We just raised a $30M Series A: Read our story
MA
Technical Presales Consultant/ Engineer at a wholesaler/distributor with 10,001+ employees
Real User
Top 5Leaderboard
Provides good security as well as scanning and filtering traffic; web interface could be enhanced

Pros and Cons

  • "A free firewall that is a good network security appliance."
  • "Web interface could be enhanced and more user friendly."

What is our primary use case?

This solution is for my personal use, I've had a hobby of using it for a long time. I use it to protect my home network. Nothing is bulletproof but I'm happy to have a firewall at home scanning the ins and outs of my network so that I have a degree of security.

What is most valuable?

pfSense is a free firewall that you can download and install on your own hardware and establish a VPN for it. If you have remote users who need to connect securely, pfSense can do that. The solution has multiple use cases. It's good for scanning and filtering traffic. It's a good network security appliance which you can install on your own hardware or on their hardware. Some companies will invest in a really big firewall for their main branch, and will install pfSense in remote sites because they don't see the value of buying an expensive firewall for each branch.

What needs improvement?

I'd really love to see the web interface enhanced. It's good but it could be clearer and more straightforward. As a FreeBSD fan, I'd love to see a BSD license code, rather than a GPL license code. I'd also love to see a Sandbox and more security features. pfSense is a mature product, but if you compare it to other products in the market, you realize that pfSense is a little behind. 

For how long have I used the solution?

I've been using this solution for five years. 

What do I think about the stability of the solution?

This solution is stable. 

What do I think about the scalability of the solution?

The solution is scalable, it has the HA options that other firewalls also have. It's a software-defined solution, so you can pretty much put it inside a virtual machine and scale it up. Or you can load balance, or have an HA set up between two pfSense proxies, it's all possible.

How are customer service and technical support?

I don't have contact with technical support. If you have an issue, you can go to the online community and wait for someone to respond. There's no SLAs for that. The only way I would have access to their support is if I actually purchased a Netgate appliance.

Which solution did I use previously and why did I switch?

I've previously used vendor-based firewalls, like Sophos. They have Sophos XG and Sophos XG, UTMs. Those are the firewalls that I have the most expertise with and I also have some experience with Fortinet. pfSense is normally installed on x86 hardware which uses CISC architecture, a complex instruction set that runs on laptops and computers. They generally make calculations much slower than what we call risk architecture. As a result, firewalls with a risk-based architecture or reduced instruction set architecture are preferred because they provide better throughput. That's the case with FortiGate. They are very well known in the market to have the highest IPS throughput and that's one of the major factors for choosing a firewall.

How was the initial setup?

The initial setup is very easy, it takes about 15 minutes. 

What other advice do I have?

I would recommend this solution, it's one of those technologies anyone should at least try out. If you want to protect your home network, and don't want to invest in a firewall, pfSense will do the job. It's good for home use and for small businesses or remote sites of large companies. It's a good strategy because it's generally more critical to invest in defending your main data centers. It's important to choose the hardware wisely, make sure it's compatible. Netgate, the company sponsoring pfSense, manufactures hardware that is really optimized towards it. For small or medium businesses it's not a big deal. But for enterprises, this is important. 

I rate this solution a seven out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
EK
Manager, Operations at SUS-TECH Limited
Real User
Robust but complex and requires quite a bit of technical knowledge

Pros and Cons

  • "The solution is very robust."
  • "The solution requires a lot of administration."

What is our primary use case?

The solution pretty much is our only firewall security at the moment. It handles the integration with our active directory and makes sure that all communications are channeled through a secure network.

What is most valuable?

The solution is very robust.

What needs improvement?

The solution can be complex. It needs a bigger team with more coding skills than what we have at our disposal. With our skillsets, we're facing a lot of limitations. We're a team of four who handles 12 independent companies under a larger umbrella. Our workload is already quite high. We need solutions that lessen it, not enhance it.

The solution requires a lot of administration.

The solution would work better for us if the user interface had some kind of unifying feature that didn't just do firewalls. Sophos, for example, offers so much more. You get one license and you're good to go. Everything's handled from the anti-virus to the network and the traffic and monitoring. Sophos is really user friendly and easy to master. It's easy to get rules put in. pfSense offers none of these things beyond just the firewall capabilities. 

For how long have I used the solution?

We've been using pfSense as of early last year, around about February 2019. It's been just over a year.

What do I think about the scalability of the solution?

We have about 350 people at our organization that this solution covers.

How are customer service and technical support?

Although the solution offers a lot of documentation, has a large knowledge base, and has a support forum, when it comes to actually contacting technical support directly, we didn't have access to that level of attention. Everything, therefore, was really on the team. We had to figure out how to troubleshoot on our own and tried to use documentation to guide us.

Which solution did I use previously and why did I switch?

We originally used this solution way back in 2011. We used it for about 18 months. Then we then migrated on to a system called Kerio Control. We realized that we needed something a little bit more robust than Kerio Control. So we then moved back to pfSense as of last year.

How was the initial setup?

The deployment didn't take too long. I have experience in pfSense, as does my junior. We were able to deploy it within a couple of hours - at least for what we wanted it to do off the bat.

Basically, you need to get all the rules together. We were able to do that within a couple of hours. Obviously, I must say, if we wanted to do a lot more, it would take us quite some time. Unfortunately, we're quite a small team, so we've got quite a lot on our plate and we just honestly did not have the time to get really granular. 

That's the reason why we're moving to something a little bit more user friendly for our size.

What other advice do I have?

We're just users of the product. We're not consultants or resellers.

It's your basic firewall setup. However, when we looked at Sophos, we found that Sophos offered a lot more as it's a fully unified solution and had a firewall, as well as anti-virus and network monitoring capabilities.

This solution really gives us a greater extensive array of modules or features than we would not necessarily see in managing the system as administrators. The solution is quite extensive in that there was a lot of material that we had to read about. It just was not user-friendly for the team. We needed a solution that can handle itself without our intervention.

I'd rate the solution five out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about pfSense. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
554,586 professionals have used our research since 2012.
TS
Principal at a tech services company with 1-10 employees
Real User
Top 5
You plug it in, set it up, and it works

Pros and Cons

  • "What I like about pfSense is that it works well and runs on an inexpensive appliance."
  • "I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner."

What is our primary use case?

I use pfSense to provide firewall and VPN services for small businesses. I have a handful of clients using it now and a new one in the works. 

What is most valuable?

What I like about pfSense is that it works well and runs on an inexpensive appliance. It's a minimal Intel system that has no fan and is all solid-state. It doesn't have a fan because it doesn't do enough to get hot. It's a box about the size of a Discman. I can download the pfSense software at no cost then connect a keyboard, mouse, monitor, and USB flash drive to the appliance. It's built on top of BSD and managed with a web server. And it's effortless to manage.

What needs improvement?

I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner. Unfortunately, it's not ready for pfSense, which is built on BSD, and WireGuard is not yet integrated with BSD. The issue is that pfSense is waiting for BSD to add WireGuard support. Once WireGuard is supported on BSD, you can bet pfSense will adopt it. 

What do I think about the stability of the solution?

I've never had any problems with stability. You plug it in, set it up, and it works.

What do I think about the scalability of the solution?

I know a peer who set up pfSense in a Catholic parish school. It's not thousands of devices, but there are several devices in the parish office, the rectory, and throughout the school, as well as three different VPNs. There's a fourth VPN connection to the IT Director's house, where he manages most of it. So that's four locations with VPNs, and that's the biggest one I know. All you have to do is buy a big enough appliance. You can use the minimum appliance in the rectory, where there's a handful of computers, but you need a step up from that in the school, where there are a lot more computers to connect. And I think even the parish office, which is a handful of people, uses the minimum appliance.

How are customer service and support?

I've never needed support. You can find anything you need to know in the pfSense knowledge base online or in the documentation.

How was the initial setup?

You only need a couple of minutes to install pfSense, then it just sits and works. You boot the USB drive and install it. After that, there's no more management. Any IT professional can easily set it up. Business owners who don't know anything about technology might have a hard time, but the average IT person can do it with no problem. There's good documentation online.

What's my experience with pricing, setup cost, and licensing?

The pfSense software is open source, so you only have to pay $90 a year for support. Of course, I could be wrong on that. It was that much when I looked into it a year ago. It might've gone up or down since then. You can buy the minimum appliance for under $300. It has two ethernet ports, one for your WAN and one for your LAN. 

What other advice do I have?

I rate pfSense 10 out of 10. The appliance is inexpensive, and the software costs nothing. You plug it in and it works.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
DS
CTO, Software Architect, founder at a tech services company with 11-50 employees
Real User
Top 20
Flexible with a straightforward setup and great plugins

Pros and Cons

  • "The initial setup is straightforward."
  • "If you want to take advantage of all of the solution's options, you need to have a bit of a technical background. It's not for a layperson."

What is our primary use case?

We primarily use the solution for security. It's a firewall.

What is most valuable?

The solution is an excellent open-source product. It has a big community around it as well. Out of those few points, you'll come up to a situation whereby you can avoid the vendor lock-in. Since there is a big community, you can count on reliability. There are lots of installations and lots of people who understand how everything works. 

The solution offers excellent flexibility. You can either install pfSense just on a machine, on your local PC, or you can buy an appliance. You can even buy your own hardware and install it on your own. Of course, if you choose that route, you need to have a technical expert on your team. For us, as a software company, that's not a problem.

There are plugins you can add to the product if you want even more useability. You can even add more security functionality.

The initial setup is straightforward.

What needs improvement?

We did have a strange issue with an update at one point, however, that was resolved quickly.

If you want to take advantage of all of the solution's options, you need to have a bit of a technical background. It's not for a layperson.

You do get a good solution for free. However, the trade-off is you need to be technical to really take advantage of it.

The installation could potentially be faster.

For how long have I used the solution?

I haven't been using the solution for very long at this point. It may be somewhere around three to five months. It hasn't been long.

What do I think about the stability of the solution?

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's excellent.

What do I think about the scalability of the solution?

The scalability is excellent. We don't have any issues as far as that is concerned.

Which solution did I use previously and why did I switch?

Prior to pfSense, we used Cisco.

How was the initial setup?

The implementation is not complex. It's very straightforward to initiate. A company should have no problems with the process.

What's my experience with pricing, setup cost, and licensing?

As an open-source solution, it is free to use as you see fit.

Which other solutions did I evaluate?

I didn't evaluate the solution against other more expensive commercial tools.

What other advice do I have?

We are just customers and end-users.

The solution is an open-source platform. We are a software company and we like open-source. Lots of people say open-source means that you need to install it on your own. They will see that as a limitation, however, we see that as the other way around. 

I'd recommend the solution to other organizations and users. It's open-source, it's flexible, and has a strong community. You can use it in many different ways, either in a small installation, laptop, PC, or on a machine, or you can buy an appliance or you can even buy your own hardware and configure it in a different way. The software as such is free and you have a lot of options as to how you want to use it.

I'd rate the solution at a ten out of ten. It's been very good for us

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
ES
IT analyst with 1,001-5,000 employees
Real User
Top 20
Free to use with an easy initial setup and good scalability potential

Pros and Cons

  • "We've found the stability to be very good overall."
  • "The access control aspect of the product could be improved."

What is our primary use case?

We primarily use pfSense as a firewall. It's a DHCP server.

What is most valuable?

The most valuable aspect of the solution is the way it can browse packages on the internet.

The initial setup is very easy.

We've found the stability to be very good overall.

The product can scale if you need it to.

What needs improvement?

The access control aspect of the product could be improved. There should be more control over everything that the user is doing. It should be able to log and report on everything users are doing. 

The product no longer complies with new rules in Brazil. Therefore, we need to move off the solution.

For how long have I used the solution?

I have about five years of experience with the solution. It's been a while since we started using it at our organization.

What do I think about the stability of the solution?

The stability of the product is very good. We haven't had any issues. There aren't bugs or glitches. It doesn't crash or freeze. It's reliable.

What do I think about the scalability of the solution?

We've found the solution to have good scalability. If a company needs to expand, it can do so. That shouldn't be a problem.

We have about 10,000 people using the solution. There is a network manager and about ten people that work directly with the solution.

We won't be increasing usage, however. The Brazilian government recently changed some laws and this product is no longer in compliance. That is one of the reasons we are looking at Palo Alto. We are likely moving away from this solution.

How are customer service and technical support?

While the websites and forums are excellent, we don't have any dealings directly with technical support. Therefore, we can't speak to how they are in terms of their responsiveness or knowledgability. 

Which solution did I use previously and why did I switch?

A long time ago, the company did use a different solution. They switched to pfSense. However, now they are moving away from it as well. 

We're also using Palo Alto, however, right now, it's just in the demo phase. The solution seems to be better at centralization, which is a big selling point. We have three school campuses and we'd like to configure a solution from one central location that would work for all three campuses. With Palo Alto, it looks like we can achieve this.

On top of that, with Palo Alto, there are more user control products. You can log everything that you are doing on the internet with it.

How was the initial setup?

The initial setup of the solution is very easy. It's straightforward. There isn't any complexity. A company shouldn't have any troubles with the setup.

What's my experience with pricing, setup cost, and licensing?

We are using a free version of the solution. We don't need to pay any licensing fees.

What other advice do I have?

We are just customers. We don't have a business relationship with the company.

I would recommend the solution to small companies. If you are a small company, you can use pfSense without any issues due to the fact that it's a free solution.

I would rate the solution seven out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
SM
System Analyst at a tech services company with 11-50 employees
Real User
Top 20
Cost effective, with an easy setup, but not suitable security at the gateway level

Pros and Cons

  • "The initial setup is easy."
  • "As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me."

What is our primary use case?

We primarily use the solution basically for the firewall, UTM content versioning, bandwidth shaping, routing, and IPS.

What is most valuable?

The solution is an open-source product, which makes it very cost-effective.

Overall, it covers all of the requirements our organization has at this time. 

The initial setup is easy.

What needs improvement?

As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me.  

Integration with other products could be improved. It needs log research integrated within it to make it more useful for our purposes.

For how long have I used the solution?

I've been using the solution for three years.

What do I think about the stability of the solution?

The stability is questionable. There are glitches. Since no one is really managing the solution, and no one takes ownership of it, there aren't many fixes that happen on it.

What do I think about the scalability of the solution?

We have about 500 people who are taking advantage of the solution within our organization.

The solution is quite scalable. We looked into scaling and found it would be easy enough to achieve if we decided to go ahead and do so in the future.

How are customer service and technical support?

We've never contacted technical support int he time that we have used the product. I can't speak to any level or service they provide.

Which solution did I use previously and why did I switch?

We did previously use a different solution before switching to pfSense. We originally switched to this solution due to the fact that it was so cost-effective.

How was the initial setup?

The initial setup of the solution is not complex at all. It's quite straightforward. It's also not our primary firewall. We have another solution for that. This operates as our secondary firewall, and we were able to add it rather easily into our security network.

Deployment is very quick. It only took us an hour or so to set up.

Our provider handled the maintenance for us as needed. We don't handle that in house.

What about the implementation team?

We had a few consultants and a list of vendors that assisted us in the process of procurement and implementation.

What's my experience with pricing, setup cost, and licensing?

The solution is open-source and therefore the solution is very cost-effective.

What other advice do I have?

We're just using this solution; we don't have a relationship with the vendor.

In terms of the version of pfSense we are using, we have that basic boss, 1.0 however, that is behind the firewall. The firewall which we were using is UTM1240B.

While we are satisfied with the netting features and the bandwidth controlling and routing, we find cannot expose our entire network to pfSense as there's no underlying ownership fo the product itself. We prefer a hardened firewall.

Due to the fact that it is an open-source solution, no one at an enterprise-level would ever think of putting pfSense at the gateway level or even at the main level. I would definitely recommend pfSense as the second lane of action, just not on a workload.

I'd rate the solution six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
JG
Vice President - Engineering & Delivery at a tech services company with 51-200 employees
Real User
Useful customization, highly scalable, and plenty of features

Pros and Cons

  • "The solution has good customization abilities and plenty of features."
  • "In an upcoming release, the reporting could be more user-friendly. For example, the reporting in graphs and charts for the host can be cumbersome."

What is our primary use case?

We are a small business and we use pfSense as our interface for the WAN. We use it for a Firewall and to ensure that all devices are operating. It provides our basic network routing needs, reporting on usage, such as IDS, and for managing individuals on network devices for controlling bandwidth and destinations.

How has it helped my organization?

Our security in our organization was previously provided by our ISP and since we have been using pfSense it has provided me more abilities to manage my network in a secure way. We have much better controls and security.

What is most valuable?

The solution has good customization abilities and plenty of features.

What needs improvement?

As an IT leader, it would be a benefit to have a mobile application to have certain features, such as mobile application notifications when a new device is added, or the ability to turn off or on firewall policies. Having these simple features would be very convenient and reduce the need to have to log into the console. I can use a web browser on my phone to access the pfSense site but I would prefer to have an application where I can toggle things, such as the policies. Some simple features within a mobile application would be valuable to me. I have evaluated other solutions and have determined this feature does not currently exist. However, Untangle has an application but it was not enough to compel me to change at this point.

In an upcoming release, the reporting could be more user-friendly. For example, the reporting in graphs and charts for the host can be cumbersome.

For how long have I used the solution?

I have been using pfSense for approximately five years.

What do I think about the stability of the solution?

The stability of the solution is very good. My only complaint is when there is a power outage pfSense requires a manual reset.

What do I think about the scalability of the solution?

The scalability of this solution is perfect.

I am the administrator of the solution and the rest of my organization are end-users.

How are customer service and technical support?

I have not needed to contact technical support. I have not had any problems with pfSense.

How was the initial setup?

The initial setup was straightforward. The whole process took approximately eight hours and one hour of that was in front of the computer using the keyboard.

What about the implementation team?

We did the implementation of the solution ourselves.

Which other solutions did I evaluate?

I have evaluated Untangle.

What other advice do I have?

My advice to the IT manager is to do your research, and make sure that pfSense meets your needs. If you are not technical enough, then looking at other solutions. pfSenseis needs a bit more tech-savvy IT manager to manage it. It is a very important business tool for me.

I rate pfSense an eight out of ten.

I rated pfSense an eight because it did everything I wanted it to do which makes it an awesome solution but not a ten because of a few minor shortcomings. However, I recognize it is open-source and it is not going to have everything.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
BH
Systems Administrator at a tech services company with 51-200 employees
Real User
Top 5
A rock-solid, customizable, and free open-source firewall with useful intrusion detection, clustering, and HA features

Pros and Cons

  • "The intrusion detection feature is the most valuable. It is an open-source firewall, so there is a lot of material on it. I also find the open VPN capability very nice. It is pretty customizable. The clustering and the high availability are the two biggest things to be able to get out of a firewall."
  • "Their support could be better in terms of the response time."

What is our primary use case?

It is my main firewall into the data center and VPNs for clients. It sets up my DMZ and does a whole bunch of other stuff. I am using the latest version.

How has it helped my organization?

We wouldn't be able to function without it.

What is most valuable?

The intrusion detection feature is the most valuable. It is an open-source firewall, so there is a lot of material on it. I also find the open VPN capability very nice.

It is pretty customizable. The clustering and the high availability are the two biggest things to be able to get out of a firewall. 

What needs improvement?

Their support could be better in terms of the response time.

What do I think about the stability of the solution?

It has been pretty rock solid.

What do I think about the scalability of the solution?

Its scalability is good. I have got web users and other kinds of users, so there can be five or thousands of users.

How are customer service and technical support?

I paid for some support with them, and it was pretty good. They just could be a little quicker in responding. They have custom level support, so if you got something complicated, they get you up to the upper tiers, but it takes a little bit longer to do that. Once you get there, the support is good. I would rate them an eight out of ten.

Which solution did I use previously and why did I switch?

I used Fortinet previously, and I used Ubiquiti prior to that. We switched partly because of the cost. It also gave me the ability to do the clustering. I can still maintain my VPNs, connections, and other things. I can take down one of the firewalls for maintenance and bring up the other one and not take down my whole user base.

How was the initial setup?

It was not complex. I was able to do it myself, but we had some problems with some of the protocols, and we had to get one of their coders to get in and look at it. Because of that, it was a little complicated to do the high availability stuff.

What about the implementation team?

I did it myself.

What's my experience with pricing, setup cost, and licensing?

I spent a couple of $1,000 on hardware, and the OS was free. A comparable firewall would cost me probably 20 grand. It saved a lot of money.

What other advice do I have?

I would advise others to go for it. I would recommend this solution. It is a good solution. No other solution can beat the price. 

There is so much stuff you can do with it. There are so many features, and I have not even scratched the surface on all of them. If it is something that someone doesn't feel like configuring, you can buy a prebuilt system from them and get support.

I would rate pfSense a nine out of ten because of the cost and flexibility. It has been pretty good.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Categories
Firewalls
Buyer's Guide
Download our free pfSense Report and get advice and tips from experienced pros sharing their opinions.