Netgate pfSense Reviews

First of all scalability of this solution. It's an all-in-one solution useful for every kind of company. It's also very easy to set up rules and NAT, and it has several modules like transparent proxy, VPN, and traffic shaping which are the daily modules for me.

pfSense software was designed to be a customizable platform that can be hardware agnostic. This allows the engineer to meet the needs of a project with a device that's got the right I/O and specifications, and then customize the pfSense settings to their needs.
So power consumption and less hardware requirement can save our money!

Compatibility with virtualization system (like VMWare, Proxmox and so on and so forth); in some cases, it can create conflicts with virtualized hardware, and configuration export (sometimes the XML file creates a conflict with the hardware network MAC address).

I've been using it for three years.

• Compatibility with some virtualized system
• Configuration export in some cases
• Sometimes updates can mess up the running configuration

Never had any issues. In fact, I've had a pfSense firewall with the uptime of a year.

No, and it doesn't matter how many rules or not that you have. It can manage different network interfaces (virtual and physical) without a problem.

We never use it, but it has a large community so you can find whatever you need in the pfSense forum.

We never use it, but it has a large community so you can find whatever you need in the pfSense forum.

Previously we've used hardware firewalling solutions like SonicWall, Zyxel and others but they're not powerful like this solution. Also, they are hardware so the cost is much higher than software. I've also used IPtables which is a software Linux solution but it's complicated to setup when you need to manage several rules.

It's easy to setup the solution because there's a wizard that guides you through it, and therefore, you cannot make mistakes. Then, you can configure the different aspects to fit your needs.

We have become experts in this solution. We installed it in our lab and tested the solution. After that we implemented it throughout our company, and then began using the solution with our customers.

We've a strong know how, and we've use this solution with our customers so we can be more competitive than hardware solutions.

It's a software solution, and also open source, so it's cost is zero!

We tested IPCop, Smoothwall, IPTables and others. When we have an OS project, we want to test so we can compare it to our technology, and if it's better, we build it!

Test, test, test and...test! It's powerful but only with testing will you realize what you need.

The easy to use GUI. Less training is required for the newcomers in IT.

Any new hire straight out of school who has network knowledge is able to operate the software without the complication of a CLI.

There were some bugs in the version we used.

We have been using the solution for one year.

We had a stability issue. A handful of times the firewall box froze and needed a power cycle.

We had a scalability issue. The fail over did not work automatically.

Our infrastructure manager tried contacting their support but it was not helpful. Response time was bad as expected for an open source software.

FreeBSD box was an old setup from 1998, so it was time to upgrade without it being costly.

The setup was straightforward.

It's open source so it's free. We did not buy their hardware.

We evaluated Cisco .

If your organization has the budget, go with a paid solution. We've had our days with it and went with a paid solution (another firewall) due to the company growing and we couldn't have any downtime. It would likely cost the company more money with downtime than to purchase a good quality firewall.

Increasing customer satisfaction by not having to ask for license fees any time a new feature is needed. The redundancy and scalability is very nice too.

Most valuable is a 50/50 between no licensing (cough Cisco) and being able to actually repair a firewall instead of replace since pfSense can be loaded to any x86/x64 PC or Server.

The GUI could use more “bells and whistles”. It's got plenty of info for a Sysadmin but some people like shiny things.

Rarely and almost always due to bad configuration or failing hardware.

No, pfSense can be installed on a decommissioned PC or a brand new 4U quad CPU server. If you need better hardware from the first install it's easy to either simply move the drive to the new firewall or backup/restore to new disks.

I've only ever used community-based support and it's very solid with thousands of knowledgeable people on their forums.

NETGEAR or Cisco. Switched because NETGEAR didn’t always offer the functionality and Cisco was very complicated and expensive.

Simple if you just want a firewall up and going to NAT your network. It can be as complex as you need it to be. Just run the install from an ISO and it's like any other out-of-the-box SMB router.

Unless they have specific requirements that demand a particular device, I always suggest pfSense specifically because of the absence of pricing and licensing.

Monowall, Tomato, DD-WRT.

Stop googling and head over to pfSense to download the ISO and get started. It will do almost everything the most expensive Cisco device will.

We use the open source version and we chose the hardware platform.

For pfSense the valuable features are:

• High availability
• VPN (openVPN)
• Easy administration
• Extensibility (by modules)
• Easy backup/restore, independent platform not linked to a commercial vendor

We have been using the solution since version 2.1, which was three years ago.

We did not encounter any issues with stability.

We did not encounter any issues with scalability. It depends on the hardware, not the software.

I can't say. We provide our own support to our customers, as we are Linux, FreeBSD and IP specialists.

We used Watchguard and Endian, but pfSense is the most complete for layer 3 firewalls. We split the roles. We use pfSense only for the layer 3 and other products for proxy and reverse proxy (Diladele, Nginx) so we are not dependent of a constructor and easily update each part.

Setup is easy and done in a few steps.

You pay only the support and the price depends on the hardware not the functionalities.

The pfSense product is very powerful in layer 3 but you must add some products to match a viable commercial product which generally has all the functions integrated in one hardware system (proxy, antivirus, etc.).

For us pfSense is better for layer 3. We use MailCleaner for the mail relay, and Diladele for the web proxy. We like to split the functionalities for security reasons.

Use it to filter traffic and restrict browsing by profiles, use ACLs with Squid.
When using the load balancing functionality the performance is excellent, the best I could have 3 operators at the time.

Among the most valuable features I have found in PFsense are: Easy to deploy and easy to use, traffic graphics are excellent and tools that can be included as squid, snort, squidguard, ntop, pfblogNG, support wonderfully the purpose of generating PFsense.

Easy to deploy and easy to use, although the support of the community in the forums is excellent and there is always a solution

No, in fact I have one more than 4 years ago in production and it works perfect

No

Customer Service:

8

Technical Support:

8

Fortinet, TMG Microsoft, SonicWall, scalability, cost

After istalar pfsense the initial configuration is simple, and works without problems

The implementation was internally, clear before in production were made several laboratories

The power to use old hardware allows an exceptional ROI the investment is little just a few network cards

Of course, the tools he knew and those that are offered in the local market including FORTINET and SONICWALL

It is worth to enter the world of PFsense is rewarding to belong to an open-minded community that does not hesitate to share their experiences and knowledge

• Port routing policies
• Load balancing
• Clustering

We've been able to get call center traffic optimisation over multiple WAN and Point2Point Connections with a failover policy. The call center has different types of traffic (VoIP, Internet, Stream etc.) and every kind of traffic has its own policy. For example VoIP needs to be have high availability & a priority to maintain a non-stop custom service, while that of internet traffic can be lowered in priority and even cut when some WANs are unavailable to prioritize VoIP. I think that having this kind of complex configuration & tunning with a robust open solution, is a good value.

• v0.x for three years
• v1.x for two years
• v2.x for three years

There have been no deployment issues since v0.x.

Yes, sometimes there are issues if there are some complex configurations. When working with load balancing ADSL modems, I've noticed that pfSense "fools" the modem and it becomes unresponsive until it is restarted. This issue doesn't affect pfSense, but it is the root cause of a hung ADSL modem.

No issues encountered.

I've never used them.

I've never used them.

No previous solution was used.

The initial setup is easy. This is because the pfSense setup is like a Windows installation (wizards, choose option, click next etc.) unlike some others.

We implemented it in-house.

pfSense allows us to spread the hours of connection and do the filtering on the pfSense site.

The most valuable feature of this solution is its simplicity.

The integration could be improved.

I have been using this solution for more than ten years.

This is a very stable solution.

This solution is scalable.

The initial setup was easy and took about 50 minutes. 

This is a no-cost solution.

I would rate this solution as eight out of ten because it's a central solution.

I use pfSense for OpenVPN and DNS. 

I like pfSense's security features. 

The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time.

I've been using pfSense for about 10 years.

PfSense is stable.

PfSense is scalable.

It's easy to set up pfSense. But it generally takes two or three days, depending on the environment.

Eight out of 10