integrated plugins."
What is our primary use case?
What is most valuable?
The solution is 100% free to use.
The product offers a lot of helpful plugins.
The solution is easy to use and has a elaborate GUI.
The initial setup is quite simple and straightforward.
What needs improvement?
The integration of the plugins into the GUI could be better. It's sometimes hard to find where a setting can be found or how it might interact with other settings. Some documentation is outdate and plugins sometime have no documentation. Information can always be found on the fora but for novice users this can be a challenge.
For how long have I used the solution?
I've been using the solution for five years or so. It's been a while.
Buyer's Guide
Netgate pfSense
December 2024
Learn what your peers think about Netgate pfSense. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
What do I think about the stability of the solution?
The solution is stable. Since last upgrade there hasn't been a crash, freeze or need for reboort. It's quite reliable.
What do I think about the scalability of the solution?
I've tried to scale the solution previously. I've got two hardware platforms running. I wasn't quite able to run everything I wanted on a small ARM based device. Therefore, I build my own Super-micro platform based on Intel Denverton.
It's actually easy to scale. It's just moving over most of the configuration: exporting, importing, or even going right into the original XML export file.
There are six users, 3 dozen of devices and a homelab server with VM running behind the solution at this time.
How are customer service and support?
With what I am running now, I haven't had to reach out to technical support. However, an upgrade failed two years ago and I needed to contact technical support to get me the new image for the device. They were very efficient. I was satisfied with the level of support I received.
Which solution did I use previously and why did I switch?
I've been switching back and forth between pfSense, OPNsense, and Untangle in the last five years or so.
OPNsense and Untangled are more integrated, however, more and more of the plugins are becoming paid offerings. OPNsense misses a plugin that pfSense has, Untangled it's adblocking is easy but not free.
How was the initial setup?
The initial setup is not to complex.
It's good to have the basic information before attempting to set everything up. They've got a wiki with all basic information and there are the fora for questions.
I've got a CCNA certificate and that some comes in handy. For me, it works without any documentation, however, for a complete novice user you probably need some documentation to get you through the process.
Getting everything up and running only took about 30 minutes. You then have a complete firewall solution up-and-running.
There is some maintenance required. You do need to check for updates from time to time, for example. If you install more plugins more maintenance might be required to get everything tuned.
What about the implementation team?
I handled the implementation myself. I have some knowledge about IP routing.
What's my experience with pricing, setup cost, and licensing?
The solution is free to use. There are (currently) no licensing costs.
What other advice do I have?
I'm just a home lab user.
I'd advise those considering the solution for your business to get a service contract.
It works great for someone with enough knowledge and time to get his head around everything. Otherwise, you need to look for a solution that offers support and can work with you on issues. It's nice to try to balance between open-source and support that costs money.
In general, I'd rate the solution at an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Solution Architect, Managed Services & System Integration at Transmeet Technologies
An open source platform complete with unified threat management
Pros and Cons
- "The flexibility of adding new kinds of services without spending any money can't be beaten."
- "The interface is not very shiny and attractive."
What is our primary use case?
I mostly use basic firewall services like blocking unwanted traffic and I use the geolocation tools to predict where potential attacks could come from. That's the main purpose, to protect our business network using pfSense.
Within our organization, with a single installation, about 500 users are covered.
What is most valuable?
The flexibility of adding new kinds of services without spending any money can't be beaten. We can compare services like IP blocking, blacklisting and DNS blocking, content filtering, and even deep packet inspection with other larger enterprise firewalls.
What needs improvement?
The interface is not very shiny and attractive. Most of the people that use pfSense are highly skilled, so they don't even bother to go the extra mile when it comes to configuration or any protection mechanisms. With other firewalls, with just one click or with the assistance of a wizard, the service is already configured. With pfSense, you have to have some time to do your own research regarding how to fine-tune it. If that could be improved, then life would be much easier. This would help any entry-level users to adapt to the platform.
Netgate, the mother organization that manages the pfSense platform, should offer organized security feeds for its users so that they can avoid configuring multiple types of feeds in multiple locations. That could generate extra revenue for the company, too.
For how long have I used the solution?
We have been using pfSense for five years.
What do I think about the stability of the solution?
That's the fun part. It's completely reliable in terms of resources that it needs to run. In terms of stability, once it's configured and properly tuned, it will do its job. Still, with firewalls these days, you can't simply configure and forget — it's not like that. You have to look into it every day or every once in a while and if any new traits or new protection mechanisms need to be built, upgraded, or re-tuned, you have to do that. Otherwise, the platform is rock solid. It doesn't fail.
What do I think about the scalability of the solution?
The expandability and the high availability configuration of the system are good.
How are customer service and technical support?
With pfSense, we've never had to send an email to a Netgate official support organization. We follow the forum discussion — the community. We'd ask an expert in the community. That's how we deal with any issues.
Which solution did I use previously and why did I switch?
One of our clients wants to switch from FortiGate to another comparable solution because FortiGate is not stable when it comes to pricing. Over the past three years, they've increased their pricing to almost double. For this reason, our client wants to explore some other options which will be more predictable in terms of costs.
How was the initial setup?
It's definitely complex compared to other firewalls because you have to configure everything, read a lot of documents, and following a lot of formulas and templates. Everyone has to develop their own recipes to work with. There is no proper way forward.
What's my experience with pricing, setup cost, and licensing?
That is another fun part of this solution. There is no license. You don't have to pay anything. It's completely free. The one thing that you can buy is a security feed like an IP feed or a DNS feed. This kind of thing can be easily bought, but if you have the passion and expertise, you can arrange all of these types of feeds for free. It may be slightly different between how frequently those feeds are updated compared to the paid version. Sometimes, it lags behind for 24 hours or 12 hours, but it works.
What other advice do I have?
We are really happy with the system performance, overall, but it depends. For example, right now we have a client who is trying to switch from FortiGate to another solution that is less costly. We recommended and talked with them about pfSense, but despite it being a cheaper and really rock-solid solution with good performance, they were not comfortable using open source. We also offered them Sophos, SonicWall, and Palo Alto — they finally chose SonicWall. I don't know why. It completely depends on the client.
I would absolutely recommend this solution to others. This is definitely one of the most powerful firewalls for peace of mind. The fact is, as long as you are aware of the challenges that you have to face when implementing and managing the firewall, day-to-day, then this could be the best option for you.
Overall, on a scale from one to ten, I would give this solution a rating of nine.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Netgate pfSense
December 2024
Learn what your peers think about Netgate pfSense. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Defensive Security & BlueTeam at Global Research CO
Offers a nice interface and good technical support and has a nice load balancer
Pros and Cons
- "It's a good solution for end-users. It's pretty easy to work with."
- "The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them."
What is our primary use case?
Typically, we implement this solution on an enterprise-level for our clients and set it up for them as required.
What is most valuable?
The solution offers good value.
The captive portal on the product is excellent.
The solution has a very nice load balancer.
It's a good solution for end-users. It's pretty easy to work with.
The user interface is very nice. It's easy to navigate around the solution.
Technical support is very helpful.
What needs improvement?
The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them.
For how long have I used the solution?
I've been working with the solution for enterprise-level organizations for four or five years at this point.
What do I think about the scalability of the solution?
Our clients use the solution across 100-200 computers. Some of the implementations are sizeable.
How are customer service and technical support?
I've dealt with technical support in the past and have found them to be helpful and responsive. we have been satisfied so far with the level of support provided. They are easy to work with.
How was the initial setup?
We implement the solution for our clients, so we have a good sense of what is expected.
What about the implementation team?
As an implementer, our company can handle the initial setup for our clients.
What other advice do I have?
We implement the solution for our clients. I've personally implemented the solution on five projects so far.
We work with the latest version of the solution, typically.
Our companies are typically mid-level enterprises.
This product is the very best. Overall, I would give it a rating of ten out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
Systems Administrator at AB Edsbyverken
It has good documentation with a fantastic community and enterprise support
Pros and Cons
- "Super easy to manage. Anyone who has been working with firewalls can handle it."
- "There is good documentation with a fantastic community and enterprise support."
- "It needs better parsing of logs. At the moment, you have to use an external server for this if you want a deeper analysis."
What is our primary use case?
- Firewalling
- Routing
- DHCP
- Transparent proxy
- DNS cache
- VPN, etc.
How has it helped my organization?
- Outstanding support
- Great packages to expand the solution to your needs
- The same config can easily be migrated to better hardware when you need it.
What is most valuable?
- Super easy to manage. Anyone who has been working with firewalls can handle it.
- There is good documentation with a fantastic community and enterprise support.
- The strongSwan IPSec is a great implementation.
- Proxy features are excellent (except MITM).
What needs improvement?
- The central point of management, like the long-rumored pfCenter.
- Better parsing of logs: At the moment, you have to use an external server for this if you want a deeper analysis.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
Our appliance is under constant heavy load by several services, and it's rock solid stable.
I had stability issues only with a GUI that used to hang. It didn't affect any services, but it was a little annoying that we needed to restart the PHP often.
What do I think about the scalability of the solution?
pfSense scales well.
How are customer service and technical support?
They are just fantastic. They usually respond super fast, and usually with a solution if you describe the problem correctly. In more complex situations, they will set up a personal lab environment based on the customer's case.
Which solution did I use previously and why did I switch?
We used to use a lot of different solutions.
After comparing a lot of solutions, the choice was Netgate pfSense.
How was the initial setup?
It is very straightforward and much easier than the previous Clavister FW. Config is easy.
What about the implementation team?
99 percent in-house implementation and 1 percent Netgate implementation. Netgate has the highest level of expertise you can get.
What was our ROI?
This solution was about $150,000 cheaper than the closest competitor over a three year period.
What's my experience with pricing, setup cost, and licensing?
All costs are low compared to other solutions. The hardware is stable and cheap.
There is no licensing fee except for the enterprise support, if you want it.
Which other solutions did I evaluate?
We evaluated Cisco, Fortinet, and Sophos.
What other advice do I have?
If you don't have a policy that says "only proprietary software" in your company, there is no reason not to go for pfSense. If you are still in doubt, take the cheap (and excellent) Netgate academy course. It's only for two days, and you will learn how to manage pfSense at a comprehensive level.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Sr. Network Administrator at ACMC
Stable, scalable, and effective traffic blocking
Pros and Cons
- "The most valuable features of pfSense are the reports, monitoring, filtration, and blocking incoming and outgoing traffic."
- "The usage reports can be better."
What is our primary use case?
I am using pfSense as a secondary firewall and network management.
What is most valuable?
The most valuable features of pfSense are the reports, monitoring, filtration, and blocking incoming and outgoing traffic.
What needs improvement?
The usage reports can be better.
For how long have I used the solution?
I have been using pfSense for approximately six years.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
I had 20 to 30 users using the solution.
Which solution did I use previously and why did I switch?
I have used Sophos and Cyberoam solutions.
How was the initial setup?
The installation is very easy.
What about the implementation team?
I did the implementation of the solution.
What's my experience with pricing, setup cost, and licensing?
I am using the free version of pfSense.
What other advice do I have?
I would recommend this solution to others.
I have been 100% satisfied with the solution.
I rate pfSense an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Owner / Principle Engineer at Cogito Innovations
Powerful, flexible, and intuitive with features that rival many high cost solutions
Pros and Cons
- "Its features rival many of the high cost solutions out there."
- "The GUI could use improvements, though it is manageable."
pfSense has been a perfect fit for my small business needs. It is economical (i.e., free), yet powerful, flexible, and intuitive. Its features rival many of the high cost solutions out there.
The GUI could use improvements, though it is manageable.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior IT Architect at a university with 5,001-10,000 employees
Unfortunately, my experience with pfSense hasn’t been so good. Operational-wise it's fine but I've had issues with firmware upgrades.
I must be getting quite comfortable with upgrading pfSense. I just finished an upgrade from 2.2 to 2.2.1, and only midway remembered that I hadn’t done a config export and backup. Just the last upgrade exercise, I was still very paranoid about something that might go wrong. I would set aside time for the upgrade, make backups, and cross my fingers.
This should have been the way, always, that firmware, or device software, get upgraded. You just do it, and it should just work. The upgrade process should test that everything is good to go, and let you know if anything is amiss, before commencing the upgrade.
In the unlikely event that something does go wrong after starting the upgrade, there should be some automatic rollback, returning the system to its original state, leaving the user with no more than a small annoyance that the upgrade did not happen.
Unfortunately, my experience with pfSense hasn’t been so good. By and large, everything about pfSense has been good, operational-wise. It’s just that I’ve not been very lucky with the firmware upgrades.
Version 2.2.1 is a minor upgrade. There are a number of security fixes, but none terribly critical. The recent SSL FREAK vulnerability doesn’t affect version 2.2. However, there’s no reason why you should skip this version either. If you’re running pfSense, just do the upgrade. I’m beginning to have more faith in the pfSense upgrade process!
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Jefe de Infraestructura y Servicios de TI at Grupo ASD
Effective online management, secure, and user-friendly
Pros and Cons
- "The most valuable features of pfSense are security, user-friendliness, and helpful online management."
- "It was difficult to configure our web printer through the solution. This process could be easier. Additionally, integration with SD-WAN solution."
What is our primary use case?
I am using pfSense as a firewall and VPN gateway.
How has it helped my organization?
pfSense has helped our organization because we use a data center that needed a firewall, VPN, and other features under a budget.
What is most valuable?
The most valuable features of pfSense are security, user-friendliness, and helpful online management.
What needs improvement?
It was difficult to configure our web printer through the solution. This process could be easier. Additionally, integration with SD-WAN solution.
For how long have I used the solution?
I have been using pfSense for approximately one year.
What do I think about the stability of the solution?
I rate the stability of pfSense an eight out of ten.
What do I think about the scalability of the solution?
We have approximately 2,000 people using the solution.
I rate the scalability of pfSense an eight out of ten.
How are customer service and support?
I have not used the support from the vendor. However, I use community support.
How was the initial setup?
The initial setup of pfSense was simple. However, when we install filters or agents it can be difficult.
I rate the initial setup of pfSense an eight out of ten.
What's my experience with pricing, setup cost, and licensing?
I am using the community version of the solution which is free.
The paid version is priced reasonably.
What other advice do I have?
The solution has solved many of our use cases.
I rate pfSense an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Netgate pfSense Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
FirewallsPopular Comparisons
Fortinet FortiGate
OPNsense
Cisco Secure Firewall
Sophos XG
Palo Alto Networks NG Firewalls
Azure Firewall
Check Point NGFW
WatchGuard Firebox
SonicWall TZ
Juniper SRX Series Firewall
Untangle NG Firewall
Fortinet FortiGate-VM
SonicWall NSa
Sophos XGS
Fortinet FortiOS
Buyer's Guide
Download our free Netgate pfSense Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What Is The Biggest Difference Between Sophos and pfSense?
- How do I choose between Fortinet FortiGate and pfSense?
- How do I deploy anti-spam in pfSense or SonicWall TZ?
- What are the differences between Fortinet FortiGate and pfSense?
- Comparison between Sophos XG and pfSense as firewalls
- What is the difference between PfSense and OPNsense?
- Why is pfSense's firewall better than OPNsense's?
- Which solution do you prefer: pfSense or KerioControl?
- What do you recommend for a corporate firewall implementation?
- Comparison of Barracuda F800, SonicWall 5600 and Fortinet