Netgate pfSense Reviews

We are using the solution for a firewall and other operations, such as traffic shaping.

The features I have found best are ease of use, GUI, and performance.

The hotspot and the portal feature in this solution are not stable for WiFi access. We use it at least once or twice every day and it crashes. Some modules can be better by improving detection and having new updates. Additionally, we have some issues with clustering and load balancing that could improve.

In a future release, they could redesign the policies because we need to write inbound and outbound simultaneous policies. They could change it to one policy, such as in FortiGate, Sophos, and Cyberoam. In these firewalls, we add rules in one way, and they add rules automatically. However, in this solution, we need to write every policy manually. 

They can improve in site-to-site tunnels with other devices, such as Cisco or FortiGate. It is not very easy to set up VPNs for site-to-site tunnels.

There have been some problems we have been facing with BGP routing that needs to be improved.

I have been using the solution for approximately two years.

The stability could improve.

Since this solution is software-based it is easy to scale. We can extend the UIs by adding some hardware, such as CPUs and memory discs. We would not be able to match this type of scalability with a hardware-based solution, for example as FortiGate.

This solution is best suited for small to midsize networks. When there is heavy traffic in larger-scale businesses it becomes less reliable.

I have used FortiGate previously and this solution is cheaper and more reliable.

The solution is easy to deploy.

The solution is free. However, you need to pay for support.

I rate pfSense a five out of ten.

I mostly use basic firewall services like blocking unwanted traffic and I use the geolocation tools to predict where potential attacks could come from. That's the main purpose, to protect our business network using pfSense.

Within our organization, with a single installation, about 500 users are covered.

The flexibility of adding new kinds of services without spending any money can't be beaten. We can compare services like IP blocking, blacklisting and DNS blocking, content filtering, and even deep packet inspection with other larger enterprise firewalls.

The interface is not very shiny and attractive. Most of the people that use pfSense are highly skilled, so they don't even bother to go the extra mile when it comes to configuration or any protection mechanisms. With other firewalls, with just one click or with the assistance of a wizard, the service is already configured. With pfSense, you have to have some time to do your own research regarding how to fine-tune it. If that could be improved, then life would be much easier. This would help any entry-level users to adapt to the platform. 

Netgate, the mother organization that manages the pfSense platform, should offer organized security feeds for its users so that they can avoid configuring multiple types of feeds in multiple locations. That could generate extra revenue for the company, too.

We have been using pfSense for five years.

That's the fun part. It's completely reliable in terms of resources that it needs to run. In terms of stability, once it's configured and properly tuned, it will do its job. Still, with firewalls these days, you can't simply configure and forget — it's not like that. You have to look into it every day or every once in a while and if any new traits or new protection mechanisms need to be built, upgraded, or re-tuned, you have to do that. Otherwise, the platform is rock solid. It doesn't fail.

The expandability and the high availability configuration of the system are good.

With pfSense, we've never had to send an email to a Netgate official support organization. We follow the forum discussion — the community. We'd ask an expert in the community. That's how we deal with any issues.

One of our clients wants to switch from FortiGate to another comparable solution because FortiGate is not stable when it comes to pricing. Over the past three years, they've increased their pricing to almost double. For this reason, our client wants to explore some other options which will be more predictable in terms of costs.

It's definitely complex compared to other firewalls because you have to configure everything, read a lot of documents, and following a lot of formulas and templates. Everyone has to develop their own recipes to work with. There is no proper way forward.

That is another fun part of this solution. There is no license. You don't have to pay anything. It's completely free. The one thing that you can buy is a security feed like an IP feed or a DNS feed. This kind of thing can be easily bought, but if you have the passion and expertise, you can arrange all of these types of feeds for free. It may be slightly different between how frequently those feeds are updated compared to the paid version. Sometimes, it lags behind for 24 hours or 12 hours, but it works.

We are really happy with the system performance, overall, but it depends. For example, right now we have a client who is trying to switch from FortiGate to another solution that is less costly. We recommended and talked with them about pfSense, but despite it being a cheaper and really rock-solid solution with good performance, they were not comfortable using open source. We also offered them Sophos, SonicWall, and Palo Alto — they finally chose SonicWall. I don't know why. It completely depends on the client. 

I would absolutely recommend this solution to others. This is definitely one of the most powerful firewalls for peace of mind. The fact is, as long as you are aware of the challenges that you have to face when implementing and managing the firewall, day-to-day, then this could be the best option for you.

Overall, on a scale from one to ten, I would give this solution a rating of nine.

We use the solution for blocking websites, banking, and malware.

I have found the most valuable features to be antivirus and malware protection.

I have been using the solution for approximately four months.

This solution is good for small businesses but it is not as stable as other competitors such as Fortinet.

We currently have approximately 45 people using the solution.

The support is good when comparing to other solutions.

We have used FortiGate in the past and they tend to be more stable, but lacking in other areas.

The installation was not too complicated. We did have some issues with the port forwarding,  some of the server application were not getting through the firewall but we managed to get it to work.

The whole network deployment took approximately three days.

We are using the open-source version which is free. We are testing the solution to see if we are going to go to the enterprise version which requires a license and is not free.

For those who want to implement this solution I would advise it is great for a small enterprise, it is best to get started without having any harm getting to their networks.

I rate pfSense an eight out of ten.

We are a solution provider and deploy this product for our customers. We also use it in our organization. We use both Cisco and pfSense but for our customers we mainly use Sophos and pfSense. I'm the CEO of our company. 

The solution has assisted us by preventing unwanted access. If the solution is configured properly, then you'll be protected to some degree, although you may also need other products. 

Content protection, content inspection, and the application level firewall are all good features. 

There's always room for improvement. In general terms, for someone who is not familiar with the product I think ease of use could be improved. When you're connecting, the interface is very difficult for an inexperienced user in the sense of setting everything up, as it all has to be set manually. I've also found that the more features you use influences performance and the drop can be drastic when you use advanced features. I want to achieve a certain level of security and at the same time maintain good performance.

The solution is feature rich enough, but one of the things usually outside the UTM system or gateway system is SIEM. It's an advanced system for managing the possibilities and it would be nice to have a kind of interface in the UTM, to enable connectivity with most SIEM systems.

pfSense is rated as one of the good solutions in it's field and stability is good. 

The solution is scalable to a degree but we never use it for big companies. We use it for mid-range companies. Our company has a data center and we have companies that are hooked to our data center. We're doing this on-premise for our customers so if the customer has an on-prem information system, we will implement the firewall and UTM at their location. We have plans to increase use because we have good feedback for the product and we have good experience with it. So we are increasing use of pfSense. Actually we are moving away from Sophos and more towards pfSense.

Technical support is well organized. Most of it is in-house, but in the case there's also a we have access to a second level if necessary. 

We were one of the first companies here making UTMs (before they were known as UTMs). We were the first partner of Cobalt, the first appliance creator. When Cobalt was bought from Sun, we made our first network defender line. It was the first appliance that had a firewall, content inspection, constant protection, intrusion prevention, intrusion detection, antivirus, and mail and web server in one box. Our line was mainly distributed all over the Middle East, Asia, and some parts of Europe. We expanded and worked with companies such as Palo Alto, Cisco, Sophos and pfSense. In some areas pfSense is better than Sophos which didn't make the advances they should have. They now have XG, so they have two totally different products in the same area which is one of the reasons I prefer pfSense.

If you carry out a straightforward setup, then you will have straightforward, basic protection, nothing else. It's more complex if you want other things included. We usually start with some research, carry out a basic setup and make the initial monitoring. From there we make additions based on the results of the complete monitoring. Then it's ongoing monitoring all the time and setting or adjusting to the situation.

For any compnay, ROI can be seen even if they look at the basic possibility of a crypto virus or the like. The savings on that would be at least two days of lost work and the cost would be more than the cost of the whole system plus maintenance. 

Licensing costs depend on company size. pfSense is an open source solution, so there's a charge for support. We offer a first line of support and a second line if required. Payment depends on the contract, because usually it's only covers the firewall. We offer a contract for the network which includes UTM. There's a hardware cost for HP servers and, again, depending on the size of the company, installation cost is about 500-800 Euro. There's an annual maintenance fee included in the networking agreement. 

I recommend this product, it's well-balanced, has a longer history than other solutions so it's not lacking in maturity. There is a lot of online support available via YouTube or blogs but professional support is available if required. I highly recommend taking the support because usually people look at the UTM as something which should be set up in the system and left, but that's not the case with these devices. I strongly suggest making an external agreement with a specialized company to deal with security. Users need to have decent protection, not just protection.

I would rate this solution a nine out of 10. 

We mainly use pfSense at client locations where the client is looking for a free alternative for paid/subscription based Network gateway with enterprise grade features

Being free and open source, we replaced our network gateway with it. Works well on an old Pentium 4 PC with 1 GB of memory. Failover, URL Filtering, Proxy server, traffic monitoring features inbuilt with SNORT IDS/IPS is all we use and have never faced any problem for over 5 years now.

The most valuable feature for our company has been the extensibility of the platform which is great. It's a great solution and I have regularly been supplying it to my clients. 

The user interface could be improved, it's a bit clumsy and clunky.  

I've been using this solution for more than seven years. 

This solution is absolutely stable. With some systems there's a necessity to regularly redo the configurations inside the system. With Pfsense that's not the case. I have no issues with it at all. 

The solution is very scalable. It has a failover feature so it's highly skilled. 

Given that the solution is a free and open source product, it doesn't have any technical support center. We just have the online documentation which is not one of the best, but it's good. 

I previously used a solution from Cyberoam but we had issues with the licensing. That's the reason we mainly stick to Pfsense open source.

The initial setup is a little complex, of intermediate difficulty. It takes about a day. 
In terms of deployment, the entire system has been installed and configured to basically take care of a network of roughly around 35 to 40 computers. We have a dedicated physical machine which has been configured and installed throughout.

My only comment would be to suggest that if you wish to implement the solution read the documentation very carefully. 

I would rate this solution a nine out of 10. 

I use pfSense as a proxy and a firewall to monitor all the traffic to my network. It allows me to shape the traffic and eliminate bottlenecks that cause the network to slow down. You can use pfSense to catch some websites or make the network faster because we have applications connected remotely all over the country. We need to have a network with a reliable speed and no hiccups on the way because all our applications are on-premise, and the entire country goes to the same data center to get information.

I like pfSense's reports and how I can control access to the policies on the firewall.

The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus. For example, pfSense could add templates with firewall policies that a user can customize. I haven't tried to integrate pfSense with Microsoft Active Directory, but in Mozambique, we use many Kaspersky antivirus solutions. If pfSense integrated with these antivirus solutions, everything would be much more stable because most of the companies here have a different kind of security solution. Within a single company, you might find two or three different antivirus suites. So, for example, there could be an open-source solution that you get for free, but you can pay for the support if you want it. So for solutions like that, it would be great.

Companies in Africa have issues with budgeting for IT. An open-source solution like pfSense gives us stability and provides us with good reports. It's amazing. It makes the solution reliable.

I haven't tried yet scaling up pfSense. But my setup is Windows based, and I have some Windows-based applications, so I want it to integrate with the Microsoft Active Directory. I haven't done it yet, but I think it would be good to have that integration.

I contacted pfSense support only once when I was installing it and had only configured one network tab. I had to get in touch with them, and the support was terrific. I was impressed. I can't complain about their support.

I have some experience with Linux distributions, so setting up pfSense was a bit easier for me, and I have been working with security for quite some time. It was fast for me, but part of my team is not used to a Linux environment, so it was tricky for them to implement add-ons to the appliance.

I rate pfSense eight out of 10. I would recommend it for a small business or a startup as a starting point. It's also good for companies that are on a tight budget.

My primary use case for pfSense is as a firewall. We also use it for intrusion detection, intrusion prevention, website filtering, and quality of service (QoS).

My company mainly works in the health and educational domain, schools and universities. I prevent the improper use of content from schools and universities. I defend the medical records for the patients in our hospitals. That is the main use case for me for the firewall.

One of the most valuable features of this solution is that it's almost entirely free and I can do everything with it.

It has everything I need, but the main drawback of pfSense is that it's not user-friendly. I hope to have something to make the interfaces more user-friendly. I would also like to see some documentation that can help with use cases or that has advice and tips. I have found some documentation available but it's usually from an earlier version. If they develop this, pfSense will be the best. The only thing that Fortigate is better than pfSense is that they have 24/7 support. pfSense also needs improvements in the intrusion detection area.

I depend on and use VMware ESXi with vSphere in my deployment, virtualization. pfSense is more stable and reliable if you install it directly on the server, i.e. not being installed as a virtual machine. That makes it very stable.

The scalability is good. You can integrate some nodes of pfSense but it's not very user friendly.

I would be more relieved and more happy to have support. You need to have some people who can help you in any use case.

Lots of reading and trial and error. It's tough for the network engineer, but it is magnificent in performance from my point of view.

We implemented in-house. Not user friendly, but if you want to do anything you can do it with pfSense.

Free. Would purchase for better customer support.

It is completely free.

We also evaluated Fortigate.

I would rate this solution an eight out of ten. I give it this rating because of the rich features available. pfSense is free and I can do everything with it. It works as a firewall for servers also.

We use Netgate pfSense for load balancing. 

The tools' most valuable feature is load balancing. 

Netgate pfSense needs to improve the configuration for a VPN. 

I have been working with the product for three months. 

I rate the product's stability a nine out of ten. 

I rate Netgate pfSense's scalability a seven out of ten. 

I have used online documentation and hence haven't contacted the support yet. 

I rate the tool's deployment a nine out of ten. Its deployment takes only a few hours to complete. 

We did the deployment in-house. 

I use the product's free version. 

I rate the solution a nine out of ten.