Netgate pfSense Reviews

We use pfSense as our firewall. 

We install it for clients that don't have a network available or the network is not ready for phone deployments. We're a phone company. We use pfSense to connect to the router and normally we connect clients to client VPNs, and then from there, we can have access to the internal network so that we can see all of the files.

We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform.

I would like to see SD1 integration into the software. That would be fantastic.

The solution is pretty stable, that's why we use it. There aren't any problems.

The scalability is fine. If you need to have a bigger client or something like that, it's simple. You do a backup and then you restore into a new appliance and go from there. 

We provide technical support for our clients so we don't use a third party company for the support, we do the support in-house.

We also use MikroTik, Barracuda, and StoneWall.

The initial setup is fairly simple, not complex. We can get the deployment done in around half an hour. 

We deploy pfSense for our clients. We have one technician maintaining the whole thing.

Our return on investment is fast. We see a return on investment from day one, it's a fairly cheap router.

Any network engineer will understand how this solution works. It's not so complex to understand and be familiar with. It will require a certain level of networking knowledge to use it but we're at an enterprise level and we're a small-medium business and it works.

I would rate it a nine out of ten. 

I use pfSense to provide firewall and VPN services for small businesses. I have a handful of clients using it now and a new one in the works. 

What I like about pfSense is that it works well and runs on an inexpensive appliance. It's a minimal Intel system that has no fan and is all solid-state. It doesn't have a fan because it doesn't do enough to get hot. It's a box about the size of a Discman. I can download the pfSense software at no cost then connect a keyboard, mouse, monitor, and USB flash drive to the appliance. It's built on top of BSD and managed with a web server. And it's effortless to manage.

I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner. Unfortunately, it's not ready for pfSense, which is built on BSD, and WireGuard is not yet integrated with BSD. The issue is that pfSense is waiting for BSD to add WireGuard support. Once WireGuard is supported on BSD, you can bet pfSense will adopt it. 

I've never had any problems with stability. You plug it in, set it up, and it works.

I know a peer who set up pfSense in a Catholic parish school. It's not thousands of devices, but there are several devices in the parish office, the rectory, and throughout the school, as well as three different VPNs. There's a fourth VPN connection to the IT Director's house, where he manages most of it. So that's four locations with VPNs, and that's the biggest one I know. All you have to do is buy a big enough appliance. You can use the minimum appliance in the rectory, where there's a handful of computers, but you need a step up from that in the school, where there are a lot more computers to connect. And I think even the parish office, which is a handful of people, uses the minimum appliance.

I've never needed support. You can find anything you need to know in the pfSense knowledge base online or in the documentation.

You only need a couple of minutes to install pfSense, then it just sits and works. You boot the USB drive and install it. After that, there's no more management. Any IT professional can easily set it up. Business owners who don't know anything about technology might have a hard time, but the average IT person can do it with no problem. There's good documentation online.

The pfSense software is open source, so you only have to pay $90 a year for support. Of course, I could be wrong on that. It was that much when I looked into it a year ago. It might've gone up or down since then. You can buy the minimum appliance for under $300. It has two ethernet ports, one for your WAN and one for your LAN. 

I rate pfSense 10 out of 10. The appliance is inexpensive, and the software costs nothing. You plug it in and it works.

My primary use case for pfSense is as a firewall. We also use it for intrusion detection, intrusion prevention, website filtering, and quality of service (QoS).

My company mainly works in the health and educational domain, schools and universities. I prevent the improper use of content from schools and universities. I defend the medical records for the patients in our hospitals. That is the main use case for me for the firewall.

One of the most valuable features of this solution is that it's almost entirely free and I can do everything with it.

It has everything I need, but the main drawback of pfSense is that it's not user-friendly. I hope to have something to make the interfaces more user-friendly. I would also like to see some documentation that can help with use cases or that has advice and tips. I have found some documentation available but it's usually from an earlier version. If they develop this, pfSense will be the best. The only thing that Fortigate is better than pfSense is that they have 24/7 support. pfSense also needs improvements in the intrusion detection area.

I depend on and use VMware ESXi with vSphere in my deployment, virtualization. pfSense is more stable and reliable if you install it directly on the server, i.e. not being installed as a virtual machine. That makes it very stable.

The scalability is good. You can integrate some nodes of pfSense but it's not very user friendly.

I would be more relieved and more happy to have support. You need to have some people who can help you in any use case.

Lots of reading and trial and error. It's tough for the network engineer, but it is magnificent in performance from my point of view.

We implemented in-house. Not user friendly, but if you want to do anything you can do it with pfSense.

Free. Would purchase for better customer support.

It is completely free.

We also evaluated Fortigate.

I would rate this solution an eight out of ten. I give it this rating because of the rich features available. pfSense is free and I can do everything with it. It works as a firewall for servers also.

We use the product as a perimeter firewall.

We can run it on any hardware.

The product must provide integration with other solutions.

We have been using the solution for ten years.

The tool is stable.

The tool is not very scalable. That is why we are planning to switch to a different product. The solution is used by one administrator and 75 end users in our organization.

I have used SonicWall, Sophos, FortiGate, and Cisco Meraki. The choice of product depends on the context. Netgate pfSense is suitable for small businesses and homes. It is not the best solution for large deployments or branch offices. Sophos and FortiGate would be suitable for large companies.

It is easy to install the tool. We need two weeks to deploy it. One person can deploy the solution. It is also easy to maintain. One person can maintain the solution.

It is an open-source solution.

Overall, I rate the product an eight out of ten.

pfSense is a nice product, and I find that there's a lot of information out there. There are some good tutorials on YouTube and other websites with helpful information.

pfSense could improve by having a sandboxing feature that I have seen in SonicWall. However, maybe it is available I am not aware of it.

I have been using pfSense for approximately three years.

I have used the SonicWall solution. 

Sometimes firewalls can get a little complicated. I think some of the things about the setup could be a little bit clearer. Maybe something like a configuration wizard or something that would guide you on more in-depth projects.

I'm running pfSense on old hardware, it takes all of 10 minutes to install.

I did the implementation of the solution, it is not difficult.

I like pfSense and I have deployed a number of them. I have approximately four of them in the area that I'm using. I have replaced SonicWall with a pfSense unit. It's a more economical way of using a firewall, and the protection it provides is second to none.

Lonnie Buchmann:
I would say give it a serious look. And especially a lot of times when you're in a small business, this is a really good solution that doesn't kill you with all the technology overhead that you deal with nowadays.

I rate pfSense a ten out of ten.

I use pfSense as a proxy and a firewall to monitor all the traffic to my network. It allows me to shape the traffic and eliminate bottlenecks that cause the network to slow down. You can use pfSense to catch some websites or make the network faster because we have applications connected remotely all over the country. We need to have a network with a reliable speed and no hiccups on the way because all our applications are on-premise, and the entire country goes to the same data center to get information.

I like pfSense's reports and how I can control access to the policies on the firewall.

The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus. For example, pfSense could add templates with firewall policies that a user can customize. I haven't tried to integrate pfSense with Microsoft Active Directory, but in Mozambique, we use many Kaspersky antivirus solutions. If pfSense integrated with these antivirus solutions, everything would be much more stable because most of the companies here have a different kind of security solution. Within a single company, you might find two or three different antivirus suites. So, for example, there could be an open-source solution that you get for free, but you can pay for the support if you want it. So for solutions like that, it would be great.

Companies in Africa have issues with budgeting for IT. An open-source solution like pfSense gives us stability and provides us with good reports. It's amazing. It makes the solution reliable.

I haven't tried yet scaling up pfSense. But my setup is Windows based, and I have some Windows-based applications, so I want it to integrate with the Microsoft Active Directory. I haven't done it yet, but I think it would be good to have that integration.

I contacted pfSense support only once when I was installing it and had only configured one network tab. I had to get in touch with them, and the support was terrific. I was impressed. I can't complain about their support.

I have some experience with Linux distributions, so setting up pfSense was a bit easier for me, and I have been working with security for quite some time. It was fast for me, but part of my team is not used to a Linux environment, so it was tricky for them to implement add-ons to the appliance.

I rate pfSense eight out of 10. I would recommend it for a small business or a startup as a starting point. It's also good for companies that are on a tight budget.

We primarily use pfSense as a firewall. It's a DHCP server.

The most valuable aspect of the solution is the way it can browse packages on the internet.

The initial setup is very easy.

We've found the stability to be very good overall.

The product can scale if you need it to.

The access control aspect of the product could be improved. There should be more control over everything that the user is doing. It should be able to log and report on everything users are doing. 

The product no longer complies with new rules in Brazil. Therefore, we need to move off the solution.

I have about five years of experience with the solution. It's been a while since we started using it at our organization.

The stability of the product is very good. We haven't had any issues. There aren't bugs or glitches. It doesn't crash or freeze. It's reliable.

We've found the solution to have good scalability. If a company needs to expand, it can do so. That shouldn't be a problem.

We have about 10,000 people using the solution. There is a network manager and about ten people that work directly with the solution.

We won't be increasing usage, however. The Brazilian government recently changed some laws and this product is no longer in compliance. That is one of the reasons we are looking at Palo Alto. We are likely moving away from this solution.

While the websites and forums are excellent, we don't have any dealings directly with technical support. Therefore, we can't speak to how they are in terms of their responsiveness or knowledgability. 

A long time ago, the company did use a different solution. They switched to pfSense. However, now they are moving away from it as well. 

We're also using Palo Alto, however, right now, it's just in the demo phase. The solution seems to be better at centralization, which is a big selling point. We have three school campuses and we'd like to configure a solution from one central location that would work for all three campuses. With Palo Alto, it looks like we can achieve this.

On top of that, with Palo Alto, there are more user control products. You can log everything that you are doing on the internet with it.

The initial setup of the solution is very easy. It's straightforward. There isn't any complexity. A company shouldn't have any troubles with the setup.

We are using a free version of the solution. We don't need to pay any licensing fees.

We are just customers. We don't have a business relationship with the company.

I would recommend the solution to small companies. If you are a small company, you can use pfSense without any issues due to the fact that it's a free solution.

I would rate the solution seven out of ten.

We are using the solution for a firewall and other operations, such as traffic shaping.

The features I have found best are ease of use, GUI, and performance.

The hotspot and the portal feature in this solution are not stable for WiFi access. We use it at least once or twice every day and it crashes. Some modules can be better by improving detection and having new updates. Additionally, we have some issues with clustering and load balancing that could improve.

In a future release, they could redesign the policies because we need to write inbound and outbound simultaneous policies. They could change it to one policy, such as in FortiGate, Sophos, and Cyberoam. In these firewalls, we add rules in one way, and they add rules automatically. However, in this solution, we need to write every policy manually. 

They can improve in site-to-site tunnels with other devices, such as Cisco or FortiGate. It is not very easy to set up VPNs for site-to-site tunnels.

There have been some problems we have been facing with BGP routing that needs to be improved.

I have been using the solution for approximately two years.

The stability could improve.

Since this solution is software-based it is easy to scale. We can extend the UIs by adding some hardware, such as CPUs and memory discs. We would not be able to match this type of scalability with a hardware-based solution, for example as FortiGate.

This solution is best suited for small to midsize networks. When there is heavy traffic in larger-scale businesses it becomes less reliable.

I have used FortiGate previously and this solution is cheaper and more reliable.

The solution is easy to deploy.

The solution is free. However, you need to pay for support.

I rate pfSense a five out of ten.