Netgate pfSense Reviews

I use the product for many enterprise clients, including building construction, government, and education.

The documentation is very good.

The pricing is okay. It's not too expensive.

The integration capabilities are great. The product can integrate well with Check Point and Fortinet. They make it a very easy process.

It's very good at defending our company.

It would be ideal if the solution could integrate with Snort and OpenVPN.

The technical support needs to be improved.

I've been using the solution for ten years at this point.

The technical support is not great. It's very slow. Sometimes it will take four days in order to connect with them, which is actually a decent timeframe for them. 

Their documentation, however, is pretty good.

The initial setup is not complex. It's pretty straightforward. The onboarding process is pretty good. They make everything very, very easy. People shouldn't have any issues with implementation.

We've found the pricing to be very fair. It's actually pretty low. The licensing is very inexpensive.

We looked at Fortinet and CheckPoint in relation to how they work with Linux.

In the case of Fortinet, the content filter is a URL content filter. It's very different and it's complex to use.

We're a pfSense partner.

I'd rate the solution ten out of ten. It's been very good to work with.

I would recommend the solution. pfSense is superior in terms of defending against attacks.

The solution pretty much is our only firewall security at the moment. It handles the integration with our active directory and makes sure that all communications are channeled through a secure network.

The solution is very robust.

The solution can be complex. It needs a bigger team with more coding skills than what we have at our disposal. With our skillsets, we're facing a lot of limitations. We're a team of four who handles 12 independent companies under a larger umbrella. Our workload is already quite high. We need solutions that lessen it, not enhance it.

The solution requires a lot of administration.

The solution would work better for us if the user interface had some kind of unifying feature that didn't just do firewalls. Sophos, for example, offers so much more. You get one license and you're good to go. Everything's handled from the anti-virus to the network and the traffic and monitoring. Sophos is really user friendly and easy to master. It's easy to get rules put in. pfSense offers none of these things beyond just the firewall capabilities. 

We've been using pfSense as of early last year, around about February 2019. It's been just over a year.

We have about 350 people at our organization that this solution covers.

Although the solution offers a lot of documentation, has a large knowledge base, and has a support forum, when it comes to actually contacting technical support directly, we didn't have access to that level of attention. Everything, therefore, was really on the team. We had to figure out how to troubleshoot on our own and tried to use documentation to guide us.

We originally used this solution way back in 2011. We used it for about 18 months. Then we then migrated on to a system called Kerio Control. We realized that we needed something a little bit more robust than Kerio Control. So we then moved back to pfSense as of last year.

The deployment didn't take too long. I have experience in pfSense, as does my junior. We were able to deploy it within a couple of hours - at least for what we wanted it to do off the bat.

Basically, you need to get all the rules together. We were able to do that within a couple of hours. Obviously, I must say, if we wanted to do a lot more, it would take us quite some time. Unfortunately, we're quite a small team, so we've got quite a lot on our plate and we just honestly did not have the time to get really granular. 

That's the reason why we're moving to something a little bit more user friendly for our size.

We're just users of the product. We're not consultants or resellers.

It's your basic firewall setup. However, when we looked at Sophos, we found that Sophos offered a lot more as it's a fully unified solution and had a firewall, as well as anti-virus and network monitoring capabilities.

This solution really gives us a greater extensive array of modules or features than we would not necessarily see in managing the system as administrators. The solution is quite extensive in that there was a lot of material that we had to read about. It just was not user-friendly for the team. We needed a solution that can handle itself without our intervention.

I'd rate the solution five out of ten.

We use pfSense as our firewall. 

We install it for clients that don't have a network available or the network is not ready for phone deployments. We're a phone company. We use pfSense to connect to the router and normally we connect clients to client VPNs, and then from there, we can have access to the internal network so that we can see all of the files.

We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform.

I would like to see SD1 integration into the software. That would be fantastic.

The solution is pretty stable, that's why we use it. There aren't any problems.

The scalability is fine. If you need to have a bigger client or something like that, it's simple. You do a backup and then you restore into a new appliance and go from there. 

We provide technical support for our clients so we don't use a third party company for the support, we do the support in-house.

We also use MikroTik, Barracuda, and StoneWall.

The initial setup is fairly simple, not complex. We can get the deployment done in around half an hour. 

We deploy pfSense for our clients. We have one technician maintaining the whole thing.

Our return on investment is fast. We see a return on investment from day one, it's a fairly cheap router.

Any network engineer will understand how this solution works. It's not so complex to understand and be familiar with. It will require a certain level of networking knowledge to use it but we're at an enterprise level and we're a small-medium business and it works.

I would rate it a nine out of ten. 

I stood up pfSense in a Large Telecom providers Lab environment for their next generation products. I was able to achieve 10G throughput (about 9.1 true throughput as tested over 4 days solid), and only hit a max of 20% CPU utilization on a DL380 G7. This server also had Suricata (in IPS mode and a heavy ruleset), as well as pfBlocker running.

I use pfSense because it gives me the flexibility to greatly expand basic firewall features. It's open source (and free - as in beer and speech), but also has commercial support. This can be run on any commodity hardware on the market (I've ran it on AMD and Intel - even Atom, processors) and throughput is excellent, even with lower speed CPUs and less RAM.

The GUI. There are TONS of plugins for pfSense, as such, if a user wants to add quite a bit of functionality, the GUI will feel a little congested.

A little... BUT, this was contributed to a failing Arista switch that would do a coredump and reboot. The pfSense installation at high speeds failed over perfectly though.

No - in our high-speed tests (10G), we were not able to push the CPU over 20% utilization.

I didn't really need any technical support. But was in contact with the Developers of pfSense as we were starting to work with them for an NFV setup.

Fortinet, SourceFire, etc.... the cost... oh the cost! Why pay these guys when I can use pfSense for free AND only pay for support when and if I need it?

Very straight forward. If anyone has ever installed any kind of OS or set up a firewall, it will be a piece of cake.

Open Source - just download! If you need support, it's available.

Fortinet, SourceFire.

It's an amazing product. There really are few issues with pfSense.

We are an MSP. We have some customers who have on-prem networks, and they want to have their networks protected by a firewall. They are quite small customers with 10 to 50 users. We use pfSense in order to protect our customers' network, to make some network automation, and especially to make VPNs to some remote branches to enable remote users to get access to the enterprise network.

It is deployed on a private cloud and on-prem.

My technicians find the pfSense's web interface very useful. It is very easy to use. 

pfSense is very reliable and stable. We like the OpenVPN clients that can be deployed using pfSense very much.

I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that.

I have been using this solution for five years.

I would rate pfSense a nine out of 10. It is a very good product.

It is my main firewall into the data center and VPNs for clients. It sets up my DMZ and does a whole bunch of other stuff. I am using the latest version.

We wouldn't be able to function without it.

The intrusion detection feature is the most valuable. It is an open-source firewall, so there is a lot of material on it. I also find the open VPN capability very nice.

It is pretty customizable. The clustering and the high availability are the two biggest things to be able to get out of a firewall. 

Their support could be better in terms of the response time.

It has been pretty rock solid.

Its scalability is good. I have got web users and other kinds of users, so there can be five or thousands of users.

I paid for some support with them, and it was pretty good. They just could be a little quicker in responding. They have custom level support, so if you got something complicated, they get you up to the upper tiers, but it takes a little bit longer to do that. Once you get there, the support is good. I would rate them an eight out of ten.

I used Fortinet previously, and I used Ubiquiti prior to that. We switched partly because of the cost. It also gave me the ability to do the clustering. I can still maintain my VPNs, connections, and other things. I can take down one of the firewalls for maintenance and bring up the other one and not take down my whole user base.

It was not complex. I was able to do it myself, but we had some problems with some of the protocols, and we had to get one of their coders to get in and look at it. Because of that, it was a little complicated to do the high availability stuff.

I did it myself.

I spent a couple of $1,000 on hardware, and the OS was free. A comparable firewall would cost me probably 20 grand. It saved a lot of money.

I would advise others to go for it. I would recommend this solution. It is a good solution. No other solution can beat the price. 

There is so much stuff you can do with it. There are so many features, and I have not even scratched the surface on all of them. If it is something that someone doesn't feel like configuring, you can buy a prebuilt system from them and get support.

I would rate pfSense a nine out of ten because of the cost and flexibility. It has been pretty good.

We just use the solution as a straight-up firewall. There is no VPN access or anything like that. We just use it as a straight-up firewall and we run Suricata on it as a defense.

The built-in open VPN and the VPN Client Export are the solution's most valuable aspects.

I cannot recall any features that are lacking.

There's a bit of a learning curve during the initial implementation.

You do have to pay extra for better customer service.

We've been using the solution for about six months. It hasn't been too long.

The solution is very stable. We've had zero issues. There aren't bugs or glitches. It doesn't crash or freeze. It's been reliable.

I have not tried scaling, therefore, I can't really comment on how easy or hard it would be to expand the service.

There's only one person in the organization using the solution, and that's me.

The tech support is excellent if you have a support subscription. If you didn't have that, you could be lining up for a while. It could be a hit or miss, whether you get someone that's actually going to help you. 

However, we have a subscription and therefore our support is always excellent. We're quite satisfied with the level of service we're getting.

Previously, we used Dell SonicWall. There was just a high cost of licensing all the time, and, with having someone go in and troubleshoot for issues as well, it just wasn't cost-effective anymore. pfSense is simply a better solution.

The initial setup has a bit of a learning curve. It's not complex per se. It just takes some getting used to. After the initial deployment, the other six or seven were easy. I could just copy the configuration of the other ones, change some IP addresses, and I was basically done.

There aren't monthly or yearly licensing costs.

We're just cusomers. We don't have a business relationship with pfSense.

We're using the latest stable version of the solution.

I would 100% recommend the solution to others. On a scale from one to ten, I'd give it a ten.

We use this at all of our locations as our edge device, IPSec site-to-site VPN functionality between our offices and our AWS EC2. No matter what is thrown at this, the system handles it like a champ. We have both dedicated hardware and virtualized versions running in our infrastructure. So far we haven't found a reason why we need to spend thousands for an appliance like Cisco ASA when this handles all of our needs.

We're a small business growing rapidly. We recently overhauled the IT infrastructure, and after looking at a number of other competitors, pfSense has been a lifesaver, allowing us to scale up and provide compliance without the need to purchase additional licenses to offer services to our employees.

There are so many packages you can install which extends pfSense's capabilities including consuming from lists such as FireHOL, Pi-Hole, etc. Here are a few packages we use:

• IPSec: pfSense allows for both v1 and v2 IPSec configurations to secure your connections.
• IPS: You can use Snort or Suricata along with Snort packages, even subscribe to commercial packages if you wish. This alone starts making pfSense on par with Cisco.
• Proxy/content filtering: You can install Squid and SquidGuard to act as a proxy and content filter. Yes, it does filter HTTPS, and there's a number of ways you can do it out of the box.

pfSense also reformatted their logs so that they're compliant and standardized. We have our logs shipped to our SIEM and Logstash servers.

While I agree spam filtering is not included or an option with the system, I don't necessarily hold that against the product as there are a number of other services that do it far better than a firewall could. If you use Office 365, Microsoft's implementations are likely to be far superior to what you'll get from a firewall. However, with that said, the one item I wish it included, even if it was a subscription-based service, is the inclusion of an AV and/or threat intelligence. This would elevate the solution well above other alternatives. 

We have not encountered any stability issues and have upgraded to each version over the years. They've really made a rock solid solution.

Extremely high. We tested it on VMs running different configurations from extremely lightweight to overkill. It will run on anything and maintain it's high performance. Obviously the more you give it, the more amazing the solution becomes. 

I had one question, and they got back to me extremely quick. Not only are they knowledgeable about their product, but they're kind and courteous.

Old and outdated infrastructure procured before I joined the company.

Not only was it straightforward, but if you know nothing about firewalls, you can install this. Especially since they recently made their entire guidebook free to use. Not to mention the countless blogs and how to's. Low to intermediate level IT pros should be able to handle this baby.

In-house.

From day one you get a 100% ROI. If all you have is an older server you recently decommissioned, with multiple NICs, I strongly recommend installing this software on it and giving it a shot. Doing that alone will beat out any competitor hands down.

For the cost and what's included, you can't beat it, no way no how. If you're worried about enterprise solutions, the only thing you need to do then is to purchase a support contract, and you have an enterprise solution. You can even purchase hardware from the vendor if you choose.

Cisco, WatchGuard, Sophos, Fortinet, Untangle, Juniper.

I strongly recommend giving pfSense a hard look. I've been in IT for 20+ years, and I've run the gambit on other firewalls. pfSense definitely can hold it's own against any of them.