Netgate pfSense Reviews

The benefits I have seen in my organization from the use of Netgate pfSense rewards around the fact of how quickly we can implement changes that are needed with the tool are definitely one of the main things. Overall, we have experienced less downtime with the tool. In my organization, we have had downtime with Cisco. Overall, we have noticed some performance increases as well with the use of Netgate pfSense.

The solution's most valuable feature is that I really like the third-party add-ons, as they give the firewall a ton of flexibility and extra functionalities.

My organization plans to solve costs-related problems by using Netgate pfSense. We were using Cisco's firewall products, and the license and hardware costs were just too high. With Netgate pfSense, I think we can get a full firewall tool with support and no need for licensing for under 5,000 USD, saving a ton of money.

There were no specific security issues or challenges I was trying to address using Netgate pfSense.

In terms of the overall flexibility offered by the product, I would say that it is very easy to implement, make changes, and adapt to different challenges that we may have with it. It offers a lot of different options, including VPN options for site-to-site client VPNs. Overall, it is a great tool. It is a highly adaptable solution that is, most importantly, very easy to implement.

It is extremely easy to add features to Netgate pfSense and configure them. If you are talking about third-party stuff, it is something that is within the firewall itself. You can go into the Package Manager and install it.

From a configuration point of view, it is extremely easy to use the tool. With third-party stuff, it can be a pain, but overall, it is extremely easy to manage Netgate pfSense since it is mainly a GUI-driven tool. It is super easy to configure overall.

If I assess the solution for helping our organization prevent data loss, I think it has been great for us. Everything has room for improvement, but it has been great right now.

Netgate pfSense provides our organization with a single pane of glass management. The tool offers great flexibility and is awesome. In our organization, we haven't had any issues with it. It just makes changes that need to be done extremely quickly and efficiently by the end of the day.

I have worked with Netgate pfSense Plus. I buy the hardware from Netgate, and it comes with pfSense Plus.

Netgate pfSense Plus provides 100 percent features that help minimize downtime. In extreme situations, implementing connections that were super helpful in the past and just the ease of deployment, the product offers is helpful since even if something happens to the firewall itself, I can have a virtualized firewall doing the same thing within less than an hour. It can help with that downtime. I know that Netgate pfSense is extremely reliable and a great tool.

Netgate pfSense provides 100 percent visibility, enabling my organization to make data-driven decisions. Netgate pfSense is very much configurable. It gives you 100 percent of everything you need to make decisions. It gives you details of all kinds of different graphs, traffic, and firewall rules, along with the things that you definitely need in the form of the data that you need to be able to just make quick data-driven decisions.

Netgate pfSense visibility helps me optimize performance. The data is just so easily accessible that you can make decisions very quickly. It also helps improve performance. In our organization, we have noticed a very noticeable performance increase since we shifted from the old firewall from Cisco to Netgate pfSense.

If I were to assess the total cost of ownership of Netgate pfSense, I would say it is extremely low and affordable. I think it is a really very simple and extremely budget-friendly tool.

In our organization, we have had such a good experience with Netgate pfSense over the last four years. In terms of improvements, I have not really thought much, to be quite honest. Maybe faster releases for the software or the firewall itself can be areas where improvements are possible. The tool is just a little bit slow to release patches, so it is probably one of the things where the tool can improve. In general, the tool is not bad at all at the end of the day.

Speaking about whether any enhancements are required in the tool, I would say that the tool has everything that we need for our usage. We have an extremely complex environment, the most complex of which is how we use Netgate's BGP to connect to our ISP. Netgate pfSense is extremely feature-rich for our specific use scenarios, and we have not encountered any shortcomings in the solution.

I have been using Netgate pfSense for around four years. The box itself says Netgate pfSense XG-1540. I don't remember the software version we are using right now, but all I know is that I keep it up to date. In my organization, it will be the latest version of the product.

I have not faced any issues with the stability of the product. I have one firewall in a very bad physical environment. It was very dusty, but it has been 100 percent reliable.

It is an extremely scalable solution.

In our school, we have close to 1,800 students and 210 teaching staff overall. With administrative staff, I think there are about 50 people.

I have the tool in different locations and on different campuses.

If I can call someone from the product's technical support team, l can have a technical person on the phone with me in less than five minutes. If you have any questions for them, they will come and try to give you the answer as quickly as they can, and if they don't have a reply, they will reply to you later via email. For the amount that it costs per year, the level of service that you get is unbeatable, honestly. I rate the technical support a ten out of ten.

Positive

The product's initial setup phase was extremely straightforward.

When we deployed the product for the first time, we went through its documentation and how to do things. Otherwise, the strategy is usually based on the fact that we have four campuses, and they run in a similar manner. At least for us, we have a master configuration sort of thing, which we can kind of load into Netgate pfSense and make the small changes that we need, like VLAN changes and small things that apply to the location that the device will be deployed to, and it takes less than probably an hour or two to kind of have a firewall deployed working with the bare minimum, which is extremely fast compared to what it takes with Cisco.

In terms of maintenance, it has been pretty much like we do the setup and then forget it. The firmware updates, or physical maintenance, like cleaning the device, are there. From a greater overview, it is just kind of a set-it-up-and-forget kind of solution for us.

The product's deployment was done in-house, and it involved just me. The enterprise-level support from Netgate helped my organization a lot, especially during the first two deployments, but after that, it was easy.

Personally, I do not have any metrics or data points associated with the ROI that I can share with anyone. My CFO is the person who has information related to ROI.

In our organization, the whole point of moving to Netgate pfSense was that we wanted something that wasn't hard to use or where the licensing wasn't so expensive. We looked at different open-source options, but I can't remember their names. We also looked at UniFi's firewall, but Netgate pfSense came on top for us, considering the support provided and the fact that Netgate's team is the main set of people that keep up with pfSense's open-source project. With Netgate, we work directly with people who use Netgate pfSense, and it is great. We did look at other options, one of which was UniFi, but I cannot remember the name of the other alternative to Netgate pfSense. I think it is called OPNsense.

Suppose I compare the other tools I evaluated with Netgate pfSense, and I feel that the pros of pfSense revolve around the area associated with the product's cost in terms of hardware requirements and licensing. There are no existing costs for the licensing or the hardware. You can deal with the licensing part yourself and get it at a cheap rate from elsewhere or buy it from Netgate's boxes directly from the solution company. Another pro would be the ease of management the tool offers since it is possible to have everything that you need in the GUI, which is a little bit controversial because a lot of people like CLI, but sometimes you need to get something quickly without having to have hundreds of different things.

I haven't come across any cons in the product since most of our company's scenarios are simple and small since we are just a school compared to what other big companies have. Everything that Cisco's firewall was doing for us, Netgate pfSense's firewall does for us for a fraction of the cost and even offers a better performance. I would not know the tool's cons since I do not have anything on my mind right now.

I do not use Negate pfSense Plus on Amazon EC2 VMs. In our organization, we are using Negate pfSense Plus on Netgate's hardware. We use Netgate pfSense XG-1540.

To others who plan to use the solution, I would say that the support offered by the product is 100 percent worth it. The enterprise support is also extremely worth it. In a general sense, if people don't know much about implementation, they just need to read the documentation because many things, like the GUI part, could throw some people off. If you come from a CLI-based tool, the GUI aspect can throw you off, and I know it since it threw me off a little bit initially, but we were able to get through the implementation phase very thoroughly as the tool offers great documentation. By thoroughly going through the documentation, you will have a fairly easy time configuring the tool very methodologically. I really don't think I would recommend anything else apart from the fact that others need to read the documentation and take their time.

I rate the tool a nine out of ten.

We're primarily using the solution for testing. We're also using it internally at our own site, mostly as a reverse proxy, but also for the speed. Not all firewalls have 2.5 and and ten gig WAN ports.

The format, the layout and the interface are excellent. We really like that it is quite simple to use and straightforward. The quality, in particular, the ones we have is the Netgate unit, is particularly robust in terms of the look and feel as well as their speed and quality.

We appreciate its flexibility. Its usability is great.

We were able to witness positive results from the product pretty much immediately.

Its SD-WAN capabilities are great. The onboard storage is nice for keeping configs and logs, et cetera.

We do get a single pane of glass for management. It's well laid out and provides clear visibility into management features. Everything is easy to find within the menu bars and options. It is all very logical.

We're using the Plus version with Netgate.

pfSense does provide features to help minimize downtime. There's a failover availability, and there are high availability configurations. We don't use that; however, that's good to have if you need it. Having multiple endpoints or configurations on all of the ports is possible. It helps keep up our site and other sites.

With the logging capabilities, the solution provides visibility and enables you to make data-driven decisions. A lot of our clients are smaller, so they are nowhere near the limits of what pfSense can do by any means. 

The ease of changing parameters helps us optimize performance. It's a lot easier than what can be done with competitors, for sure. 

The solution could improve by adding in some sort of user account credentials in the sense of accommodating more levels of users. From what I've found, everybody has basically the same access. 

A formal partnership with some sort of VPN vendor, like OpenVPN, would be nice.

I've been using the solution for a couple of years. 

The stability is very good. there is no lagging or crashing. It's reliable. 

The scalability is good. However, we and our clients aren't too large. 

I've never needed to contact technical support. 

In the past, we have used Fortinet devices. pfSense is definitely easier to configure and use. It doesn't have quite the same feature set. However, that's fine - you don't always need the full feature set. We find that the add-ons that are available are fine. You just have to find them from a third party. 

The initial deployment was easy.

There isn't any maintenance needed beyond updates. The base install probably took ten minutes and to configure it properly takes two to three hours with some internal servers and multiple ISPs. You just need one person to handle the process. 

I'm using pfSense via Netgate devices, which are reasonably priced. The solution seems to be reasonable. It's well-priced for what you get. It's a bit lower than the competition if you are trying to gauge the cost of ownership. And it adapts well to different speeds.

I'm a customer and end-user. 

I'd rate pfSense eight out of ten.

If a person is familiar with firewalls, they'll be fine adopting it. The interface is pretty easy.

We use Netgate pfSense as the next-gen firewall because it has a lot of additional capabilities.

The solution's most valuable features are its ease of use and versatility. You can do anything you want with it. We implemented the solution for better security at better prices.

Netgate pfSense is extremely robust and stable compared to other firewalls.

You can use Netgate pfSense as a very basic firewall or with next-generation capabilities and full monitoring. With the command line and the openness of the platform, you can do a lot of things with the tool.

It is extremely easy to add features to the solution and to configure them. We have extensive monitoring capabilities that we have configured into Netgate pfSense so that we can probably monitor any firewall available. We have also utilized the solution's DNS black holes features.

When configured properly, the solution's data loss prevention capability is absolutely top-notch. We use the solution to monitor and detect users' odd or anomalous behaviors on the network, which are usually malware-related. We also use the tool to protect against various blacklists.

We use Netgate on Amazon and have one of their firewalls. Using pfSense Plus on Amazon EC2 has helped simplify our EC2 network. It has definitely helped us with Amazon and tightening things down there.

With the inclusion of firewall, VPN, and router functionalities, Netgate pfSense's total cost of ownership has been very good. For your infrastructure, you're typically looking at five to seven years. Netgate pfSense is definitely punching above its weight in that sense because it comes at a lower cost.

Based on our experience, it lives that long and longer than what you would expect. The solution's ROI and longevity do shine in that sense.

The solution's internal logging could be improved. However, it does have some external logging capabilities. It would be more problematic if you didn't have a very robust environment. We developed our own internal API about five to six years ago, but I hear all the time on newsgroups that one of the solution's biggest problems is API.

I have been using Netgate pfSense for over 15 years.

I rate the solution a nine out of ten for stability.

Netgate pfSense is a highly scalable solution. I would say there are at least three of us who are fairly proficient with the solution, almost at an expert level. We have a few others who utilize it, but they're limited in what they can do. Most of our clients for Netgate pfSense are small and medium-sized businesses, but we also have some larger businesses.

I rate the solution’s scalability ten out of ten.

The times I've worked with the solution's technical support, they've been excellent.

I rate the solution’s technical support a ten out of ten.

Positive

We are in the managed IT space and constantly deal with numerous, big name firewall vendors. Aside from the cost alone, Netgate pfSense provides a lot of benefits. Even if Netgate were the same price as the rest of the other vendors, I would still prefer to use Netgate just because of its ease of use.

The solution's initial setup is very straightforward. There's even a built-in wizard that will take you from out of the box to basic firewall setup in about 9 steps.

The solution's deployment time depends on the complexity of the environment that you're going into. On average, the deployment takes probably less than a day. We have a team involved in the solution's deployment.

We have seen a return on investment with Netgate pfSense. We've won some bids for firewall replacement jobs based on the cost alone.

I think Netgate pfSense is very fairly priced. I think it's a great way to get people locked in by being a little bit cheaper than many other solutions. Once they see it, they wonder why they would use anything else.

One of the features of pfSense Plus is backup capabilities, which didn't really help us because we had our own backup solution built in for several years. We also keep additional firewalls available if something like a storm comes through so that we can restore the configuration in five to ten minutes without too much trouble.

pfSense Plus doesn't provide a lot of features and benefits, but we use it because we want to see them continuing to develop the solution.

Netgate pfSense gives us a single pane of glass management, but we don't live in the firewall itself. We monitor it from our single pane of glass, which we're pulling about 20 other security stack solutions into as well. We're pulling in a lot of other enterprise-level solutions, including EDR, vulnerability scans, domain filtering, etc.

Since we have a few hundred clients, we have both cloud and on-premises deployments of Netgate pfSense.

Any product requires some care and feeding. It goes back to our monitoring aspect. As a general rule, you have some firmware updates about every six months. You definitely have a few things to maintain here and there in Netgate pfSense, but it's minimal compared to other solutions.

The solution's cost alone is well worth it. I would recommend it for its adaptability to any complex environment with added security features. You can start off by just doing a standard firewall and then grow from there and really expand on its security features. I really can't think of any reasons why you wouldn't use it. Netgate pfSense is pretty much all we use, and we use a lot of different vendors when we go to different places.

Overall, I rate the solution ten out of ten.

We use pfSense in our clients' offices to provide secure network access. For remote workers requiring private network connectivity, we deploy a Netgate pfSense router in both the office and the user's home office, establishing a robust IPsec connection between the two. This configuration offers superior security compared to alternatives like OpenVPN, as remote users simply need to connect their LAN cable to the home pfSense for immediate and secure office network access. We primarily serve small organizations with 10 to 200 employees, deploying a pfSense router in each main office and providing OpenVPN or IPsec connectivity. Additionally, we offer optional pfBlocker-NG integration for advanced threat protection, enabling the blocking of traffic from specific geographic regions or known malware sources.

We have several sites with multiple or backup-wide area networks. We use pfSense to manage these networks, configuring them for load balancing or backup as needed. To authenticate OpenVPN logins, we leverage Active Directory on our Windows Server, simplifying user management. Office managers can easily disable both Windows and OpenVPN access for users without needing to access pfSense directly. This centralized approach requires only a single robust passphrase for users to access both the VPN and the Windows domain.

I am accustomed to the interface and find it quick to use. However, I think a new user might need some time to adjust. That said, I've been using it for over 15 years.

As a network administrator, I fully understand the benefits of pfSense before deployment. While end users may not immediately recognize its advantages, I appreciate its value in eliminating the need for costly licenses associated with other firewalls like Barracuda and Checkpoint. PfSense offers a comprehensive suite of features, including VPN, user management, and advanced DNS, without requiring additional fees. This cost-saving aspect is a significant selling point for me when replacing older firewalls with Netgate pfSense. Not only do we improve network security, but we also reduce ongoing expenses, a benefit that becomes apparent to clients over time.

Adding features in the packages section of the interface is quite rapid, especially when limiting options to available packages. However, configuring unfamiliar or infrequently used packages requires research and time, ideally by someone with networking and firewall experience. While pfSense is not entirely plug-and-play, the basic setup is straightforward; adding features demands more technical knowledge. So, feature addition is easy, but configuration can be moderately complex.

pfSense can help prevent data loss by making it difficult for hackers to breach networks. However, most data loss incidents we see result from end-users clicking on malicious links or email attachments. When data loss or ransomware occurs, the issue typically lies with user error rather than pfSense. I believe that the networks I configure using pfBlocker, which restrict communication primarily to the continental US and other approved countries, may help block ransomware. Still, I cannot quantify the frequency of such occurrences.

Approximately ten percent of pfSense routers experience critical issues requiring a factory reset. Previously, this process involved contacting tech support and providing detailed information. However, pfSense has simplified this by offering self-service image downloads. This improvement significantly speeds up customer recovery time. Additionally, Netgate's pfSense Plus hardware comes with a Zero-to-Ping warranty, enabling easy setup and troubleshooting for end users. While not entirely plug-and-play, most users can easily install these routers, and Netgate's warranty provides additional support if needed. I've successfully utilized the Zero-to-Ping warranty several times and believe it is a valuable resource for both technicians and end users.

pfSense has helped enable data-driven decisions. It allows me to communicate the need for faster WAN lines to client management by providing concrete evidence of network performance. Additionally, pfSense offers detailed insights into OpenVPN user activity and IPsec traffic, facilitating targeted problem-solving. For instance, I can readily identify slow IPsec connections for remote users, such as user X, and advocate for necessary improvements based on these data-driven findings.

OpenVPN, IPsec, DHCP, and DNS are the most valuable features. I will also include pfBlocker-NG later in the list, but only a couple of sites use this feature. 

pfSense does offer a convenient single-pane dashboard, but I believe it could be improved with additional features. For instance, an administrator log for team members to record notes, such as adding a nameserver, removing user accounts, or other relevant information, would be beneficial. This simple log within the main status page could enhance communication and collaboration among the admin team. While the current status screen provides most of the necessary information, this extra feature would be a valuable addition.

It would be beneficial if Netgate provided a table outlining the recommended maximum WAN port speeds for their various models.

The documentation doesn't align with what I'm seeing on the console. This is frustrating because the online documentation doesn't match the dashboard, leaving me unsure of the correct steps to take.

I have been using Netgate pfSense for 16 years.

I would rate pfSense's stability a perfect ten. When I replace consumer routers with pfSense for small businesses with two or three employees, they are often amazed to discover the router can run for a year without a reboot. This starkly contrasts their previous experience with consumer routers that required weekly or bi-weekly unplugging.

I have been pleased with pfSense's scalability. While I haven't explored all its features, I have successfully backed up an old system and restored it to a new pfSense device, which I consider an upgrade. I know additional capabilities like load balancing and backup device management but haven't implemented them due to a lack of current need. PfSense offers much more potential than I've utilized.

The quality of the support is high. While the speed used to be somewhat slow, I've noticed a significant improvement in recent calls, connecting with a representative quickly within the past year.

Positive

We've used multiple firewall solutions over the years. Twenty years ago, we implemented Monowall. Subsequently, we switched to Barracuda, which proved highly problematic and required frequent technical support intervention. Our next choice, SonicWall, was an improvement over Barracuda but still presented challenges. Specifically, SonicWall's licensing model is burdensome, as it necessitates constant management on my part, a task end-users are unwilling or unable to perform. Though less frequent than with Barracuda, technical support interactions are still necessary.

Initial deployment is straightforward, taking approximately half an hour for each unit. While pfSense is not the issue, challenges often arise due to clients' limited understanding of their network configurations. A single person can effectively handle the deployment process.

I appreciate that pfSense eliminates the need for extra payments, license management, or feature limitations. This cost-effectiveness and its reliable Zero-to-Ping guarantee is its most compelling aspect.

The pricing seems fair overall, but I think they need more reasonably priced options for very small offices. They currently offer a few affordable units at the lower end, but then there’s a significant price jump to the next level. I remember they used to have a model around the 2100 range that was a good middle ground. I believe they should offer more choices between the lowest tier and the next one in terms of hardware. Additionally, I'd like to see a per-incident support option, which I don't think they currently provide. I haven’t checked their support options in a while, so I could be mistaken. However, in the past, they only offered annual plans. If I encounter a specific issue, I would prefer the ability to pay a one-time fee for complete support on that particular problem.

The total cost of ownership is great. pfSense is our most recommended appliance for router, firewall, and VPN functionality. 

I would rate Netgate pfSense nine out of ten.

Users don't need to do anything to maintain the system, but I like to check all pfSense instances every few months, install updates, and look for any irregularities. I try to check every single pfSense system if possible. pfSense needs to be manually updated.

I use pfSense to provide IT services for small businesses. They typically have a broadband or fiber connection through a router to the ISP, so they're looking for some additional security. We can get a Netgate appliance with pfSense for a few hundred dollars.

We saw the benefits immediately. I live in Edmonton, and one of my clients is a machine shop in Montreal. We configured the firewall and sent it to the shop with instructions on how to set it up. They set it up, and once it was running, I could remote in and start providing IT services to my client two time zones away.

It can help you prevent data exfiltration from the outside, but you'll always have a problem with employees who want to do bad things. It isn't a completely zero-trust approach. It has logs that will tell you if something seems odd. That requires the owner or IT professional to stay on top of it.   

The stability of the Netgate hardware and pfSense software helps to prevent downtime. At the machine shop in Montreal, we had an older Netgate model running for almost seven years, which we replaced last Christmas. It wasn't failing, but we upgraded it to ensure uptime. We spent about $200 on that device or about a few months of coffee for the office. You can deploy pfSense on your own device, but it gives the client comfort to see an actual device instead of something I cobbled together. 

I don't know if there's a particular dashboard other than the volume of data you are passing through the firewall that we check to ensure it is as expected. All of the businesses we handle are small, so we don't need some of the advanced features, such as VLANs, and I'm not going into them to fiddle with them constantly. If the power is somewhat dodgy, as it is in Montreal, they come back online in the proper configuration.  

One of the main benefits of our use case is pfSense's inclusion of OpenVPN. We can set up a server-client configuration so employees can access the office outside business hours. This enables us to provide secure remote access to their workstations and other devices inside their worksite. OpenVPN is included, so I don't need to purchase an expensive VPN solution with its own client. 

I also value the community on the pfSense website and other forums. If you're trying to set something up, there's invariably someone else who has done it before. It's open source, so the community is massive.

PfSense is quite flexible. You can tune it to meet your needs. If my client has something provisioned to their clients, we can run that through the firewall. We can also set it up so that everything is locked down and all traffic moves through the VPN. Like any other firewall, you can set up rules. I haven't encountered anything that I wanted to do that I couldn't. 

Setting up the VPN is always tricky, but adding features isn't hard overall. OpenVPN is easier to use than any other open-source VPN solution. It does all of the DHCP and DNS forwarding and other firewall tasks out of the box.  

In most of our use cases, the pfSense interface acts like a single pane of glass for me to log in, monitor, and configure. You can use the command line interface, but I use the web interface. I would only use the CLI to review logs because everything is on a text interface rather than a browser window, so it's easier. However, for a business user, the web interface is easier if they don't have any complex needs. 

Our customer's IT operations are optimized to go through the pfSense firewall and OpenVPN. It enables us to get work done without constant callouts from the clients. When we upgrade to a new unit, we give them configuration files to install on their workstations. 

They could improve the VPN wizard to make the configuration easier. I don't know what happened last time, but it was a little fiddly. Adding users isn't difficult, but it's a step that's in a different panel from the configuration of the VPN client itself. You need to create the user on the firewall and then associate that with the VPN. They should make it easier to link the firewall configuration with the VPN client.

I have used pfSense for between five to seven years.

PfSense has always been stable, even in an inhospitable environment. A machine shop is bad for devices because of all the dirt and oil, and I had one that continued running for five years without any complaints.  

I always pick a Netgate device that has sufficient hardware for each of my clients, but if I had to expand suddenly, I know Netgate has a range of devices that would work. However, I do think they focus on small and medium-sized enterprises.

I deploy pfSense on Netgate appliances. It's easy for a typical network engineer with no experience with pfSense. If you know about networking, it's an easy device to set up. Coming from a Cisco background, I found it dead simple to install. I have deployed boxes in under an hour. One person is enough to do it. The maintenance and updates are easy. I've never had an issue with updating and fixing bugs. You can do it all remotely. 

I rate Netgate pfSense nine out of 10. Having a basic understanding of networking concepts, like firewalls, routing, and VPN will help you navigate the pfSense interface. 

We primarily use the solution as a firewall and for managing traffic.

The interface and the integrated services are very useful.

pfSense offers very good flexibility. There are good plugins you can integrate into the software. We can use it for a firewall and to monitor internal traffic. We can do many things. 

It's not very difficult to integrate and configure features. At the install level, using the wizard is very simple. As a firewall, it's easy. You can watch usage and target effectively. If I have difficulties or questions or I need to understand how something works, there are videos and tutorials. 

We noticed the benefits of using pfSense pretty immediately. We could see it on the graphs that help us analyze the traffic.

We're able to leverage the single pane of glass interface. We can monitor everything from it from traffic to the state of the machine to memory usage and CPU. It provides good visibility so that we can make data-driven decisions. The visibility we get helps with availability.

Performance has been optimized under pfSense. We can filter traffic and limit internet use as needed. With it, we can control throughput.

The first time we deployed it, it was kind of tricky. There were many configurations. You need to first configure the alias, then you have all the IPs ordered correctly, and you can start to manage the VLANs. It would be ideal if we could implement in an easier and efficient way. 

One time, we tried to configure a wireless AP to the firewall and that was tricky. Understanding the interface was hard. It could be easier. 

The displays of all the plugins could have a better layout. You have to search through all of them to find what you need. They need a search button.

I've used the solution for one year.

We haven't had any issues with stability.

We haven't tried to scale the solution. 

We haven't contacted technical support.

Previously, we used a simple firewall called Linksys, among others. It was not very useful for analyzing traffic. pfSense is more granular in terms of firewall rules. 

The initial setup was straightforward, and there are a lot of tutorials online. You can just follow instructions. It's not too hard. The setup was fast. It took maybe half an hour.

There might be a bit of maintenance needed. We check from the main page to check it for CPU or disk failures. there might be some updates. That's it. Sometimes I go on Reddit and check to see if I should do the update or not. I remember once I read that someone suggested that we do not update and to wait for an update in a few weeks.

We managed the initial setup ourselves. 

The total cost of ownership is good. We don't have too many pfSense subscriptions across our network. However, it's pretty cheap compared to other firewall subscriptions. Plus, the pricing is inclusive. 

The pricing is good for us. It's not too expensive considering all of the features on offer. It's about $1700 a year. It could always be cheaper, however, for the most part, it's good. 

We use the Plus version of the solution. 

I'd rate the solution nine out of ten.

I'd advise users to always follow tutorials which can be found online. Be prepared. That said, the interface is not overly difficult.

I use Netgate pfSense personally at home and the data center, our headquarters, so it is for enterprise and personal use.

The most valuable feature of the solution is that it is an open-source tool and is available at a very low cost.

In terms of flexibility, the tool is great, especially the fact that it is open source. On Netgate pfSense Community Edition, people can write stuff into it and get plugins for it. Netgate pfSense Plus version does a review process with the help of Netgate, so you don't have to have many plugins for it. The tool is very open to modification if you need to do that.

The benefits related to the product can be experienced immediately after the product is deployed, especially in terms of the speed improvement and features that we don't have with the current solution or the current technologies that we don't have with our current solution.

To deal with data loss while using Netgate pfSense, you can always export the logs or dump them into a log server, specifically a Syslog server. I don't really view the boxes in the data warehouse other than the logs. There are features in the tool that we can send out to the syslog server, which is what we do in our company.

In my enterprise, we are getting ready to push out two hundred devices, and I don't see a single pane of glass management. I don't necessarily consider Netgate pfSense to be an enterprise product because it doesn't offer a single pane of glass management. With Netgate pfSense, you have to touch all devices to make a change. My company has been messing around with Netgate pfSense for some scripting on it, but it is still not what I am used to using in the enterprise. One window for controlling all devices doesn't exist in the tool.

Netgate pfSense provides features that help minimize downtime since it offers high availability on the boxes. You can use multiple WAN interfaces, so multiple ISPs can be plugged into your device to help manage if the service from one ISP goes down.

Netgate pfSense provides visibility that enables our company to make data-driven decisions since it offers graphs, traffic graphs, and firewall graphs. I can see if there is a client on the network that is just flooding everything. Yeah. The tool has graphs, charts, and log files.

The visibility of Netgate pfSense helps optimize performance. If I see there is a network that is a guest network that is just maxing out at 100 percent, I can attempt to give them some more bandwidth. I can modify the quality of service to give them better or more bandwidth.

With the inclusion of firewall, VPN, and router functionalities, if I assess the total cost of ownership of Netgate pfSense, I would say that I get what I pay for when it comes to Netgate. I get more than I am paying for, meaning the return on investment is great. I feel reluctant to talk about the good return on investment experienced by my company from the use of the tool because I don't want Netgate to charge more money, and as a non-profit company, it can hurt us. The total cost of ownership is fine since our company does not have to spend a lot of money on it. I know that if there was a Linux conference three or four weeks ago, and they were giving me some grief points on how it dies after buying boxes from Netgate in a year, it dies, but I have not experienced that. My total cost of ownership is great. Other people would buy the box, which would die in a year, so they would just lose money.

Netgate pfSense needs to have a single dashboard for managing all devices.

As an enterprise customer, I expect Netgate's sales personnel to inform me of the new devices that are coming out. For example, there was a time when I was getting ready to buy a device, and then I thought that I needed to hold on, and so the order failed. I thought I needed to wait a few days before ordering a new device. I was getting ready to order another device, which was Netgate 1541, but after two days, Netgate 8300 was released, and it was far better than what I was getting ready to buy. I was really disappointed that the salesperson from Netgate didn't ask me to hold off on my decision to buy Netgate 1541. You don't have to tell me that something brand new is coming out if you don't want to spill the beans or anything like that, but it would have been nice if Netgate had asked me to hold off on my decision to buy Netgate 1541. I was getting ready to buy a product that would have been, immediately two days later, an old technology. I just expect more from a salesperson. When going through Netgate's website, while trying to buy Netgate 1541, I saw there was a list of features at the bottom of the product page, so I had to select the features I wanted, but I couldn't have all the features at the same time, and the website would prevent me from adding extra features, which actually was the cause for the order to fail. I had added features that you can't have at the same time, but nowhere on the website did it say anything like that, and that led to a delay in my time frame. I was trying to get something to solve a problem at a certain time, and then it wasn't until a day later, a day and a half later, that Netgate called and said that I couldn't have all of the tool's features, which was something that messed up my installation time. Issues with the product are associated with feature requests. It is not necessarily the box itself but more of the company that needs to consider improving its approach. For the box itself, everything in a single frame should be released.

I have been using Netgate pfSense for five to seven years. I am a customer of the product.

I haven't had any device crashes yet. The stability is great. I have not had a device crash. When there was a device crash, it was for the one at my home when we had five power outages, and it burned my hard drives, but that was not because of Netgate's box.

It is easy to scale up. I will be visiting a site soon that has Netgate 1100, and I am going to put in a Netgate 4200 over there. I don't think I am going to have any issues. I will be able to copy things off the config of Netgate 1100 and dump it on Netgate 4200 with a few modifications. The tool's scalability is great. If I need to add a drive or replace one of the hard drives in the tool, then that is something that can be done easily.

Based on the customer support for our account to figure out why an order didn't get through or why we can't get this part, we have contacted Netgate's team, but not for actual support. The tool's community is fantastic, and it is one of the driving pieces that I sell to my decision-makers, considering that the community supports the solution. With community support, I am not just calling out to five or ten people. Instead, it is possible to reach out to the world to respond to an issue that might have been of a lot of concern.

I have never contacted the tool's technical support team for any technical support, but it was just a question with my order.

I have experience with Juniper, NetScreen, OPNsense, Cisco, and Meraki. If I consider the box itself, Netgate pfSense is better than the other tools I have used. 

From an enterprise perspective, I can't say Netgate pfSense is better than all the tools I have used because it doesn't have that enterprise management capability. As soon as they get that enterprise management capability, Netgate pfSense is the best out there in the market.

The ease or difficulty in the tool's initial deployment phase that one may experience depends on the box. If I speak about Netgate 1100, I believe that using a switched network interface or ports can be a little more challenging than trying to work on VLANs. The other boxes that aren't switched, like Netgate 4100 and the models above it, work perfectly fine and function as I would typically expect, so the installation is not hard at all, but you do have to know networking. I always hire people, and they are used to having stuff done for them when it comes to tools like Meraki. You just plug it in, and it works. The people I hire have no idea how to do any type of networking or act as IT or MSP professionals, and they can only work in the framework for which they have been trained. You do need to understand fundamental networking technology to make the tool work. For me, the installation is easy. If you don't understand fundamental networking technology, it can be hard to install the tool.

One person can manage the product's deployment phase.

There is a requirement to maintain the product since we have to touch each and every box to do software updates. The tool does require maintenance on our part.

I use the Netgate pfSense Community Edition and the paid version called Netgate pfSense Plus.

Netgate pfSense Community Edition is great and free. For Netgate pfSense Plus, we have to buy Netgate's boxes, and the pricing is great. As a non-profit organization, I would like to have a discount from Netgate, but if you are ready to buy a hundred boxes, it would be nice to have a discount. I understand that Netgate pfSense does not charge a lot more for the box than what we are paying for them. The pricing is fine.

In terms of how difficult it is to add features to Netgate pfSense and configure them, if I talk about writing from scratch, it is something that I don't do. If someone has a plugin, pulling that in is ridiculously simple. If I say that I want a Tailscale plugin, then I can put it in, and it is already in the system, and as long as I know how to do networking, you can figure out how to use a plugin since it is not hard at all in regards to Netgate pfSense Community Edition and Netgate pfSense Plus.

I have not used Netgate pfSense on Amazon EC2 virtual machines.

One needs to realize the difference in the switched version, and to do so it is important to understand Netgate 1100 and Netgate 2100 and the individually addressable ones since it is the area that threw me when I first got Netgate 1100, I was like, what in the world am I working on currently. Managing the VLANs on the tool threw me a ton, and it took me about an hour to figure out what was going on with the solution.

As the tool really needs centralized management, I rate it an eight to nine out of ten.

I am in IT. I use pfSense for my personal use. I use it to practice networking and understand how networks work. I apply all the networking-related things that I have learned to pfSense at home.

I also use it to isolate my IoT network from my regular network and from the devices I use for the cameras.

The main reason for implementing pfSense is that I like playing games. With pfSense, I can place quality control over the traffic traversing over the WAN connection or the Internet. I am able to prioritize and limit some devices to allow me to have a better connection to the Internet than some devices in our house.

pfSense is a flexible solution. It has features for setting devices into groups. I was able to group up the devices in our house to be able to set some restrictions on some devices and have full restrictions on other devices. It allowed me to control my kids' devices to limit access to the Internet to a certain time. It automatically stops on the Internet for those devices when that time comes.

pfSense gives a single pane of glass management in regard to the network. I was able to control everything in my network, which is good.

I use pfSense Plus. I got third-party hardware, not with pfSense, but I purchased the license to have a pfSense Plus version. That hardware went down a few days after I bought the license. I created a ticket, and the engineer allowed me to move it to another device because I had just recently purchased it. Thanks to them, I was able to have less downtime because I did not have extra money to purchase another license. I was able to bring it up as fast as possible. The backup and recovery of the configuration is very pretty easy. I just reuploaded the file and updated two lines of code, and that was it. Everything worked.

Everything works well. My streaming is working fine. My kids do not complain about any lags. I can play my games without having any issues. I do not experience any lags. When my wife is working, she does not have any problems downloading or uploading files back to her work. We are pretty happy with the performance.

For me, the firewall is most valuable because I can play around with the firewall. That is the best asset for me. I can limit what I want to limit, and I can open what I want to be open.

I like the versatility of pfSense. Compared to other products I have used for home and small businesses, this is the easiest to understand. It has enterprise features compared to, for example, Ubiquiti UniFi. Their router is limited to some features, whereas with pfSense I can do, for example, routing and dual WAN. I also have several VPN options. 

It has a lot of features, but I wish there were even more features. Some of the features I am looking for are still not there in pfSense, like, for example, content control. Because I have kids, I want to control the content or what they watch. There is a feature in pfSense called pfBlocker, but it is limited. If I set that up, it is blocked by an IP address. Sometimes my devices are borrowed by my kids. They are able to get a full connection to the Internet, but their devices are limited. If content blocking is added to pfSense, it would be great. If I can block content by a user, that will be a preferred solution.

The frequency of feature releases can be better. We have been waiting for some of the features for a while, but they have not been released. I know they prioritize what is used in the enterprise area, and then they provide some features for regular consumers like me. If they can balance that 50:50 and focus equally on the enterprise and consumer suggestions, it will be great.

The interface and support are perfect for me. I saw a post on their blog that they will be moving to the Linux operating system. Hopefully, they would have better wireless because the wireless for pfSense is horrible or horrendous. If they move to Linux, hopefully, they will improve it.

I have been using pfSense since 2020. It has been four years now.

It is very stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

We are a family of five. Five of us are connecting to the pfSense Internet.

They are great. They are perfect for me.

Positive

I have used TP-Link and Ubiquiti EdgeRouter. In regards to features, the two are on par. They are way behind pfSense. pfSense is way ahead of these two in terms of what it could offer. In terms of security, TP-Link is very bad, EdgeRouter is in the middle, and pfSense is way ahead. In terms of performance, TP-Link is worse, and EdgeRouter and pfSense are neck to neck. I prefer pfSense over others.

I installed it on third-party hardware. The longest period of initial configuration was when I deployed it for the first time. After that, it is very fast because I can back up my config and restore it if I break something.

It took an hour or two for all the installation and configuration.

In terms of maintenance, it requires regular updates. That is the only maintenance that it needs. I also need to monitor if any known or zero-day bugs are found in pfSense. I am watching that because pfSense is the device facing the Internet, so I need to be always alert about any zero-day bugs. I also need to be mindful of the configuration to not accidentally expose any ports. These are the three things required in terms of maintenance.

In four years of using it, that payment of 189 dollars per year has already paid off. Over these years, I only experienced it going down two or three times, which is less than 1% downtime per year.

It is cheap. If you are a technical person, it is a pretty cheap solution because first of all, the Community Edition (CE) is free. I am in Australia, and my pfSense license is about 200 dollars. It is not bad because it is per year and not per month. It is cheap compared to other solutions.

I am not using the hardware. I am using the software. It is very cheap. It does not cost me a lot. The only cost is just the one-year payment. If I need extra hardware, I need to purchase that from the third party whose hardware I am using.

I would recommend pfSense to others. I already recommended it to my boss, and he is using it now. He is loving it as well. It is easy to use, and there are a lot of resources available. If you have any problem, someone would have already encountered that problem and found a fix, so it is easy to fix based on that. It is very reliable. The downtime experience is very low. It is almost zero.

I would rate pfSense a ten out of ten.