Netgate pfSense Reviews

We use the open source version and we chose the hardware platform.

For pfSense the valuable features are:

• High availability
• VPN (openVPN)
• Easy administration
• Extensibility (by modules)
• Easy backup/restore, independent platform not linked to a commercial vendor

We have been using the solution since version 2.1, which was three years ago.

We did not encounter any issues with stability.

We did not encounter any issues with scalability. It depends on the hardware, not the software.

I can't say. We provide our own support to our customers, as we are Linux, FreeBSD and IP specialists.

We used Watchguard and Endian, but pfSense is the most complete for layer 3 firewalls. We split the roles. We use pfSense only for the layer 3 and other products for proxy and reverse proxy (Diladele, Nginx) so we are not dependent of a constructor and easily update each part.

Setup is easy and done in a few steps.

You pay only the support and the price depends on the hardware not the functionalities.

The pfSense product is very powerful in layer 3 but you must add some products to match a viable commercial product which generally has all the functions integrated in one hardware system (proxy, antivirus, etc.).

For us pfSense is better for layer 3. We use MailCleaner for the mail relay, and Diladele for the web proxy. We like to split the functionalities for security reasons.

Use it to filter traffic and restrict browsing by profiles, use ACLs with Squid.
When using the load balancing functionality the performance is excellent, the best I could have 3 operators at the time.

Among the most valuable features I have found in PFsense are: Easy to deploy and easy to use, traffic graphics are excellent and tools that can be included as squid, snort, squidguard, ntop, pfblogNG, support wonderfully the purpose of generating PFsense.

Easy to deploy and easy to use, although the support of the community in the forums is excellent and there is always a solution

No, in fact I have one more than 4 years ago in production and it works perfect

No

Customer Service:

8

Technical Support:

8

Fortinet, TMG Microsoft, SonicWall, scalability, cost

After istalar pfsense the initial configuration is simple, and works without problems

The implementation was internally, clear before in production were made several laboratories

The power to use old hardware allows an exceptional ROI the investment is little just a few network cards

Of course, the tools he knew and those that are offered in the local market including FORTINET and SONICWALL

It is worth to enter the world of PFsense is rewarding to belong to an open-minded community that does not hesitate to share their experiences and knowledge

• Port routing policies
• Load balancing
• Clustering

We've been able to get call center traffic optimisation over multiple WAN and Point2Point Connections with a failover policy. The call center has different types of traffic (VoIP, Internet, Stream etc.) and every kind of traffic has its own policy. For example VoIP needs to be have high availability & a priority to maintain a non-stop custom service, while that of internet traffic can be lowered in priority and even cut when some WANs are unavailable to prioritize VoIP. I think that having this kind of complex configuration & tunning with a robust open solution, is a good value.

• v0.x for three years
• v1.x for two years
• v2.x for three years

There have been no deployment issues since v0.x.

Yes, sometimes there are issues if there are some complex configurations. When working with load balancing ADSL modems, I've noticed that pfSense "fools" the modem and it becomes unresponsive until it is restarted. This issue doesn't affect pfSense, but it is the root cause of a hung ADSL modem.

No issues encountered.

I've never used them.

I've never used them.

No previous solution was used.

The initial setup is easy. This is because the pfSense setup is like a Windows installation (wizards, choose option, click next etc.) unlike some others.

We implemented it in-house.

pfSense allows us to spread the hours of connection and do the filtering on the pfSense site.

The most valuable feature of this solution is its simplicity.

The integration could be improved.

I have been using this solution for more than ten years.

This is a very stable solution.

This solution is scalable.

The initial setup was easy and took about 50 minutes. 

This is a no-cost solution.

I would rate this solution as eight out of ten because it's a central solution.

I use pfSense for OpenVPN and DNS. 

I like pfSense's security features. 

The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time.

I've been using pfSense for about 10 years.

PfSense is stable.

PfSense is scalable.

It's easy to set up pfSense. But it generally takes two or three days, depending on the environment.

Eight out of 10

We are a small business and we use pfSense as our interface for the WAN. We use it for a Firewall and to ensure that all devices are operating. It provides our basic network routing needs, reporting on usage, such as IDS, and for managing individuals on network devices for controlling bandwidth and destinations.

Our security in our organization was previously provided by our ISP and since we have been using pfSense it has provided me more abilities to manage my network in a secure way. We have much better controls and security.

The solution has good customization abilities and plenty of features.

As an IT leader, it would be a benefit to have a mobile application to have certain features, such as mobile application notifications when a new device is added, or the ability to turn off or on firewall policies. Having these simple features would be very convenient and reduce the need to have to log into the console. I can use a web browser on my phone to access the pfSense site but I would prefer to have an application where I can toggle things, such as the policies. Some simple features within a mobile application would be valuable to me. I have evaluated other solutions and have determined this feature does not currently exist. However, Untangle has an application but it was not enough to compel me to change at this point.

In an upcoming release, the reporting could be more user-friendly. For example, the reporting in graphs and charts for the host can be cumbersome.

I have been using pfSense for approximately five years.

The stability of the solution is very good. My only complaint is when there is a power outage pfSense requires a manual reset.

The scalability of this solution is perfect.

I am the administrator of the solution and the rest of my organization are end-users.

I have not needed to contact technical support. I have not had any problems with pfSense.

The initial setup was straightforward. The whole process took approximately eight hours and one hour of that was in front of the computer using the keyboard.

We did the implementation of the solution ourselves.

I have evaluated Untangle.

My advice to the IT manager is to do your research, and make sure that pfSense meets your needs. If you are not technical enough, then looking at other solutions. pfSenseis needs a bit more tech-savvy IT manager to manage it. It is a very important business tool for me.

I rate pfSense an eight out of ten.

I rated pfSense an eight because it did everything I wanted it to do which makes it an awesome solution but not a ten because of a few minor shortcomings. However, I recognize it is open-source and it is not going to have everything.

I tested it for firewall, networks, and network stability and as a VPN access point.

I especially like the VPN part. It works like a charm.

I tried pfSense, and it has a big issue with file system consistency, and this is what drove me to OPNsense. The file system stability is quite a big issue for us. We have a lot of outages related to power issues, and OPNsense is much more stable on this side.

I would like it to be more stable on the file system part. It also has an issue with the ARP publishing, but it's common to BSD, and some providers experience issues with Layer 2 connectivity.

I tested pfSense for six months, but it had quite a lot of networking issues related to latency and ARP publishing. So, I immediately switched to OPNsense.

I'd like to see its stability improved. I know the BSD Kernel is more capable than what pfSense provides at this time.

It's scalable. It implements specific protocols for scalability.

The initial setup is straightforward. It took me about ten to 15 minutes to install it and maybe half an hour for configuration.

I implemented this solution.

I would recommend this solution if there are no power issues. It's stable and performs well, even on older hardware.

On a scale from one to ten, I would give pfSense a nine.

We have solutions from 10 to 5,000 users. One person alone can manage the firewall.

The VPN is my favorite feature. pfSense is very easy to use. The interface and configuration capabilities are great.

The main problem with pfSense is that we have to use proxy solutions. They don't have features like Layer 7 filtration. We can't filter based on applications. For this reason, we need to work with solutions from Cisco like OpenAPPID that help pfSense understand similar applications. For example, if I have to block WhatsApp, I need to use a third-party solution like OpenAPPID to help it understand what WhatsApp is. This capability is not native to pfSense, so I have to use another solution, like an add-on. I think that the proxy is the main problem with pfSense.

pfSense doesn't implement SD-WAN solutions. Competitors have this feature. If pfSense began doing this, it would be a big improvement.

Stability is great. That's a strong point.

Scalability-wise, it's great. Often, we need to research and assess the size of an appliance in order to understand what kind of environment the firewall is going to protect. From here, we have the possibility to do an upgrade depending on the type of model.

There is the option to have a firewall that is entry-level or a firewall that supports a huge internet service provider. We have many solutions that we can apply to our customer's environments, but first, we need to do these assessments in order to help us choose the right appliance. One appliance simply can't be upgraded to cover this entire spectrum of needs or the size of demand. This is why we must perform these special assessments.

Although it's not quite pre-configured, it is ready to use, straight away. It's so easy to put it to work. We had to do some configurations, mainly related to security issues. Configuring rules for monitoring had to be done, but otherwise, it's ready to go, out of the box.

Only one person is required to deploy this solution. 

pfSense is a free solution.

Before deciding to go with this solution, make sure to evaluate the features to ensure that pfSense will cover your needs. pfSense is very strong in some areas, but it has some difficulty in others. It's a good solution, but it all depends on what you expect from the firewall. 

If you need the firewall to implement security in your network, then pfSense is better than the competition in terms of price. It will cover all of your basic needs for far less money than similar products that cost five to ten times more money.

Overall, on a scale from one to ten, I would give pfSense a rating of nine.