Netgate pfSense Reviews

We use Netgate pfSense to deploy to our customers.

Netgate pfSense has a lot of different applications you can use for VPN and multi-way traffic. It's very simple as far as firewall rules and NAT rules go. It's an overall solid application and product. We don't really have too many RMAs, and there are no monthly fees associated with it.

Netgate pfSense is extremely flexible due to the nature of the multi packages that you can use for different VPNs. You can do the same thing in multiple different ways, and it's very handy when you're trying to troubleshoot problems.

You can add packages to pfSense with Snort and pfBlocker to keep hackers out. We've been using pfSense by creating rules that only allow our IP addresses into those devices. That way, they are never open to the outside world, and we've been doing that for almost 20 years.

Netgate pfSense has a high-availability application called CARP that allows you to put two devices in failover mode.

The visibility that pfSense Plus provides helps us optimize performance because that's all in the updates they push out.

We use pfSense Plus on Amazon EC2 VMs, and it's been pretty good and fairly quick in testing.

The solution should provide a single pane of glass and a management console for all devices.

I have been using Netgate pfSense for 20 years.

The solution is fairly stable unless there's an environmental issue.

I rate the solution's stability an eight out of ten.

I rate the solution a nine out of ten for scalability.

We have previously used SonicWall. SonicWall has all the packages prebuilt. With Netgate pfSense, you have to download and install the packages and then configure everything. These include antivirus and anti-spam, which you have to turn on, but they cost money.

It's really just a configuration setup. SonicWall and Netgate pfSense are two very different firewalls. It's very difficult to compare them other than monthly and yearly licensing versus buying at once.

The solution's initial setup is super easy. I've taught several people with little knowledge of how to do it, and it's been very simple to explain and set up.

From start to finish, the solution's deployment can be done by one person in probably an hour.

I think Netgate needs to charge a nominal fee for the actual software so that it gets paid for because a lot of people skirt the licensing and use the community edition. Netgate should charge something nominal like $50 a year for the community edition to deter people from using it for everything.

Depending on the specifics, adding and configuring features to pfSense could take three or four hours for a RADIUS server with a VPN or less than two minutes to set up a NAT rule.

We were embedded with pfSense in 2023. It took us some time after we deployed the solution to see the benefits.

I have 236 devices in production. Some of the cheaper models are more susceptible to power outages, which cause them to fail. However, some of the more robust models are expensive, but they last for many, many years, and there's very little interaction that we have to do with them.

The only maintenance the solution needs is just updates to the device as required.

New users should do some basic research before configuring Netgate pfSense. There's lots of information about the tool on the web, and it's very easy to get the answers to your questions because somebody's already probably run into that issue. There are tutorials on basic configuration on YouTube.

Overall, I rate the solution an eight out of ten.

I use the solution in two ways. I deploy it commercially and I use it in my home lab as well. 

It's very easy to deploy. It's nice when you've used something for a while. You get comfortable with all of the benefits. I know what I'm doing. I'm very familiar with the product.

The addition of packages makes it very customizable. The flexibility is very good. Not all firewalls out there have that. Typically, you are tied into three or four different plugins. pfSense, however, allows you to add more than the standard handful others offer. 

It's easy to add features and configure them.

They do improve it consistently, which makes me want to return to it over and over as a solution. 

It just introduced, with the latest revision, the ability to save your backups incrementally as well as go back and make changes. I can go back to a particular backup, and that's quite useful.

The solution does prevent data loss. You can pick up your configuration files consistently, whether you want to do it daily, monthly, hourly, et cetera.

Users can manage everything under one single pane of glass. 

I also use pfSense Plus. It provides good features that help minimize downtime. The updates come quicker to Plus, which is helpful. It also helps optimize performance. Having the pane of glass offers consistency in terms of finding things. The UI is very intuitive.

Updating some of the packages can be a bit difficult. It's hard to stay on top of them all. There also might be a bit of a lag on updates.

If they could get to something like Meraki, where I could remotely log in and not have to deploy a package to do that, that would be nice to have. 

It would be helpful if they had more documentation. Some online details seem out of date and you have to spend a lot of time going through forums to uncover what everyone else is doing.

I've been using the solution for probably ten years. 

The stability is very good. I'd rate it nine out of ten. 

Most of my clients who are users are under 50 users. I handle mostly SMBs. I'd rate scalability eight out of ten.

Technical support is awesome. I haven't dealt with them a ton, however, every time I do, via email, within an hour, they've responded. 

Positive

I've used Cisco Meraki over the years. It's a bit different. There's also a cost factor. 

I've also tried OPNsense. I didn't like the look of it after using pfSense for so long. 

The initial deployment is straightforward. It's awesome. I always bench test it before deployment. I do it through my office, not on-site, to go through the various variables that could make things go sideways. 

The implementation only takes about a day. I can manage the process by myself. I don't need a team. 

A majority of my deployments are for home users.

There's not a lot of maintenance. You just want to keep packages updated when the time comes. 

I have witnessed an ROI from a remote perspective. I'm able to remote in for some users and fix any problems that way.

The solution is fairly priced. The total cost of ownership is pretty good. They do offer appliances as well and those are quite cost effective. 

I'm a consultant. 

I'd advise new users to learn at home first and play with pfSense just to get used to it. 

I'd rate the solution nine out of ten.

I use the solution in my company since we operate as a managed services provider that provides security solutions to our customers. I was looking for a device that had the required features my customer wanted, and that fit their budget, so Netgate pfSense is a product that clearly fits this space. Our company has started to deploy the tool for our customers.

In terms of the benefits of the tool for my organization, I am not an end user of the product. My customers use the tool, and what they have been able to achieve using Netgate pfSense is that they are better able to control their spending on internet services. Without Netgate pfSense, users can just take up the whole bandwidth from the network and make it difficult for other people to work, but with the bandwidth control feature, including the built-in functionalities in the solution, you can control what individual IP addresses on the network can do, thereby bringing in more control. My customers have even told their other MSPs how they need to increase their bandwidth, whereas what they needed to do was just control what they already had in Netgate pfSense. Controlling the bandwidth has brought savings to my customers, and it also helped them to have a better user experience with the internet services that they were purchasing.

The solution's most valuable feature is that it is a highly configurable tool. The tool has a lot of options, so there is literally nothing you cannot do with it, but you have to know your way around the product.

The problems my company's clients wanted to resolve by implementing Netgate pfSense were that they wanted a provision for enterprise network security, static control over load balancing, and failover. This area is typically the use case for our customers.

If I assess Netgate pfSense's flexibility, I would say that it is a highly configurable tool, which means there are many options. It has a lot of flexibility in terms of configuration. You can write different rule sets for different traffic types and scenarios. On the same firewall, you could have lots of variety in how you want to handle traffic.

If I want to add features to Netgate pfSense, I would say that because the structure is modular, there is an app store where you can download whatever feature sets you want but are not included by default in the tool. The tool also supports many third-party plug-ins. It is possible to add features to the tool.

Netgate pfSense provides a single pane of glass for management with a customizable dashboard. You can customize the dashboard. Any handy modules you want are possible on a dashboard with a single-view window where you can see what is going on, and it is customizable.

The single pane of glass management feature has an impact on operations since it simplifies management because, typically, my company is not on the customers' premises, so we need to have remote access to the firewall. The people who are doing the back-end monitoring have a single view, which makes operations easy because, with one single glance, you can tell if there is a challenge or not in the tool.

Netgate pfSense Plus is what came on the device that my customers purchased by default.

In terms of whether Netgate pfSense Plus helps minimize downtime, I would say that the main difference between Netgate pfSense and Netgate pfSense Plus is the availability of enterprise support. When I have issues or bugs, I have someone to go to and say that something is not working and ask what we can do about it, after which I can get a response. When it comes to Netgate pfSense and Netgate pfSense Plus, the software is almost the same. One of the versions comes with enterprise backing, so I have some support and OEM support instead of relying on the community. I have a proper company I could talk to about any challenges my customers and I may have. The support does help reduce the downtime. I haven't actually had any downtime with the tool on my customers' end. I haven't had any downtime using the tool.

In terms of whether Netgate pfSense provides visibility that enables my company's clients or me to make data-driven decisions if we don't speak of specific use cases, I would say that it is typically a next-generation firewall that does bandwidth control and provides IPS and IDS features. For instance, if my customers wanted to have an idea of how much internet traffic they are using, then Netgate pfSense would give you graphs that you can export and do further analysis. I don't think the tool's use cases are tied to data or data analysis.

I can’t get any area where improvements are needed in the tool off the top of my head. I haven't had any challenges I couldn't resolve between myself and the support. Maybe Netgate needs to see if a medium-level Netgate pfSense Plus can be created for smaller organizations.

Most of what I need is already in the tool. If there is any need associated with it, I will be sure to report it to the support team.

I have been using Netgate pfSense for two and a half years. My company serves as an MSP for Netgate pfSense.

The only area to consider is that sometimes when there is an upgrade, there may be some changes. But when you have uploaded a stable version of the firmware, the operating system, I think it is a very stable tool. I have not had any issues around stability. Stability-wise, I rate the solution a seven out of ten.

I deal with clients in areas such as residential, government organizations, and medium-scale businesses. I have one customer in each category, which includes small, medium, and large businesses.

Normally, when it comes to the size of hardware before you make a purchase, due diligence is required to see that the device would be able to handle the current requirements and have some room for growth. With the solution itself, I don't see the need to discuss questions related to its scalability because that would be a function of the hardware and the size of the network where you are deploying the tool. Typically, if you have a huge network, you need to make sure that you have the equipment that can handle that volume of traffic from the on-site. The scalability aspect is not really a good assessment criterion to use to measure the tool. If I put things into a certain context and say that we have a network that has around 100 people, then you don't put up a device that can manage 100 people. Instead, you need to get a device that can manage 150 to 200 people, and then you can create room for growth. If you don't follow these steps, you will have to change the device after some time.

The solution's technical support team is okay. They respond quickly. I have only had the need to place two support calls in all of my dealings so far, and they were able to figure out my issues and resolve them very quickly. I rate the technical support a seven to eight out of ten.

Positive

In our company, we typically deploy a mix of security products that we prefer. At our organization, we have Sophos, Fortinet, and Netgate pfSense. Sophos, Fortinet, and Netgate pfSense are pretty standard. Netgate pfSense has all of the features that Sophos and Fortinet have, but what is more, it can be used without having to have separate licensing. Netgate pfSense really beats the other tools hands down in terms of price because there are no individual license costs for the features that you want to use. In Sophos, certain features require separate licensing. Netgate pfSense's advantages over other tools in price make it a top choice over the others. In our company, we have some customers who are particular about products, and for such customers, we provide them with what they request. For those who don't mind trying something different, Netgate pfSense is our default choice.

The product's initial setup phase is straightforward. The complexities in the deployment are produced by customers who do not know exactly what they want. Some customers have requirements, and my company needs to sit with them and streamline certain areas. The integration and the configuration are not the challenges associated with the tool.

The solution is deployed on an on-premises model.

Typically, if all the configuration information is available, the tool can be deployed in a maximum of two to three days. One can have the standard installation done. The deployment procedure can be done assuming one day for the configuration and the second day for rack mounting. The process is quick when the customer has all of the information they want configured in hand. For some of them, the tool is typically deployed over a period of a few weeks because they don't know or have not decided how they want to implement a particular feature. Still, it would not be a delay from Netgate pfSense's end but rather a delay from the customer side.

I would not call it a cheap tool, but it is very cost-efficient. I don't see any product that gives you the same functionality within the same price brackets offered by Netgate pfSense. There is hardly any need to go to the open-source firewalls, especially with the ones that are coming back, and there are no enterprise security products in the price range that Netgate pfSense falls under.

If I assess the total cost of ownership of Netgate pfSense, I rate it as an eight or nine out of ten.

I don't use Netgate pfSense Plus on Amazon EC2 VMs, and I haven't had a customer who wanted to deploy the tool on the cloud. Most of them purchase and install their hardware directly from Netgate.

The maintenance of the tool's equipment is done once or twice a year just to blow out some dust and make sure it looks physically okay, which is nothing outside of what the regular network devices require. It doesn't require any special maintenance.

I would recommend Netgate pfSense because it is one of the products that my company markets to our customers.

As I have existing customers that use the solution, they serve as a reference point for my new customer. I tell others that I have deployed Netgate pfSense in a few official organizations, their use, and the problems that it has solved for them. I have case studies to speak about. If someone wants to go for a proof of concept, it is something that is doable.

I rate the tool an eight out of ten.

We use pfSense as the primary firewall for our data center. 

We have a high availability setup, so we have had no downtime. PfSense gives us metrics about how the firewalls perform in terms of CPU, memory, etc., but I don't think it tells us how to address it. If we have an issue, we can always open a support ticket.

I find pfSense easy to use and configure. We have a high-availability pair, so if one has issues, it will failover to the other automatically. Overall, it's been pretty easy to build VPN tunnels and functions like that.

I don't think pfSense is as good about monitoring as it could be. There are logs, but they're kind of hard to get to. You need to send it to a log monitoring system. It's good about monitoring and learning this. You'll get an alert if there's an issue with the firewall itself, but it's not detecting security attacks. 

PfSense has the bare necessities essentially, but it isn't an advanced firewall that protects against layer 7 attacks or DDoS. It's not on the same level as Palo Alto, for instance. You can add some higher-level security features, but it doesn't do that out of the box. Maybe there's another functoin we can add to it, but it feels like it's not catching more advanced attacks.

We've used pfSense for around five years.

The stability has been great. We've rarely had any issues that have caused a failover. When we do, the failover has made it. I don't think we've experienced any real impact from it that caused any product issues. 

While we've added more IP addresses and traffic, there are some limits to its scalability. We've run into this before with graphical issues. We opened a ticket about that, and they said they found a bug that they were looking into. 

I think we're going to get close to reaching a limit with the mid-to-lower-end models at some point. The scalability is good but probably not great.

Their response has been excellent. Sometimes we've opened a ticket, and we've gotten a response back right, other times it took an hour or so. They're responsive now. 

In terms of the quality of their answers, they have been good to great. 

Positive

At previous companies,  I have worked with Cisco and Palo Alto firewalls. Palo Alto is probably a better firewall because it does more blocking. It's also quite a bit more expensive. For what you get, a Netgate pfSense solution is a highly cost-effective firewall.

It was in place when I joined the company, so I wasn't involved in the deployment. It requires some maintenance, like adding new firewall rules or VPN connections. We also upgrade it once or twice a year. 

Including the support costs and the hardware, I think pfSense is reasonably priced. It's very affordable. The total cost of ownership is favorable. We've had a hardware device that lasted over five years, and they're still doing well. We're able to buy at least software support for them.

I rate Netgate pfSense seven out of 10. If you have an enterprise environment, I recommend having two for high availability. Make sure you purchase and keep up with the software support in case there are any issues. Those are the two biggest things that helped us out. 

We have a tiny business that uses pfSense to create a secure VPN between our two locations. 

It's a reliable platform. We also value pfSense's security features because we have to comply with PCI for credit card payments. We need to be confident that we'll have the security. PfSense offers that.

We realized the benefits of pfSense almost immediately. I read about a company using it and thought it would be the most secure thing. It's a bit daunting at first because you have to configure it. However, they create ISP versions, so you can leave those alone and not configure them. This does the whole thing in one box, whereas, with the ISP thing, you have to think about how many different appliances you'll need to make it work.

I like how easy it is to access VPNs and stuff like that. It's so simple to set up a site-to-site VPN. The solution is flexible enough to do just about anything.  It's super easy to configure the features as long as you have the details you need, or you can build out stuff if it lacks what you're after because it has a plugin architecture.

It depends on how you run it, but pfSense can help you prevent data loss. Still, it's more about preventing people from getting in and having the confidence that you won't be compromised. And if you need those extra features, you can always add them and all those things that can monitor what's happening in your website or organization.

The web interface allows you to see bandwidth, how things connect, and much more. PfSense Plus prevents downtime. It has a feature that records everything you do so that if a unit fails, you can swap it out and enter your details, and then it loads your configuration on a new device. PeerSpot Plus provides visibility that enables data-driven decisions. You can set it up to do that if you want it. 

They could always make pfSense slightly more user-friendly and modernize the interface a little. 

I have used pfSense since 2015, so it's been around nine years.

I've never seen pfSense crash.

It's at the scale that I need it, but you can certainly scale it up to the enterprise level if you want to have a better product. It depends on the hardware. 

I rate Netgate support 10 out of 10. I only contacted them once. It was very quick and efficient. I had a sensible solution within five minutes. I couldn't imagine having better support.

Positive

I used some Netgear hardware, but I don't remember the model because it was eight years ago. When I switched to pfSense, I stuck with it because it works reliably. 

Deploying pfSense was pretty easy. I'm an IT guy, so I did it myself. After deployment, you need to do some routine maintenance, like upgrading occasionally and checking your file logs. Apart from that, it does everything for you.

They have a free community version and a paid version. The free version works if you are a home user who needs a fixed cost, but that's not my use case. 

I rate Netgate pfSense 10 out of 10. I can't think of a way to make it better. Before deploying pfSense, prepare your area and your network. Understand your entire network and what you want to do before you start doing anything then follow the documentation. 

I use Netgate pfSense in my home lab and company. I wanted to learn more about networking so I swapped my ISP router with Netgate pfSense.

Netgate pfSense is a flexible solution. Netgate has its appliances but if I want to use pfSense somewhere else, I can install it into a virtual machine or on my hardware.

I would rate the ease of adding features to Netgate pfSense eight out of ten.

Netgate pfSense has improved the traffic visibility of the devices we are monitoring. Netgate pfSense has also taught me a lot about networking because I got to use an enterprise-grade firewall.

pfSense Plus helps minimize downtime thanks to its ZFS snapshotting feature. This means if we misconfigure something, we can quickly restore our system to a previous working state, reducing downtime.

Both pfSense Plus and the community edition provide visibility that enables us to make data-driven decisions.

Netgate pfSense has provided a reduction in downtime of 30 percent thanks to its user-friendly configuration process.

The most valuable features of Netgate pfSense are the ease of use and GUI. 

pfSense's dashboard offers basic monitoring, but it lacks centralized management for multiple PSM devices and a unified event interface for various services. Ideally, I'd like a management interface that can handle multiple PSMs, even if they're in different locations. This interface should provide at least status information and basic management features.

I have been using Netgate pfSense for three years.

I would rate the stability of Netgate pfSense nine out of ten. While I did encounter some issues earlier on, they have all since been resolved. 

Netgate pfSense is scalable. While we haven't used features like the rack-mounted version or maxed out its capabilities, the system is easily scalable. Upgrading to a more powerful model is simple - just export our settings and import them to the new device.

I had to use the technical support twice and they were extremely quick to respond and deal with my issues.

Positive

While I previously switched from UniFi to pfSense for its wider range of features, the gap between them has narrowed somewhat. However, pfSense remains a more enterprise-focused option, allowing for granular control over specific network elements useful in complex environments. UniFi, on the other hand, offers a less detailed view.

While the initial setup was mostly straightforward, some specific configurations proved challenging and lacked intuitiveness. To address these, I consulted YouTube videos and Netgate's documentation.

I would rate the ease of the setup process a seven out of ten.

Installing pfSense took a full day.

I implemented pfSense myself.

pfSense has definitely paid off for me. It's become a rock-solid foundation for my network. Since the memory leak fixes, it's been incredibly stable and requires minimal maintenance.

While pfSense hardware from Netgate might have a higher upfront cost, I've had very little trouble with it. Plus, buying from them directly helps fund the software's development, making it a worthwhile investment in my eyes.

pfSense offers a reasonable total cost of ownership for me. Since I primarily use it at home, I don't need additional features or paid support. However, compared to commercial options like SonicWall, even support costs seem affordable. It's worth noting that advanced features like Suricato or Snort require additional subscriptions for business use, but overall, pfSense remains a cost-effective solution.

I would rate Netgate pfSense nine out of ten.

pfSense handles both my home lab, suitable for a small household, and our company's branch office with roughly 150 on-site users and 50 remote VPN connections. It also facilitates a site-to-site VPN connection between this branch and our main New York office.

pfSense is low-maintenance. While regular updates are important, I typically won't need to perform much additional maintenance beyond occasional logins to check the dashboard and install those updates.

pfSense is a stable and feature-rich firewall, but it lacks  Layer 7 application filtering, which means you can't easily block specific applications. While I haven't personally needed this feature, it's a known gap in pfSense's functionality.

I recommend pfSense overall to others.

The typical use case for Netgate pfSense is VPN connectivity, content blocking, and IDS/IPS. Users typically implement it for these specific purposes.

The best features of Netgate pfSense include its open-source nature, and one of the most appealing aspects is the absence of recurring expenses, as there are no licensing fees. Users get enterprise-class firewall networking with this product.

Customers who use other firewall products such as Sophos or FortiGate often conduct research and choose Netgate pfSense because the yearly expenses of other firewall products are higher compared to pfSense, which has no licensing fee. While there is no yearly licensing fee with this product, users still receive all the enterprise-class firewall features.

The stateful packet inspection feature is enterprise-class, and when compared to other firewall products, it matches their capabilities effectively.

Areas of Netgate pfSense that can be improved include the customers' requests for antivirus protection, which they refer to as Unified Threat Management, available in other products. Unified Threat Management can match up with other brands as well.

I have around one and a half years of experience working with Netgate pfSense.

Netgate pfSense is definitely a scalable solution.

The technical support from Netgate pfSense deserves a rating of 10 on a scale of one to ten, where one is the worst technical support and ten is the best.

Positive

The initial setup of Netgate pfSense is easy because it has a wizard. Users can run the wizard and set up the firewall within five minutes.

Netgate pfSense comes with Netgate appliances, in which pfSense is loaded, ensuring compatibility with different hardware platforms. The solution proves to be stable in operation.

On a scale of 1-10, I rate this solution an 8.

I work for a small business. We have a number of different remote sites, so I use the solution as my primary firewall. I use it as a way for my remote sites to connect back to the main office via VPN.

The VPN features are the most valuable aspects of the solution.

It's pretty flexible. It does everything I need it to do. My use cases are somewhat limited.

I do like how easy it is to restore if you lose a router. I lost a firewall over the weekend at one of my remote sites. As of right now, I'm setting up a new piece of hardware and restoring it. It couldn't be more simple.

There are features in pfSense that help me to prevent data loss. It's relatively easy for me to back up what I need. I've created a pretty simple script that I run on a computer inside of my network that reaches out to all of the different pfSense firewalls that I use. It grabs a config file. And that's pretty simple. It's a script that runs daily. I could probably even run it weekly. It simply reaches out and grabs these things and backs them up. Data loss is not something that I'm really concerned about as long as I have a good backup, which I do, and I check it regularly.

It’s easy to add features to pfSense and to configure them. I don't add a lot to pfSense with regard to the package manager that it comes with. That said, the packages that I do use are easy to install, easy to update, and easy to configure.

I witnessed the benefits of pfSense immediately. I have what I consider an enterprise-class firewall and routing stack at a pretty reasonable price.

pfSense gives you a single pane of glass type of management. You can see pretty much most things inside of the firewall, everything from bandwidth charts to DHCP leases - anything you've set up with regards to DNS. It's got pretty good logging features. I wind up sending most of the Syslog information from pfSense to third-party logging software. That’s why I'm not really using it to peer through logs. However, to do quick checks, I'll use it. The UI is pretty similar to Netgate. It makes a lot of sense.

pfSense provides features that help minimize downtime. The high availability configuration allows me to mitigate downtime. I've worked with their deployment team to set that up and also set up the LAN. Regardless of whether or not I lose a firewall or an Internet connection, my connection to the Internet remains pretty resilient.

The visibility in pfSense helps optimize performance. I'm primarily using it to see how our bandwidth is being utilized. Outside of that, I'm not using pfSense to visualize a ton of data. I offload pfSense data to third-party software that I use to visualize things that are happening on my network. If I just pop in and take a quick glance at what might be going on in my network, it's sufficient.

I'm hard-pressed to think of a needed additional feature. It would be nice to see which packages are officially from pfSense and which are from a third party in the package manager.

I've been using the solution for more than a decade. 

The stability is rock solid. 

I haven't really had to scale my deployment. My deployment was for an in-place network. My network hasn't changed much as I've redeployed the pfSense over the years.

The speed of response is good. It was well within the SLA. 

They were incredibly helpful. They answered follow-up questions in a timely manner. I was very pleased. I have had to use it very minimally. However, I was very pleased with how it worked.

Positive

I may have used something different a decade ago. Since then, I've been using pfSense. We're a small business. I do have some Cisco hardware, however, I'm not using it on my edge network. It's mostly just for switching.

I typically buy the hardware myself for the installation. I have one or two pfSense appliances. One is sitting on a rack as a backup unit in case I need it. I have a couple in the field. At the end of the day, if I'm going to buy the appliance, I get a year or two of CE. I'd much rather just buy the hardware myself and purchase a CE or get a Plus license.

It's incredibly easy to deploy. Even for a new engineer, it would be pretty simple. 

I am in the process of restoring one. It took me 20 minutes to flash the image to a thumb drive, install it on the device, boot the device, restore the configuration backup, and have it up and running. I'm familiar with the hardware that I purchased, and I take and test good backups. That said, the process is incredibly easy. It takes very little time to deploy something that has failed. 

With regard to a new setup, it's impossible for me to answer broadly; however, even then, it's not a long time. It just depends on how sophisticated a given user's network is.

There is very little maintenance outside of updating the software. 

I deployed devices to our remote sites myself. I used Netgate Professional Services to help deploy a high availability stack at our main office, and they were outstanding to work with.

Anybody not using it, at least at the small or medium business level, is crazy. There's a significant return on investment. We're getting a pretty state-of-the-art device that runs OpenVPN and some other VPN software. It's not Cisco. It's not Juniper or any of the others out there. However, I keep my ear to the ground with regard to vulnerabilities generally out there, and it seems like there are far more vulnerabilities that you hear about day-to-day in their competitors than in their software. At the enterprise level, there may be some more sophisticated and purpose-built solutions. That said, pfSense meets all of my needs. I can't imagine it not meeting the needs of anybody in a business my size and slightly bigger or slightly smaller.

The licensing is fair. 

I'm a pfSense customer.

There are two versions of pfSense. The plus version, which is paid, and the community edition, which is free. I primarily use plus.

I'd rate the solution ten out of ten.

I've set up Netgate pfSense for my friend's law practice for his access to VPN after the AT&T service dropped their FortiGate. It was so much easier to use. The VPN and VLAN support I needed that Meraki and AT&T tried to give me was crap. I also use Netgate pfSense at home as my router or office network.

I also have the tool set up for a remote person in Texas for a site-to-site VPN when she needs it to do some work. I've currently got three of them that I use personally and professionally.

I love the solution's flexibility. You can buy their hardware, get support, and use other people's hardware. Netgate is constantly releasing patches and updates, which is nice. There is also tons of free material on the web and on YouTube on how to set it up.

We saw the benefits of Netgate pfSense within weeks of deploying it because it gave me the ability to segment my network quickly. It was pretty straightforward and much easier than some of the competitors out there.

Netgate pfSense gives me a single pane of glass management. It gives me everything I need with regard to the firewall.

Netgate pfSense Plus provides features that help us minimize downtime. The ability to do high availability and failover of LAN links is a nice feature.

The visibility that pfSense Plus provides helps us optimize performance. I can see traffic analysis and tune it a little better.

I'd say the solution's total cost of ownership will replace itself within a year. The stability of being able to download a different package if someone needs it has made my life a lot easier.

Some of the functions are not menu-driven. You have to know to click here, then go over to this setting and click here. 

It would be nice if the solution had a wizard for some of the complex functions. When trying to walk people through something, I have to look at the video or read their document.

I have been using Netgate pfSense for three years.

I haven't had any stability issues with Netgate pfSense. The tool might get bogged down if I add more things. I still reboot mine once a month. Other than that, I haven't had any crashes.

It'd be nice if I could add memory to their appliances to improve their performance. Scalability, to me, is really another hardware device. I haven't seen an option to change the hardware.

The solution's technical support team is very responsive. Regarding the quality of their answers, the support team is excellent and very knowledgeable.

Positive

We had the FortiGate firewall that AT&T was providing, which they discontinued. Unfortunately, their replacement was less compatible than the FortiGate, so we jumped to Netgate pfSense. We were doing managed services at AT&T. I dumped their managed service at my firewall because Netgate pfSense was so easy to use.

Since I've been in IT for years, the solution's initial setup is simple for me. If you have a device that doesn't have a keyboard and you're using a serial console, it's a little bit kludgy on what to do. You can figure it out if you read the documents ahead of time.

Deploying the solution for my home use took me about a day and a half. It was all about design and learning all the functions. Deploying the solution for the business took me about two weeks because I had to figure out all the rules. Software-wise, it was easy, but we had to figure out what the customer wanted.

The solution's pricing is comparable to other products. The basic plan provides the support I need.

Depending on what you're trying to do, adding and configuring features to Netgate pfSense is somewhere in the middle between easy and difficult. Some things are really simple, while others are difficult.

Remembering everything you have to do is challenging because sometimes you have to click somewhere, and then you don't remember where you clicked. So, it'd be nice if everything was better tied together.

I initially started with the free version on third-party hardware, and then they discontinued it, so I just bought the appliance.

I prefer to do manual updates myself, but the solution lets me know if there's an update. I regularly do firmware updates when they are available.

The solution provides great support, articles, and a lot of documents.

New users should document what they want to do upfront and then try to look at all the documents on the Netgate site. My biggest advice would be not to try to do it cold. If you're going to use the VLANs, figure out all that information for your routing. If you don't have a document, you won't be able to implement it very easily.

Overall, I rate the solution a nine out of ten.

I use pfSense as a firewall for a university client with 10,000 to 12,000 users. I'm a consultant to the client, and they haven't introduced the product to their IT team. They are only starting to train themselves and use it to secure their environment from end to end. 

One of the biggest benefits is cost savings. It has reduced operating costs compared to Sophos by more than 50 percent. PfSense Plus helped us minimize downtime. I can configure it for high availability, and the machines are simple and reliable. The Netgear devices work well. They stay up. I built a cluster, and they work seamlessly. 

I like how affordable and flexible pfSense is. I can achieve the protection I need in a flexible manner. I enjoy using pfSense. It's effective and solid.

Two key areas need improvement: the traffic profile and better centralized management. It would be great if we could have a single pane of glass for managing multiple appliances running in different locations. Sophos has much better centralized management, but you're paying an arm and a leg for it.

The management is good, but it's quite basic. If I have multiple instances deployed, I can't manage the information like I would when I use something like Sophos Central to manage multiple devices in different locations. 

The portal is still not well-tuned. There are still issues regarding implementation and its effectiveness. But besides that, everything else is great, from the purchase to implementation, setup, etc. Only the portal needs a lot of work.

I rate pfSense 10 out of 10 for stability.

I rate pfSense 10 out of 10 for scalability. It's highly scalable. 

I have not contacted Netgate support yet, but I've heard that the technical support is excellent. I can't afford it.

We were using Sophos but switched due to the price. I was looking for a more affordable firewall solution, which brought me to pfSense. I sought something to replace our existing device. We needed something to do the same thing I was doing, including firewall, IPS, etc., but that wouldn't cost me as much as Sophos did.

PfSense isn't very easy, but if you know what you're doing and know what you're looking for, you can get it done. It's technical compared to Sophos. It's not difficult. It's just more technical.

PfSense was straightforward. The infrastructure is complex, but the implementation was straightforward for me. Maybe that's because I've had years of experience in IT infrastructure deployment. 

The deployment time depends on the features you want to implement. It took me about a week. The initial setup took less than two hours, but it took me about a week to finish the tune-up. I mostly deployed it by myself. I just looked up online videos from experts and understood what to do next. After deployment, it requires the occasional firmware update. That's it.

I rate pfSense 10 out of 10 for affordability. The company did the price review of Sophos and just took it out of the wall. Most of our clients have recommended Netgate. The total cost of ownership is excellent. It makes a lot of sense for SMEs. I pay a little bit on top. The Netgate infrastructure is much easier to approach. 

I rate Netgate pfSense eight out of 10. I recommend it to others. It's affordable and not that difficult to set up or manage. You need to be certified to use Sophos, but we don't need any specific certifications to own or manage pfSense.