How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
At a custom company with several locations.
We use this solution as our firewall, proxy, IDS, IPS, and VPN.
Our primary uses for this solution are as a network firewall and a VPN Server.
We use pfSense as our firewall.
I had an appliance that died six months ago. Then I didn't want that hardware anymore, so I bought two new servers. A single power supply but dual on a network with three times four network cards. On that, I installed the pfSense (Community Edition). From inside to outside, I have about 15 to 20 node servers and users going outside. From outside to inside, I have only three tech support people, myself and two other ones. With regard to clients using the platform from outside to inside, on the servers inside, I have about 1000.
My primary use case for pfSense is as a firewall. We also use it for intrusion detection, intrusion prevention, website filtering, and quality of service (QoS).
We use this at all of our locations as our edge device, IPSec site-to-site VPN functionality between our offices and our AWS EC2. No matter what is thrown at this, the system handles it like a champ. We have both dedicated hardware and virtualized versions running in our infrastructure. So far we haven't found a reason why we need to spend thousands for an appliance like Cisco ASA when this handles all of our needs.
* We only use our pfSense as a stateful packet inspection firewall. * We have around 10 VLAN interfaces with many allow/block policies, VIPs, and NATs. * Running on VMware as a virtual machine.
* Firewalling * Routing * DHCP * Transparent proxy * DNS cache * VPN, etc.
We have mainly been using for our internet workstations.
In the past, we had different locations in different countries, and in every location, we had the same pfSense firewall. Therefore, the connection between our different locations was good and manageable. However, in the last two years, we have had only one location here in Belgium, thus the performance of the pfSense has been good, and we can manage great with the open ports and the closed ports, but now a firewall has to be a little bit more than just that.