Netgate pfSense Reviews

I am using pfSense as a firewall and VPN gateway.

pfSense has helped our organization because we use a data center that needed a firewall, VPN, and other features under a budget. 

The most valuable features of pfSense are security, user-friendliness, and helpful online management.

It was difficult to configure our web printer through the solution. This process could be easier. Additionally, integration with SD-WAN solution.

I have been using pfSense for approximately one year.

I rate the stability of pfSense an eight out of ten.

We have approximately 2,000 people using the solution.

I rate the scalability of pfSense an eight out of ten.

I have not used the support from the vendor. However, I use community support.

The initial setup of pfSense was simple. However, when we install filters or agents it can be difficult.

I rate the initial setup of pfSense an eight out of ten.

I am using the community version of the solution which is free.

The paid version is priced reasonably.

The solution has solved many of our use cases.

I rate pfSense an eight out of ten.

We are using the solution for a firewall and other operations, such as traffic shaping.

The features I have found best are ease of use, GUI, and performance.

The hotspot and the portal feature in this solution are not stable for WiFi access. We use it at least once or twice every day and it crashes. Some modules can be better by improving detection and having new updates. Additionally, we have some issues with clustering and load balancing that could improve.

In a future release, they could redesign the policies because we need to write inbound and outbound simultaneous policies. They could change it to one policy, such as in FortiGate, Sophos, and Cyberoam. In these firewalls, we add rules in one way, and they add rules automatically. However, in this solution, we need to write every policy manually. 

They can improve in site-to-site tunnels with other devices, such as Cisco or FortiGate. It is not very easy to set up VPNs for site-to-site tunnels.

There have been some problems we have been facing with BGP routing that needs to be improved.

I have been using the solution for approximately two years.

The stability could improve.

Since this solution is software-based it is easy to scale. We can extend the UIs by adding some hardware, such as CPUs and memory discs. We would not be able to match this type of scalability with a hardware-based solution, for example as FortiGate.

This solution is best suited for small to midsize networks. When there is heavy traffic in larger-scale businesses it becomes less reliable.

I have used FortiGate previously and this solution is cheaper and more reliable.

The solution is easy to deploy.

The solution is free. However, you need to pay for support.

I rate pfSense a five out of ten.

We use it for small businesses, and most of my clients are using pfSense.

It works. I put pfSense in, and it works. I can't think of any trouble I ever had with it. It runs on heat-sensitive appliances. They don't need a fan, so they don't overheat. 

It is affordable, fast, and very high-speed. It is built on BSD Unix, and it pretty much runs on any Intel processor. 

I've never tried it in large environments. All my clients are small businesses with a handful of employees, so I am not sure how it works in large environments. I keep up with recent versions, and there's nothing I'm waiting for, and nothing breaks when I get a new version.

I have been using this solution for maybe five years.

It just works.

I've never challenged it. All of my clients are small businesses. It is open-source software, and it runs on whatever appliance you run it on, so whatever computer you run it on, it'll scale up pretty high.

Their technical support is excellent. They do have good support service. I don't use it because I've never had any problems with it, but the people I know who use it in bigger environments love it. You can even search their knowledge base and learn anything you want to know pretty quickly. 

Some of my businesses just use the built-in firewall in the ISP modem. I replaced an old SonicWall that couldn't keep up with a faster internet service. I've replaced a couple of Cisco solutions that were just getting old to run modern software, but the hardware was working. They just died of old age, and I replaced them with pfSense. It has been great. I'm sure a lot of people know how to configure Cisco solutions, but I don't. pfSense is very easy to configure.

It was very simple. You download and boot a USB stick or a CD to install it. From then on, it is managed by its own webpage. The deployment takes a few minutes.

It has almost zero cost, and it is open to us. It runs on a small appliance just for a couple of 100 bucks, and I've never had an appliance burn out on me yet. 

It is just great. Give it a try. It just works.

I would rate pfSense a ten out of ten.

First of all scalability of this solution. It's an all-in-one solution useful for every kind of company. It's also very easy to set up rules and NAT, and it has several modules like transparent proxy, VPN, and traffic shaping which are the daily modules for me.

pfSense software was designed to be a customizable platform that can be hardware agnostic. This allows the engineer to meet the needs of a project with a device that's got the right I/O and specifications, and then customize the pfSense settings to their needs.
So power consumption and less hardware requirement can save our money!

Compatibility with virtualization system (like VMWare, Proxmox and so on and so forth); in some cases, it can create conflicts with virtualized hardware, and configuration export (sometimes the XML file creates a conflict with the hardware network MAC address).

I've been using it for three years.

• Compatibility with some virtualized system
• Configuration export in some cases
• Sometimes updates can mess up the running configuration

Never had any issues. In fact, I've had a pfSense firewall with the uptime of a year.

No, and it doesn't matter how many rules or not that you have. It can manage different network interfaces (virtual and physical) without a problem.

We never use it, but it has a large community so you can find whatever you need in the pfSense forum.

We never use it, but it has a large community so you can find whatever you need in the pfSense forum.

Previously we've used hardware firewalling solutions like SonicWall, Zyxel and others but they're not powerful like this solution. Also, they are hardware so the cost is much higher than software. I've also used IPtables which is a software Linux solution but it's complicated to setup when you need to manage several rules.

It's easy to setup the solution because there's a wizard that guides you through it, and therefore, you cannot make mistakes. Then, you can configure the different aspects to fit your needs.

We have become experts in this solution. We installed it in our lab and tested the solution. After that we implemented it throughout our company, and then began using the solution with our customers.

We've a strong know how, and we've use this solution with our customers so we can be more competitive than hardware solutions.

It's a software solution, and also open source, so it's cost is zero!

We tested IPCop, Smoothwall, IPTables and others. When we have an OS project, we want to test so we can compare it to our technology, and if it's better, we build it!

Test, test, test and...test! It's powerful but only with testing will you realize what you need.

The easy to use GUI. Less training is required for the newcomers in IT.

Any new hire straight out of school who has network knowledge is able to operate the software without the complication of a CLI.

There were some bugs in the version we used.

We have been using the solution for one year.

We had a stability issue. A handful of times the firewall box froze and needed a power cycle.

We had a scalability issue. The fail over did not work automatically.

Our infrastructure manager tried contacting their support but it was not helpful. Response time was bad as expected for an open source software.

FreeBSD box was an old setup from 1998, so it was time to upgrade without it being costly.

The setup was straightforward.

It's open source so it's free. We did not buy their hardware.

We evaluated Cisco .

If your organization has the budget, go with a paid solution. We've had our days with it and went with a paid solution (another firewall) due to the company growing and we couldn't have any downtime. It would likely cost the company more money with downtime than to purchase a good quality firewall.

Increasing customer satisfaction by not having to ask for license fees any time a new feature is needed. The redundancy and scalability is very nice too.

Most valuable is a 50/50 between no licensing (cough Cisco) and being able to actually repair a firewall instead of replace since pfSense can be loaded to any x86/x64 PC or Server.

The GUI could use more “bells and whistles”. It's got plenty of info for a Sysadmin but some people like shiny things.

Rarely and almost always due to bad configuration or failing hardware.

No, pfSense can be installed on a decommissioned PC or a brand new 4U quad CPU server. If you need better hardware from the first install it's easy to either simply move the drive to the new firewall or backup/restore to new disks.

I've only ever used community-based support and it's very solid with thousands of knowledgeable people on their forums.

NETGEAR or Cisco. Switched because NETGEAR didn’t always offer the functionality and Cisco was very complicated and expensive.

Simple if you just want a firewall up and going to NAT your network. It can be as complex as you need it to be. Just run the install from an ISO and it's like any other out-of-the-box SMB router.

Unless they have specific requirements that demand a particular device, I always suggest pfSense specifically because of the absence of pricing and licensing.

Monowall, Tomato, DD-WRT.

Stop googling and head over to pfSense to download the ISO and get started. It will do almost everything the most expensive Cisco device will.