pfSense Review

Kernel support for laptop features need to be updated, but it offers true processor power at low energy cost.

Valuable Features

  • Battery backup
  • True processor power at low energy cost
  • Expansion possibilities
  • Low noise emission

Improvements to My Organization

We like it mostly for being able to use BSD compiled software inside it. It is flexible, fast, powerful and full of features, such as an easy proxy filter, and clustering along with an easy and well developed web based interface.

Room for Improvement

Kernel support for laptop features, USB/Firewire ethernet cards, and specially built in WLAN cards. If the WLAN functions work properly, pfSense makes a perfect "repeater" or controlled and robust accessed point with built in QoS and firewall. Wider support for 3G and 4G USB cards as backup networks would be nice too. It was impossible to get some USB stuff to work.

Use of Solution

We've used it for two years, with an HP Elitebooks 8350 for battery backup.

Deployment Issues

No issues encountered.

Stability Issues

I got terrible kernel crashes on HP laptops while trying to setup WLAN, but it worked better on Fujitsu ones.

Scalability Issues

It has worked as expected so far.

Customer Service and Technical Support

Customer Service:

I have never needed it.

Technical Support:

I have never used it.

Previous Solutions

We have mostly used Cisco products. Their products feels like we are back in the stoneage when compared to pfSense. We switched as we needed more power (as traffic, bandwidth and user accounts grew). pfSense was one good clear substitute, and Cisco is too expensive if you want real throughput power, and it was too hard to administrate when we compared it with pfSense. also, anyone can learn pfSense pretty fast because of the intuitive web interface), and there is never trouble with invalid licenses. The features like IPS (snort/suricata) are well developed and can be used for free or at a small cost for extra security. The most valuable of all though, is that we could recycle old hardware to make our perfect firewalls, reducing the hardware cost.

Initial Setup

It was easy.

Implementation Team

We implemented these ourselves.

Pricing, Setup Cost and Licensing

It's hard to say. The setup goes pretty fast and, once you know the hardware to be used, it will work, so there was no significant amount of time there. The laptops used in this project were already recycled and had enough power for us to make a cluster and be happy with them, so it pretty much only cost us the price of some 3G modems and some USB network interfaces. Maybe not more than 200 Euros per machine.

Other Solutions Considered

We evaluated IPCop and m0n0wall. We took a vote on our team and pfSense won the deal.

Other Advice

If you are unsure, do a labtest before you implement it. If you are still stuck on the traditional "stoneage" products, you may get amazing results.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Systems Administrator at a tech services companyReal User

In my initial trials of PfSense, i have found it to be a very versatile efficient and reliable firewall that is a swiss knife in its own class and competing in an ever evolving and strong security market.

25 August 15
Cloud Engineer at a tech services company with 1,001-5,000 employeesReal User

Long time pfSense user here... to counter on your comment about Laptop support, it's not meant to be ran on Laptops, hence the lack of features you were looking for concerning the laptops you had it installed on. Throw it on a NUC, Server, Atom, a Desktop or even a VM and it's going to be perfect. Pushing two servers at work with dual - dual 10G Chelsio cards. (2 10G ports for WAN and 2 10G ports for LAN in LACP each).

26 August 15
Sign Up with Email