Netgate pfSense Reviews

We are using pfSense as a personal firewall for our systems and network protection.

The solution is very easy to use and configure.

I have been using pfSense for approximately five years.

The solution is stable.

I am only using the solution for personal use and have not tried to scale it.

I have not been in contact with the technical support because everything has been easy with the solution and there is clear documentation available.

I have used other firewalls, such as Cisco and Netgate.

The initial setup is very simple and the configuration is user-friendly. It took me one day for the whole process.

I did the implementation of pfSense myself. The solution does not require much maintenance, we require sometimes to reboot the system.

I am using the community version of the solution and it is priced well. There is a cost of learning how to use the solution, if it was free it would be better.

A good firewall has to be easy to install, configure, use, and fit the use case. This solution for my usage is very good.

I would recommend this solution to others.

I rate pfSense a nine out of ten.

We are using the solution for a firewall and other operations, such as traffic shaping.

The features I have found best are ease of use, GUI, and performance.

The hotspot and the portal feature in this solution are not stable for WiFi access. We use it at least once or twice every day and it crashes. Some modules can be better by improving detection and having new updates. Additionally, we have some issues with clustering and load balancing that could improve.

In a future release, they could redesign the policies because we need to write inbound and outbound simultaneous policies. They could change it to one policy, such as in FortiGate, Sophos, and Cyberoam. In these firewalls, we add rules in one way, and they add rules automatically. However, in this solution, we need to write every policy manually. 

They can improve in site-to-site tunnels with other devices, such as Cisco or FortiGate. It is not very easy to set up VPNs for site-to-site tunnels.

There have been some problems we have been facing with BGP routing that needs to be improved.

I have been using the solution for approximately two years.

The stability could improve.

Since this solution is software-based it is easy to scale. We can extend the UIs by adding some hardware, such as CPUs and memory discs. We would not be able to match this type of scalability with a hardware-based solution, for example as FortiGate.

This solution is best suited for small to midsize networks. When there is heavy traffic in larger-scale businesses it becomes less reliable.

I have used FortiGate previously and this solution is cheaper and more reliable.

The solution is easy to deploy.

The solution is free. However, you need to pay for support.

I rate pfSense a five out of ten.

It has a very nice web interface, and it is very simple to use. The way policies are working is also good.

I have been using WireGuard VPN because it is a lot faster and more secure than an open VPN. However, in the latest version of pfSense, they have removed this feature, which is one of the main features that I need. They should include this feature.

I have been using this solution for probably ten years. As the head of IT, I have used pfSense for the French infrastructure for around ten years.

It is working fine for me. I never had any problem with this firewall.

I never had to contact their support because everything has been working fine.

I have a lot of experience with pfSense but not much with OPNsense. Both OPNsense and pfSense are very easy, but pfSense is a bit more friendly. pfSense is simple to use with a nice web interface. OPNsense is more tricky.

OPNsense has the remote access functionality, which is the main functionality that I need. OPNsense is very easy to set up and very easy to manage. It is also very fast.

Its initial setup is very easy. 

In France, we have less than five engineers. That's why we try to do everything by ourselves. We chose pfSense because it is user-friendly.

Its price is pretty fair.

If you don't need WireGuard VPN, pfSense is better because it is easier to use than OPNsense. It is a very good platform. Its web administration interface has been working fine.

I would rate pfSense an eight out of ten. A couple of months ago, I would have rated it a ten out of ten because of the WireGuard VPN feature.

We have a client who's got a number of VMs on a single piece of hardware. They needed to have access over a VPN to those VMs from inside their network. We use pfSense to provide the VPN link using the IPsec.

In others, let's say smaller organizations, we will put a Mini ITX system that then connects into their broadband - typically sort of fiber or something like that - and just gives protection. 

The solution also allows us then to manage port forwarding and things like that.

The firewall aspect of the solution is very valuable to us. We had so many limitations with the Dre tech, however, it's the firewall and the port forwarding that is the most interesting due to the fact it allows us to restrict IP addresses and move things from different ports and things like that.

I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good. 

The solution is easy to use in general, for everyone.

The product is very powerful.

It's the type of device that does one thing well. There isn't much I would want to change.

We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up.

The only other thing I might look at would be some sort of antivirus type of aspect to check traffic coming in and out of the network. If they offered unified threat management, that would be an ideal outcome for us.

I have been looking at it as a sort of an appliance, rather than installing it on an actual PC. However, that's for future research first.

pfSense is only a small part of what we do. The majority of our systems are full-blown Linux systems and we use that firewall as a system. It's only recently we've started switching some clients to pfSense where we think we need to have slightly different things. Maybe they haven't got a server and this is just replacing their sort of existing TP-link or router, et cetera.

I've had no issues with stability whatsoever. I'm quite happy letting it run for days, months, weeks, et cetera. We have no requirements to actively manage it. In terms of performance, we just need to go in and make changes as required by the customer. Other than that, it's set and forget. There are no bugs and glitches to navigate. It doesn't crash or freeze.

It's not been extensively used at the moment as we've already got a Linux server in place. If we can justify it for the customer, we tend to use that. That said, we are looking to increase usage of that as it would say it takes some of the work away from me and allows me to farm that out to the staff.

We've never had to use technical support. Therefore, I can't speak to their level of knowledge or how helpful they are. We've always just been able to find the answers we need without their help, and therefore have never really had to use them.

We're still using Linux servers that are running IP tables, et cetera. Prior to that, we were using, something called IPCop. Before that, I can't remember what it was. We've always used sort of Linux old BSD-based solutions for our firewalls. That's just what we've always done.

The initial setup is not overly complex or difficult. It is very straightforward. We connect and we just have got a couple of standard procedures to setup once it's complete. We could probably get one up and running between half an hour to an hour. The deployment is fast and the whole process is pretty seamless at this point.

We did not use any integrator or anything like that. We're offering our client's the installation process as part of our services. I find it very, very straightforward, however, that's due to my previous experience with Linux setups. 

We use the open-source version, which is free to use. 

I say we've always used the community edition as I've never felt a need for support or anything like that and our clients have never insisted on it. I know where to go to look for answers if we run into problems, so paying for that extra support isn't something we need to worry about. 

We are just end-users and customers.

I cannot speak to the exact version we are using. Ours may be slightly out of date. We may not be using the absolute latest version. Version 2.51 is available soon and we'll likely upgrade to that.

It's good for where people have outgrown their existing broadband routers, such as the TP-link, the Dre Tech, and that sort of thing. Often, it doesn't justify putting in a full system. We tend to use a Mini ITX PC, multiple LAN network cards, and then install the opensource version and configure it appropriately.

You need to be slightly more tactical than just plugging in a Dre tech or similar Nokia device. I don't think you need to be incredibly technical to set this up. 

I like it, I'd recommend it to most people to at least give it a try, and to spend a few hours initially to work their way around it.

I'll definitely give it at least a nine out of ten for its general ease of use for me and my staff. It does pretty much everything that we ask of it and the required resources for the hardware are minimal as well.

We use the solution for a Firewall and a VPN.

We have found that this solution is better at keeping our business safe by having improved intrusion prevention than competitors.

I have found the firewall portion for the blocking most valuable.

The VPN feature of the solution could improve by adding better functionality and providing easier configure ability.

I have been using the solution for approximately six months.

The solution is very stable.

I have found the solution to be unlimited when it comes to scalability. The more memory and power you give it, it will use it all.

I found the technical support of the solution to be not very good at all.

I have used Fortinet previously and the installation took a lot less time to install. Additionally, I have also used SonicWall before but I switched to the current solution because it was getting too expensive. 

The initial installation was very difficult, it took approximately one week.

We did the implementation and maintenance of the solution ourselves.

The solution software does not require a license, it is free. The support contract is about $600 dollars. 

I would recommend for other people looking into implementing the solution to read the manual, go on to the videos, verify everything with the tutorials. Make sure you fully comprehend the size of the software.

I rate pfSense a seven out of ten.

We primarily use the solution for security purposes. We use it for a firewall.

The solution is quite stable. The performance is very good.

We've found the solution to be very easy to use. It's user-friendly.

The scalability potential of the product is quite good. 

We like the fact that the product is open-source. It's free to use. There are no costs associated with it.

The solution is very easy to install.

The solution is quite fast.

It does a good job of monitoring our systems.

The solution could always work at being more secure. It's a good idea to continue to work on security features and capabilities in order to ensure they can keep clients safe.

I've been using the solution for a while. It's been about six years or so.

The stability of the solution is very good. There are no bugs or glitches. it doesn't crash or freeze. Its performance is reliable. It's been very good over the years.

The solution scales quite well. If a company needs to expand it, it can do so with relative ease.

We have a few hundred users at this time.

We do have plans to continue to use the product.

We have used technical support in the past. They have always been very helpful and responsive. They are knowledgeable. We have no complaints. We're quite satisfied with their level of service. 

The installation of the solution is not overly complex or difficult. It's easy. It's straightforward. e didn't have any issues with eh implementation process. A company should find the setup very simple. 

The deployment was very fast. It only took a few minutes.

The solution is an open-source product. It's free to use. It's extremely affordable.

I'd rate the solution at a ten out of ten. It's been very good in terms of its overall capabilities.

I would recommend this solution to other companies and users. It's very fast and very easy to use.

I primarily use the solution for monitoring and learning about how to operate a firewall. I also use it for monitoring my home network as well as adblocking.

The solution is 100% free to use.

The product offers a lot of helpful plugins.

The solution is easy to use and has a elaborate GUI.

The initial setup is quite simple and straightforward.

The integration of the plugins into the GUI could be better. It's sometimes hard to find where a setting can be found or how it might interact with other settings. Some documentation is outdate and plugins sometime have no documentation. Information can always be found on the fora but for novice users this can be a challenge.

I've been using the solution for five years or so. It's been a while.

The solution is stable. Since last upgrade there hasn't been a crash, freeze or need for reboort. It's quite reliable.

I've tried to scale the solution previously. I've got two hardware platforms running. I wasn't quite able to run everything I wanted on a small ARM based device. Therefore,  I build my own Super-micro platform based on Intel Denverton.

It's actually easy to scale. It's just moving over most of the configuration: exporting, importing, or even going right into the original XML export file.

There are six users, 3 dozen of devices and a homelab server with VM running behind the solution at this time.

With what I am running now, I haven't had to reach out to technical support. However, an upgrade failed two years ago and I needed to contact technical support to get me the new image for the device. They were very efficient. I was satisfied with the level of support I received.

I've been switching back and forth between pfSense, OPNsense, and Untangle in the last five years or so.

OPNsense and Untangled are more integrated, however, more and more of the plugins are becoming paid offerings. OPNsense misses a plugin that pfSense has, Untangled it's adblocking is easy but not free.

The initial setup is not to complex.

It's good to have the basic information before attempting to set everything up. They've got a wiki with all basic information and there are the fora for questions.

I've got a CCNA certificate and that some comes in handy. For me, it works without any documentation, however, for a complete novice user you probably need some documentation to get you through the process.

Getting everything up and running only took about 30 minutes. You then have a complete firewall solution up-and-running.

There is some maintenance required. You do need to check for updates from time to time, for example. If you install more plugins more maintenance might be required to get everything tuned.

I handled the implementation myself. I have some knowledge about IP routing.

The solution is free to use. There are (currently) no licensing costs.

I'm just a home lab user.

I'd advise those considering the solution for your business to get a service contract.

It works great for someone with enough knowledge and time to get his head around everything. Otherwise, you need to look for a solution that offers support and can work with you on issues. It's nice to try to balance between open-source and support that costs money.

In general, I'd rate the solution at an eight out of ten.

We have solutions from 10 to 5,000 users. One person alone can manage the firewall.

The VPN is my favorite feature. pfSense is very easy to use. The interface and configuration capabilities are great.

The main problem with pfSense is that we have to use proxy solutions. They don't have features like Layer 7 filtration. We can't filter based on applications. For this reason, we need to work with solutions from Cisco like OpenAPPID that help pfSense understand similar applications. For example, if I have to block WhatsApp, I need to use a third-party solution like OpenAPPID to help it understand what WhatsApp is. This capability is not native to pfSense, so I have to use another solution, like an add-on. I think that the proxy is the main problem with pfSense.

pfSense doesn't implement SD-WAN solutions. Competitors have this feature. If pfSense began doing this, it would be a big improvement.

Stability is great. That's a strong point.

Scalability-wise, it's great. Often, we need to research and assess the size of an appliance in order to understand what kind of environment the firewall is going to protect. From here, we have the possibility to do an upgrade depending on the type of model.

There is the option to have a firewall that is entry-level or a firewall that supports a huge internet service provider. We have many solutions that we can apply to our customer's environments, but first, we need to do these assessments in order to help us choose the right appliance. One appliance simply can't be upgraded to cover this entire spectrum of needs or the size of demand. This is why we must perform these special assessments.

Although it's not quite pre-configured, it is ready to use, straight away. It's so easy to put it to work. We had to do some configurations, mainly related to security issues. Configuring rules for monitoring had to be done, but otherwise, it's ready to go, out of the box.

Only one person is required to deploy this solution. 

pfSense is a free solution.

Before deciding to go with this solution, make sure to evaluate the features to ensure that pfSense will cover your needs. pfSense is very strong in some areas, but it has some difficulty in others. It's a good solution, but it all depends on what you expect from the firewall. 

If you need the firewall to implement security in your network, then pfSense is better than the competition in terms of price. It will cover all of your basic needs for far less money than similar products that cost five to ten times more money.

Overall, on a scale from one to ten, I would give pfSense a rating of nine.

We have all sorts of users. We have admins, we have the finance guys, and we have salespeople using it. We created a captive portal for our teams as well as a guest portal. So in general, we are more or less happy.

Right now, I use it not only for intrusion detection but also for ETLs. We are a telephony integrator. We use it for applications and radius, etc. I use it as much more than a firewall. I use it for telephony applications as a certificate authority. 

Well, we do have the versatility of a fully functional firewall at practically no cost impact... So its a good investment for us in terms of the time spent on it... Most of all, we can see where our Internet etc can be well managed from the real time graphs that we see...

It's quite an awesome product with so many good things packed into it. I am happy with the EPLS, the radius, and I am happy with the captive portal. All in all, it's a good product. And considering that I get it for paying nothing, it's really worth the time invested in it.

As I said, the product is fantastic. It could use a little bit of improvement in the reporting — the reporting is virtually non-existent. Something like a reporting module would be a benefit. Otherwise, in terms of the performance, at least for my organization, I don't see much of a problem.

By this, I mean that we cant generate reports of trends etc that could be exported out of PFSense in terms of a PDF etc to see how the firewall is functioning...

Though I must say that the work around for this could be to use the pfsense zabbix plugin and integrate to a Zabbix platform and then use the Zabbix reporting capabilities to get the required reports... Not much of an effort for the technically sound persons but definitely not in the scope of those from a non technical perspective... 

I have been using this solution for roughly 10 months. I started with version 2.4, but about four days ago, I upgraded to version 2.5. It's been a good product so far.

Stability-wise, it's fine. I've only experienced one issue in the last 10 months. But in general, I am happy with it. Scalability-wise, as I said, our organization is just about 10 to 15 people, so we have not had much of a problem. I can't comment on how it would scale up with hundreds of VLANs and tens of thousands of people operating on it. But in general, for a small organization, I think it's very stable.

As we are in SMB, I cant comment on big traffic situations but for a small organization like ours (10 to 20 users) and with various integrations that we need (e.g., OpenVPN, WireGuard, LDAP authentications, Tens of VLANS, Captive portal, DHCP Relay, EAP-TLS, IDS, Adblocks etc.) We are ok with it...

I think the documentation is good enough because I've never had the need to contact technical support. I just use Google to get the information that I need.

We used to use Fortinet in our office in Dubai. But where I am right now, I thought an open-source was the option for me because I'm very involved in open-source projects. It came down to pfSense and OPNsense — the first one we downloaded was pfSense and I stuck by it.

The initial setup was straightforward. I come from the IT industry, so I had no issues. Within 20 minutes, I had it up and running.

I implemented it myself.

Too early to comment... Though all I needed to invest was a small desktop and ofcourse, time and effort to configure it... 

Well, its opensource... So for the tech-minded, its not so difficult but yes, the configuration is understandable for those with good prior firewall knowledge... 

If you can get it working, its great... But yes, thats the first part... Get it working... 

Oncw working, all licenses etc are not a problem as it is opensource... So no restrictions there... so far...

I did use Sophos-XG free but I stick to pfsense as it is free and open source...

I would recommend pfSense for the simple reason that it's open-source and it's free. Anything for free is good. I personally got much more out of it than I expected. I never expected this product to be so worth the time. It's a good product. For my needs at least.

Overall, on a scale from one to ten, I would give this solution a rating of eight. I have not used it for thousands of users, but for our usage, for an SMB organization, I would give it a rating of eight.

We primarily use the solution for security. It's a firewall.

The solution is an excellent open-source product. It has a big community around it as well. Out of those few points, you'll come up to a situation whereby you can avoid the vendor lock-in. Since there is a big community, you can count on reliability. There are lots of installations and lots of people who understand how everything works. 

The solution offers excellent flexibility. You can either install pfSense just on a machine, on your local PC, or you can buy an appliance. You can even buy your own hardware and install it on your own. Of course, if you choose that route, you need to have a technical expert on your team. For us, as a software company, that's not a problem.

There are plugins you can add to the product if you want even more useability. You can even add more security functionality.

The initial setup is straightforward.

We did have a strange issue with an update at one point, however, that was resolved quickly.

If you want to take advantage of all of the solution's options, you need to have a bit of a technical background. It's not for a layperson.

You do get a good solution for free. However, the trade-off is you need to be technical to really take advantage of it.

The installation could potentially be faster.

I haven't been using the solution for very long at this point. It may be somewhere around three to five months. It hasn't been long.

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's excellent.

The scalability is excellent. We don't have any issues as far as that is concerned.

Prior to pfSense, we used Cisco.

The implementation is not complex. It's very straightforward to initiate. A company should have no problems with the process.

As an open-source solution, it is free to use as you see fit.

I didn't evaluate the solution against other more expensive commercial tools.

We are just customers and end-users.

The solution is an open-source platform. We are a software company and we like open-source. Lots of people say open-source means that you need to install it on your own. They will see that as a limitation, however, we see that as the other way around. 

I'd recommend the solution to other organizations and users. It's open-source, it's flexible, and has a strong community. You can use it in many different ways, either in a small installation, laptop, PC, or on a machine, or you can buy an appliance or you can even buy your own hardware and configure it in a different way. The software as such is free and you have a lot of options as to how you want to use it.

I'd rate the solution at a ten out of ten. It's been very good for us