Netgate pfSense Reviews

I use pfSense as a proxy and a firewall to monitor all the traffic to my network. It allows me to shape the traffic and eliminate bottlenecks that cause the network to slow down. You can use pfSense to catch some websites or make the network faster because we have applications connected remotely all over the country. We need to have a network with a reliable speed and no hiccups on the way because all our applications are on-premise, and the entire country goes to the same data center to get information.

I like pfSense's reports and how I can control access to the policies on the firewall.

The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus. For example, pfSense could add templates with firewall policies that a user can customize. I haven't tried to integrate pfSense with Microsoft Active Directory, but in Mozambique, we use many Kaspersky antivirus solutions. If pfSense integrated with these antivirus solutions, everything would be much more stable because most of the companies here have a different kind of security solution. Within a single company, you might find two or three different antivirus suites. So, for example, there could be an open-source solution that you get for free, but you can pay for the support if you want it. So for solutions like that, it would be great.

Companies in Africa have issues with budgeting for IT. An open-source solution like pfSense gives us stability and provides us with good reports. It's amazing. It makes the solution reliable.

I haven't tried yet scaling up pfSense. But my setup is Windows based, and I have some Windows-based applications, so I want it to integrate with the Microsoft Active Directory. I haven't done it yet, but I think it would be good to have that integration.

I contacted pfSense support only once when I was installing it and had only configured one network tab. I had to get in touch with them, and the support was terrific. I was impressed. I can't complain about their support.

I have some experience with Linux distributions, so setting up pfSense was a bit easier for me, and I have been working with security for quite some time. It was fast for me, but part of my team is not used to a Linux environment, so it was tricky for them to implement add-ons to the appliance.

I rate pfSense eight out of 10. I would recommend it for a small business or a startup as a starting point. It's also good for companies that are on a tight budget.

My primary use case for pfSense is as a firewall. We also use it for intrusion detection, intrusion prevention, website filtering, and quality of service (QoS).

My company mainly works in the health and educational domain, schools and universities. I prevent the improper use of content from schools and universities. I defend the medical records for the patients in our hospitals. That is the main use case for me for the firewall.

One of the most valuable features of this solution is that it's almost entirely free and I can do everything with it.

It has everything I need, but the main drawback of pfSense is that it's not user-friendly. I hope to have something to make the interfaces more user-friendly. I would also like to see some documentation that can help with use cases or that has advice and tips. I have found some documentation available but it's usually from an earlier version. If they develop this, pfSense will be the best. The only thing that Fortigate is better than pfSense is that they have 24/7 support. pfSense also needs improvements in the intrusion detection area.

I depend on and use VMware ESXi with vSphere in my deployment, virtualization. pfSense is more stable and reliable if you install it directly on the server, i.e. not being installed as a virtual machine. That makes it very stable.

The scalability is good. You can integrate some nodes of pfSense but it's not very user friendly.

I would be more relieved and more happy to have support. You need to have some people who can help you in any use case.

Lots of reading and trial and error. It's tough for the network engineer, but it is magnificent in performance from my point of view.

We implemented in-house. Not user friendly, but if you want to do anything you can do it with pfSense.

Free. Would purchase for better customer support.

It is completely free.

We also evaluated Fortigate.

I would rate this solution an eight out of ten. I give it this rating because of the rich features available. pfSense is free and I can do everything with it. It works as a firewall for servers also.

We use Netgate pfSense for load balancing. 

The tools' most valuable feature is load balancing. 

Netgate pfSense needs to improve the configuration for a VPN. 

I have been working with the product for three months. 

I rate the product's stability a nine out of ten. 

I rate Netgate pfSense's scalability a seven out of ten. 

I have used online documentation and hence haven't contacted the support yet. 

I rate the tool's deployment a nine out of ten. Its deployment takes only a few hours to complete. 

We did the deployment in-house. 

I use the product's free version. 

I rate the solution a nine out of ten. 

We have mainly been using for our internet workstations.

After we started with testing with it a bit, it showed that it can be utilized in a way that we wanted to utilize it.

I have not had one issue with pfSense at all, which is amazing.

Layer 7 filtering has been taken away from pfSense. They would like us to use Snort, which is a good thing, but I would like them to make the Layer 7 thing easier.

The one reason that we did not go with pfSense is that it is not centrally managed like Meraki, where you log into the website and can see all your services there. This is the only reason why we are going with Meraki.

We would like to be able to see is all the configurations from a central interface on all our pfSenses.

Stability has been excellent. We have experienced no issues; it never fails.

There is a lot of stuff that you can add-on. You can actually write your own APIs to connect to it and so on. So, there is a lot of scalability in pfSense that other products do not have.

We have not using technical support. We have only been using the community version.

We used to use Empalis. We actually started to replace our Empalis with pfSense first to do testing, and see if it would actually work for us. This was just a test phase, before we went over to Meraki. So far, pfSenses outperform Merakis.

I setup all of it. I set it up for our country, and I did it all remotely. I learned from the community how to do it. The process to install and configure is very straightforward.

It is a free solution.

We originally looked at SonicWall, but we chose pfSense because of pricing (since it is free) and it has issues that pfSense does not have. 

We are currently migrating over to Meraki and are having a lot of issue with it. Also, with Meraki, you pay through your neck for it.

I would not have made the decision to move away from pfSense. pfSense has been giving us better options than what Meraki is giving us at the moment. I have got login problems with Meraki which takes about two days for them to sort out. If I was on pfSense, I would sort it out myself.

They need to look at all the communities, comparisons, etc. and read up about the issues and problems people are having with some of the solutions, then see if those problems might be related to what they may be experiencing.

Main criteria when selecting a vendor: 

• How easy is it to learn.
• How easy is it to implement.

I primarily use the solution for monitoring and learning about how to operate a firewall. I also use it for monitoring my home network as well as adblocking.

The solution is 100% free to use.

The product offers a lot of helpful plugins.

The solution is easy to use and has a elaborate GUI.

The initial setup is quite simple and straightforward.

The integration of the plugins into the GUI could be better. It's sometimes hard to find where a setting can be found or how it might interact with other settings. Some documentation is outdate and plugins sometime have no documentation. Information can always be found on the fora but for novice users this can be a challenge.

I've been using the solution for five years or so. It's been a while.

The solution is stable. Since last upgrade there hasn't been a crash, freeze or need for reboort. It's quite reliable.

I've tried to scale the solution previously. I've got two hardware platforms running. I wasn't quite able to run everything I wanted on a small ARM based device. Therefore,  I build my own Super-micro platform based on Intel Denverton.

It's actually easy to scale. It's just moving over most of the configuration: exporting, importing, or even going right into the original XML export file.

There are six users, 3 dozen of devices and a homelab server with VM running behind the solution at this time.

With what I am running now, I haven't had to reach out to technical support. However, an upgrade failed two years ago and I needed to contact technical support to get me the new image for the device. They were very efficient. I was satisfied with the level of support I received.

I've been switching back and forth between pfSense, OPNsense, and Untangle in the last five years or so.

OPNsense and Untangled are more integrated, however, more and more of the plugins are becoming paid offerings. OPNsense misses a plugin that pfSense has, Untangled it's adblocking is easy but not free.

The initial setup is not to complex.

It's good to have the basic information before attempting to set everything up. They've got a wiki with all basic information and there are the fora for questions.

I've got a CCNA certificate and that some comes in handy. For me, it works without any documentation, however, for a complete novice user you probably need some documentation to get you through the process.

Getting everything up and running only took about 30 minutes. You then have a complete firewall solution up-and-running.

There is some maintenance required. You do need to check for updates from time to time, for example. If you install more plugins more maintenance might be required to get everything tuned.

I handled the implementation myself. I have some knowledge about IP routing.

The solution is free to use. There are (currently) no licensing costs.

I'm just a home lab user.

I'd advise those considering the solution for your business to get a service contract.

It works great for someone with enough knowledge and time to get his head around everything. Otherwise, you need to look for a solution that offers support and can work with you on issues. It's nice to try to balance between open-source and support that costs money.

In general, I'd rate the solution at an eight out of ten.

I mostly use basic firewall services like blocking unwanted traffic and I use the geolocation tools to predict where potential attacks could come from. That's the main purpose, to protect our business network using pfSense.

Within our organization, with a single installation, about 500 users are covered.

The flexibility of adding new kinds of services without spending any money can't be beaten. We can compare services like IP blocking, blacklisting and DNS blocking, content filtering, and even deep packet inspection with other larger enterprise firewalls.

The interface is not very shiny and attractive. Most of the people that use pfSense are highly skilled, so they don't even bother to go the extra mile when it comes to configuration or any protection mechanisms. With other firewalls, with just one click or with the assistance of a wizard, the service is already configured. With pfSense, you have to have some time to do your own research regarding how to fine-tune it. If that could be improved, then life would be much easier. This would help any entry-level users to adapt to the platform. 

Netgate, the mother organization that manages the pfSense platform, should offer organized security feeds for its users so that they can avoid configuring multiple types of feeds in multiple locations. That could generate extra revenue for the company, too.

We have been using pfSense for five years.

That's the fun part. It's completely reliable in terms of resources that it needs to run. In terms of stability, once it's configured and properly tuned, it will do its job. Still, with firewalls these days, you can't simply configure and forget — it's not like that. You have to look into it every day or every once in a while and if any new traits or new protection mechanisms need to be built, upgraded, or re-tuned, you have to do that. Otherwise, the platform is rock solid. It doesn't fail.

The expandability and the high availability configuration of the system are good.

With pfSense, we've never had to send an email to a Netgate official support organization. We follow the forum discussion — the community. We'd ask an expert in the community. That's how we deal with any issues.

One of our clients wants to switch from FortiGate to another comparable solution because FortiGate is not stable when it comes to pricing. Over the past three years, they've increased their pricing to almost double. For this reason, our client wants to explore some other options which will be more predictable in terms of costs.

It's definitely complex compared to other firewalls because you have to configure everything, read a lot of documents, and following a lot of formulas and templates. Everyone has to develop their own recipes to work with. There is no proper way forward.

That is another fun part of this solution. There is no license. You don't have to pay anything. It's completely free. The one thing that you can buy is a security feed like an IP feed or a DNS feed. This kind of thing can be easily bought, but if you have the passion and expertise, you can arrange all of these types of feeds for free. It may be slightly different between how frequently those feeds are updated compared to the paid version. Sometimes, it lags behind for 24 hours or 12 hours, but it works.

We are really happy with the system performance, overall, but it depends. For example, right now we have a client who is trying to switch from FortiGate to another solution that is less costly. We recommended and talked with them about pfSense, but despite it being a cheaper and really rock-solid solution with good performance, they were not comfortable using open source. We also offered them Sophos, SonicWall, and Palo Alto — they finally chose SonicWall. I don't know why. It completely depends on the client. 

I would absolutely recommend this solution to others. This is definitely one of the most powerful firewalls for peace of mind. The fact is, as long as you are aware of the challenges that you have to face when implementing and managing the firewall, day-to-day, then this could be the best option for you.

Overall, on a scale from one to ten, I would give this solution a rating of nine.

Typically, we implement this solution on an enterprise-level for our clients and set it up for them as required.

The solution offers good value.

The captive portal on the product is excellent.

The solution has a very nice load balancer.

It's a good solution for end-users. It's pretty easy to work with. 

The user interface is very nice. It's easy to navigate around the solution.

Technical support is very helpful.

The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them.

I've been working with the solution for enterprise-level organizations for four or five years at this point.

Our clients use the solution across 100-200 computers. Some of the implementations are sizeable.

I've dealt with technical support in the past and have found them to be helpful and responsive. we have been satisfied so far with the level of support provided. They are easy to work with.

We implement the solution for our clients, so we have a good sense of what is expected.

As an implementer, our company can handle the initial setup for our clients.

We implement the solution for our clients. I've personally implemented the solution on five projects so far.

We work with the latest version of the solution, typically.

Our companies are typically mid-level enterprises. 

This product is the very best. Overall, I would give it a rating of ten out of ten.

• Firewalling
• Routing
• DHCP
• Transparent proxy
• DNS cache
• VPN, etc.

• Outstanding support
• Great packages to expand the solution to your needs
• The same config can easily be migrated to better hardware when you need it.

• Super easy to manage. Anyone who has been working with firewalls can handle it.
• There is good documentation with a fantastic community and enterprise support.
• The strongSwan IPSec is a great implementation.
• Proxy features are excellent (except MITM).

• The central point of management, like the long-rumored pfCenter.
• Better parsing of logs: At the moment, you have to use an external server for this if you want a deeper analysis. 
  

Our appliance is under constant heavy load by several services, and it's rock solid stable.

I had stability issues only with a GUI that used to hang. It didn't affect any services, but it was a little annoying that we needed to restart the PHP often.

pfSense scales well.

They are just fantastic. They usually respond super fast, and usually with a solution if you describe the problem correctly. In more complex situations, they will set up a personal lab environment based on the customer's case.

We used to use a lot of different solutions.

After comparing a lot of solutions, the choice was Netgate pfSense.

It is very straightforward and much easier than the previous Clavister FW. Config is easy. 

99 percent in-house implementation and 1 percent Netgate implementation. Netgate has the highest level of expertise you can get.

This solution was about $150,000 cheaper than the closest competitor over a three year period. 

All costs are low compared to other solutions. The hardware is stable and cheap.

There is no licensing fee except for the enterprise support, if you want it.

We evaluated Cisco, Fortinet, and Sophos.

If you don't have a policy that says "only proprietary software" in your company, there is no reason not to go for pfSense. If you are still in doubt, take the cheap (and excellent) Netgate academy course. It's only for two days, and you will learn how to manage pfSense at a comprehensive level.