Netgate pfSense Reviews

We deploy the pfSense firewall to our customers' networks.

The solution provides customers with reliability and additional security.

The interface is very good. The configuration options are excellent. All of its capabilities are quite useful. It's more capable than what we need it for. I like having the ability to have additional capabilities compared to others.

pfSense's flexibility is great. I would rate it pretty high based on that.

We immediately witnessed the benefits of pfSense.

The IPS intrusion protection system helps prevent data loss. It works really well. It's a little bit manual process, however, it works really well overall.

pfSense provides high availability to help minimize downtime. They all have built-in high availability, which fails over to another box.

The solution provides visibility that enables users to make data-driven decisions. That said, that's a capability that we really don't need due to how small our customers are.

The visibility in pfSense helps to optimize performance. Just being able to see network traffic and the load on the firewall on the box, or the response times from packets going back and forth is helpful. There is a lot of visibility into network performance.

pfSense does not provide a single pane of glass type of management. That's one of the biggest downfalls. We take care of more than 60 customers, so it would be nice to have the ability to have all of the pfSense boxes that we deploy under one pane of glass so we can manage them centrally. 

I've used the solution for two years. 

I've had no issues with stability; I'd rate it ten out of ten. 

While we do not scale the solution, I can see it being very scalable. 

Technical support is of excellent quality, and they have fast response times. 

Positive

We've never used any alternative to pfSense.

We're buying the machines from Netgate. It's very easy to deploy. I'd rate the ease of implementation as eight out of ten. Even if someone didn't have much experience with pfSense, it would be pretty easy.

It's low maintenance; we may only need to worry about an occasional firmware update. 

I did not use an integrator or consultant during the implementation. I handled the process myself. 

The total cost of ownership is very good. It's low maintenance. Once you get it up and running, you really don't have to touch it. It's very favorable to have the inclusion of firewall, VPN, and router functionalities.

The pricing is excellent. 

We're an end-user.

We use the pfSense Plus version. 

I'd rate pfSense nine out of ten.

New users should be aware that it is more complex than just a consumer-grade product. Users need to be prepared for a lot of features that they might not understand or know how to implement at first. Check your resources in preparation.

I use Netgate pfSense as my office firewall.

I implemented pfSense as a firewall, VPN, and content filtering solution using pfBlocker and configured it to verify HAProxy certificates.

Most of our pfSense deployments are on existing machines with a small amount in the cloud.

pfSense offers excellent flexibility and works well with both physical appliances and virtual machines.

The ease of adding features to pfSense and configuring them depends mainly on the user's experience. I find it extremely easy.

Firewalls and Network Address Translation offer immediate benefits once configured, as they are foundational security measures. Other features, however, require more extensive configuration and testing before their advantages become apparent.

Compared to other firewall solutions, pfSense's interface is user-friendly and straightforward.

pfSense allows us to configure multiple internet connections and firewall rules to minimize downtime.

It provides visibility into our network by capturing and delivering log data, such as Syslog, firewall logs, and other relevant information. This enables us to make informed decisions based on data analysis.

pfSense can help optimize network performance. When using appliances, we can install more than ten gigabit network interface cards and add more as needed, depending on the hardware capabilities. Typically, new appliances come equipped with ten-gigabit network adapters or ports. We can significantly enhance network and server communication speeds by fully utilizing these ten-gigabit connections.

The most valuable features of pfSense are the pfBlocker, HAProxy, NAT, and VPN.

I am unsure if it's feasible, but I have previously utilized a web VPN interface with Cisco Firewalls that allows VPN connections through a website, eliminating the installation of VPN software. Such a feature would be a valuable addition to pfSense. Additionally, an easy method to monitor pfSense within other monitoring software would be beneficial.

I have been using Netgate pfSense for ten years.

We have encountered only minor and infrequent stability issues.

Netgate pfSense is highly scalable.

The quality of the technical support is good, but if we cause an issue, we have to pay for the support hours.

Positive

I have previously used WatchGuard Firebox and OPNsense, but I prefer pfSense for its excellent usability within my company. Other firewalls like WatchGuard and OPNsense are often retained due to customer preference or specific requirements, but most of my deployments utilize Netgate's pfSense.

Deploying a single pfSense box is relatively straightforward. However, the process can become more complex if outdated hardware is used and network cables must be reconfigured. Deployments using Netgate appliances tend to be more straightforward.

We can have the Web GUI up and running in under 30 minutes, and a complete deployment can last up to four hours. One person is required for each deployment.

The pricing is reasonable.

Netgate pfSense offers effective total cost of ownership by combining firewall, VPN, and router functionalities into a single solution.

I would rate Netgate pfSense nine out of ten.

pfSense does not have any built-in features specifically designed to prevent data loss. Instead, we must configure various functions to indirectly protect against data loss, primarily as a preventative measure against unauthorized access to our servers and equipment.

I use both the paid and community versions of pfSense. Most of my appliances use the paid version. In the cloud, some virtual machines come with the free community version.

Maintenance is required to open ports and create VPN users.

We are a reseller. We resell the product to our customers as we are an MSP. We use it for various different verticals, from manufacturing to schools to typical offices. That is mainly the use of this solution.

There are a lot of limitations with competitors like WatchGuard and SonicWall where there are a lot of costs for licenses to utilize their products. We felt that by going to pfSense, we have a little bit more freedom. We can use certain features without having to pay exorbitant costs for licensing. It is better for the small to medium-sized customers.

They are the most flexible, for sure. In my experience, it is quite easy to add features to pfSense and configure them. There is a lot of support from the local community. Because it is an open-community-built platform, there is a lot of support out there. Adding features and configuring them seems to be quite simple from my experience so far.

There is an overall performance increase. The hardware is much more performance-driven. The constant upgrades certainly make it easier to keep up with the evolving environment. The community-driven platform certainly helps to ensure that things are kept current.

pfSense gives us a single pane of glass management. There is a user interface and also the command line. The user interface is very friendly and easy to navigate. The single pane of glass management certainly increases productivity. The ability to look at one single pane of glass, add different widgets, and see things at a glance certainly helps to cut down the time of looking for certain statuses or things like that. It makes things more efficient.

We deal with pfSense Plus in a few cases. It can help minimize downtime. We have not experienced it in any sort of live environment, but I am confident that it would.

pfSense Plus provides visibility that enables us to make data-driven decisions.

It optimizes performance, and in most cases, it affects operations and makes things more efficient. Efficiency means money.

The ability to utilize the features instead of having to pay a license fee for every single thing that you want to use on a firewall is valuable. A lot of other companies give you a firewall out of the box that has very basic functionality, whereas pfSense gives you all the good features, and if you want to have more advanced features, you can pay a fee. You are able to use a lot of the features that you cannot use on other products. That is the best thing.

It is very good from a troubleshooting perspective. Things like logging are very good. We have been using these firewalls with filtering very successfully, and VPN has been very successful on them. We have not had any issues with that.

One thing that stuck out to me was the move to use plastic chassis on the Netgate devices or products. They are moving away from using metal chassis, and I find that the plastic seems to get hotter than the metal. Other than that, they are such great devices. They always seem to have all the cool things and bells and whistles.

One thing I would like to see Netgate do is to have a cloud-based management portal, similar to SonicWall, WatchGuard, Ubiquiti, etc. With all these platforms, you create an account, and you have a way to cloud-manage these products. Currently, one of the challenges that we face is not being able to manage those things from a centralized platform. It has always been one thing I have dreamt of for Netgate. That is the only place where it falls short. Apart from that, they are far superior in building, keeping up with the times, and keeping things current.

It has been probably eight or nine years.

A couple of times we have had some strange issues that have been unexplainable, but overall, it is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

They have been fantastic. I have never had an issue, and it has always been very good. They are a highly intelligent and very resourceful team. I would rate them a ten out of ten.

Positive

We have used everything, such as Cisco, SonicWall, and WatchGuard. You name the flavor. We have used them all, and Netgate is definitely a much better product than those. It also depends on the use cases. 

It has been very straightforward to very complex. We have set up entire data centers run by Netgate devices to small offices using a 2100. We have gone from the most complex to the least complex. We have seen everything in between.

Its deployment is a matter of hours. Our clients are small to medium size. We have about ten people working with pfSense.

It requires general maintenance. We have to keep up with firmware and updates. From a physical perspective, there is no maintenance.

It is very cost-effective. There is 100% ROI.

They are on the higher end, but you do not get stuck with spending thousands of dollars every year. You do not have recurring license costs to have people use a simple feature like VPN. That makes it more cost-effective in the long term. There is a very good price point. No one ever complained, and I have not ever thought that they were overpriced. That is for sure.

If you are looking to deploy a product that is reliable and high-performing and that is going to be cost-effective for yourself or your customer in the long term, you are doing the right thing by looking at Netgate.

I would rate Netgate pfSense a ten out of ten.

We use pfSense for IT security and load balancing the internet traffic across our three lines. We also use a package available in pfSense called pfBlocker that blocks some DNS records. For example, it doesn't allow ads to appear on the website. We have a site-to-site VPN with our different sites. 

The benefits from pfSense were immediate. We tested pfSense on a third-party machine, and soon after, we purchased a Netgate machine. PfSense prevents data loss by blocking malicious sites or apps with pfBlocker and the Suricata package, which acts as an IPS. 

PfSense has multiple WAN ports, helping to reduce downtime. We can set multiple Internet lines. If one line has an issue, we can still access the Internet from the other or communicate with the other sites. We also have a high availability feature with pfSense. For example, if we have two or three pfSense devices, we can have high availability. If one goes down, we can still work with the other one.

The visibility that pfSense has enables us to make data-driven decisions. From the logs, we can see blocked or allowed traffic. We generally see what goes into the firewall and change the rules or configuration. 

From the dashboard, we can see the utilization and how our lines behave during working hours. We can see if we need a higher-performance device, a line upgrade, or a feature.

I like pfBlocker and the ability to install more packages from the pfSense console. It's easy to add features, but you can check the user communities and videos if you encounter any difficulties. You have the flexibility to choose VPNs with WireGuard or OpenVPN and make firewall rules. It's easy to create a group with multiple IPs, hostnames, or areas and create a rule for that group.

You can make your own configurations on every module and create custom packages, which makes it more flexible. The dashboard is customizable, so you can create your dashboard based on what you would like to see and have all the data there on the dashboard. You can start and stop everything on the dashboard. 

PfSense could better utilize the interface and dashboard and include some packages in the built-in solution. For example, pfSense is sharing some other packages. You have to download and configure them within the package manager of pfSense. Some of those important ones, like the IPS and the monitor, could be installed on the solution's image and configured.

I have used pfSense for four years in business and at home.

I didn't notice any performance issues. 

pfSense is scalable.

I rate Netgate support nine out of 10. I have contacted them twice in the last six months, and they responded and resolved my issue quickly. 

Positive

We used UniFi UDM, Hillstone, and OPNsense, which is similar to pfSense.

Deploying pfSense is straightforward. It took about an hour to install and configure. After deployment, the only maintenance required is periodically checking for new updates or security fixes. 

pfSense's price is excellent and similar to its competitors. It has a low total cost of ownership for all these features. 

I rate Netgate pfSense eight out of 10. 

I use pfSense as our primary firewall and router. We use several functions of pfSense, including the OpenVPN capabilities for mobile VPN and pfBlocker for DNS blocklisting. We also use Snort for IPS capabilities. 

The solution helped us secure the perimeter against vulnerabilities. I'm confident in the team's ability to keep things updated and all the security holes patched. It also has security add-ons like IDS, IPS, etc. We realized the benefits immediately.

My favorite thing about pfSense is its overall stability of the product. It's rock solid and low maintenance. I like that aspect. It doesn't cost much, and it's feature-rich, including mobile VPN, pfBlocker, and IPS. You have the flexibility to deploy it as bare metal or VM. 

It's very easy to add features to pfSense and to configure them. The solution's management page offers a single pane of glass view. You can clearly see the various features on the main page, and it isn't difficult to drill down into the other sections for more details. 

I can't say which features Plus provides that the community edition doesn't. I only knew that the Plus edition was the path forward. I was previously on a community edition for many years, but I've been on the Plus edition for at least a couple of years now.

One area of improvement would be better communication. They kind of left a lot of people in the dark and misled them about the pfSense Plus Edition. I feel like they automatically switched people over and then followed that up with a required subscription model. That aggravated a lot of customers, including me, but I stuck with it regardless.

I have used pfSense for nearly a decade.

I rate pfSense 10 out of 10 for reliability. 

pfSense is highly scalable. The only limitation is the hardware you have behind it. As long as you can upgrade your hardware when you scale, pfSense will be able to support it. 

I rate pfSense support nine out of 10. I've typically gotten all the answers I sought when needed. They are highly responsive. I don't think I've ever had to wait more than an hour to get a reply. 

Positive

I wasn't involved in deploying pfSense. I maintain an existing one. For maintenance, you just need to periodically update to the latest version of pfSense Plus and maintain the different rulesets, such as firewall, IPS, and pfBlocker rules. 

The total cost of ownership of pfSense is rather low. After the recent subscription change, it doesn't cost us more than a couple hundred bucks a year. The only other thing I have to pay for is the business Snort license for the IDaaS IPS functionality. 

I rate pfSense nine out of 10. I recommend doing a white box deployment because it's easier on the hardware. I tried pfSense on a Netgate appliance and wasn't impressed with the performance compared to the white box I already had in place. I suggest starting with a spare server you have — Dell, HP, etc. 

I work in IT at a German insurance company, and I studied computer science. I also work in the network sector, so I know a lot about network solutions. I work with VPN solutions, Fortinet, and other products. For me, pfSense is a private home solution for my family. It's not the solution in my company.

I use pfSense as a firewall appliance, and the function is very good. But I think it's for users with more experience. It's not a solution for beginners.

If you are a professional, it's not difficult to add features to pfSense and configure them. But it is difficult if you are not. 

I utilize the core features. I have pfBlockerNG, SquidGuard, OpenSSL, and WireGuard. So, these are the core features I need.

The core benefits are that I can virtualize it with platforms like Proxmox or VMware, and I can buy third-party appliances. And Netgate offers a lot of hardware possibilities.

pfSense offers a lot of things that help to prevent data loss and intrusion, protect telemetry information, and so on. 

pfSense gives a single pane of glass management. But for me, it's not a problem because I have one appliance, but I think if you manage a lot of appliances, it could be better. It's important to be able to centralize management if I have 10 or 20 appliances.

I use pfSense Plus, it's called the "Zero-to-Ping" license [TAC Lite]. It's a very good solution, but it's a bit too expensive for private use. pfSense Plus is very good, but, for example, if I want to add another pfSense appliance for a cluster, it requires two licenses. For private use, if I want two licenses, it's very expensive.

pfSense Plus provides features to minimize downtime. One of the key features is ZFS. It's the file system. ZFS is very important for backups. I can make snapshots, and that is very good to make backups.

I am satisfied with the visibility that is provided by pfSense Plus. It is very good and optimizes performance because the hardware acceleration is very good for IPsec, SSL VPN, OpenSSL, and so on. This is very good support from pfSense.

The best feature is a function called pfBlockerNG. In pfSense, you can whitelist and blacklists for IP addresses or dangerous DNS sites. The top feature is the VPN. It's a very good SD-WAN solution and a very good VPN engine. It supports a lot of VPN techniques; it supports IPsec, SSL VPN, and WireGuard. It's the core feature of pfSense.

The flexibility is very good; we have a lot of possibilities. You can connect it with different WAN connections, whether you have a cable provider or fiber.

The feature list is good. For me, it's more important that we have fewer patches and better stability compared to OPNsense. I think OPNsense is too big. They support a lot of things, but pfSense is better. I think pfSense is better for stability.

The only thing that could be better is the hardware compatibility for LTE devices. This is a bit tricky for me; I wish the hardware compatibility were better for LTE devices.

I wish the FQ_CODEL limiters were improved. They're very good, but the FQ_PIE limiters don't work well. FQ_PIE limiters are important for cable modem connections. In Germany, we have a lot of cable providers for these interfaces, and the FQ_PIE limiters don't work well in pfSense.

I have been using it for eight to ten years. It has been a very long time. pfSense is very popular in Germany.

I use the latest pfSense Plus version.

The stability is very good.

I use it for my family, for maybe 20 or 30 devices. It's not a big environment.  

I utilize the pfSense forum and the community forum, and it's okay for me.

My preference in comparison with OPNsense is pfSense. I think it is better; it is stable.

The difference is that OPNsense has more features, but also has more bugs.

For me, pfSense is stable. It's better for my use case.

The deployment process is very good. For example, I can set up a new appliance and boot directly from a config file. This is very good.

It's very simple. I download new images, and during the boot process, if you make an image, you have a directory. In the directory, you make the config file, and then you can directly boot with the setup. You can boot a finished version. It's a good thing.

I use it on-premises. The on-prem version is very good. The software is good.

Maintenance depends on the features you use. If you have a proxy server with SSL introspection, sometimes it creates a small firewall size. If you have an easy firewall setup, then it's not so complicated. It depends on your environment and feature settings.

I did the deployment myself without the help of third parties or anything like that. It's very simple. I have enough skills because I studied computer science and work in the network sector. It's not a problem for me.

It took me ten minutes to deploy it. 

The ROI is good. pfSense is a very good solution, not only for home use, but also for middle-sized or larger companies.

In comparison with pfSense CE (Community Edition), pfSense Plus is a little bit too expensive. The pricing is a little bit high for private users. 

With the inclusion of the firewall, VPN, and router functionalities, the total cost of ownership of the pfSense Plus solution is very good because pfSense Plus has a lot of features. For the VPN features, it is good for the total cost of ownership.

I can recommend it if you are a professional or if you know what a firewall is.

It is a very good solution for the home sector, for companies, and for larger companies. I would recommend it to a lot of companies.

Overall, I would rate it an eight out of ten. 

I usually use it on premises, and I use it for different purposes. I use it for network security for my infrastructure, and I use it for my web servers and data servers that are on-premises.

My main use cases for Netgate pfSense are proxy servers and IDS/IPS, blocking ads, clearing the network for adware and malware, and monitoring the network flow. 

As an open-source solution, Netgate pfSense is highly flexible because a person with kernel-level or code-level experience can control the firewall as per their requirements, and there are multiple packages and tools readily available to integrate with Netgate pfSense. In the IT industry, most of the tools can be integrated with pfSense.

Adding packages to Netgate pfSense is very easy. I just need to search for the required package and then install and configure it.

Netgate pfSense has a very intuitive dashboard. The information is readily available on the dashboard.

Netgate pfSense has routing facilities that help minimize downtime while having multiple internet connections. If one bandwidth goes down, it automatically diverts to the other. 

Netgate pfSense helps prevent data loss by monitoring data transactions and network protocols, allowing us to block certain amounts of data and implement policies to reduce malware and firewall threats. 

From my perspective, the best feature of Netgate pfSense is the load balancer, as I usually take multiple internet connections. I can use both internet providers' bandwidth as a single network bandwidth, which helps in a very smooth network traffic flow. Netgate pfSense has a very interactive and intuitive dashboard that provides all the major and informative information that is readily available.

Netgate pfSense has positively impacted my organization because when we look at other firewalls or alternatives, they are costly. 

For my requirements and use cases, it is sufficient for me, and I have never faced a need for additional features. AI would always be a plus point, and if pfSense could change its framework from FreeBSD and PHP to a different language and Linux OS, that could enhance security.

I have been providing services for network solutions and network security, and I have been using Netgate pfSense for almost four to five years.

Netgate pfSense is definitely stable; I've multiple sites using it, and they are live right now. I've at least 20 sites operational.

It is a scalable product. I would rate its scalability a seven out of ten.

I have never used the services of Netgate, but I can rate the product itself as a 10 out of 10 because it has been very helpful to me.

Neutral

I have previously used Fortinet and Sophos. The major reason I switched from Fortinet and Sophos to Netgate pfSense was to mitigate the financial aspect, as those alternatives were costing us lakhs.

Deploying Netgate pfSense is very easy because I used to deploy it on my personal hardware. Whatever spare hardware I have, I install it directly on that. Installing and configuring it is very easy for me.

I deploy Netgate pfSense for various companies. There are many startups in India that require a cost-effective solution that allows them to use their hardware and provide basic security. 

Deploying infrastructure for a new company takes me approximately one day, unless there are separate requirements to configure, such as creating usernames and passwords for each user, which may take two to three days.

I do everything in-house by myself. I am the only person involved in the deployment.

I have seen a return on investment with cost savings after implementing Netgate pfSense, as other firewalls would cost me lakhs of rupees while pfSense is free.

Everything we need is covered in the free version of the open-source pfSense. I have never used the licensed version or required certified partner help to implement or deploy anything.

If we are not purchasing any support or incurring any Netgate costs, the total cost of ownership for Netgate pfSense is zero, as it is freely available to download and install, requiring only hardware for deployment.

The cost of other firewalls goes to thousands and lakhs of rupees compared to pfSense, which costs zero. If we opt for Fortinet, it costs about one lakh thirty thousand Indian rupees for the firewall, and then it costs up to almost fifteen to twenty thousand annually for the user subscription. With Netgate pfSense, all those things get covered at zero cost.

I did not evaluate any other options aside from Netgate pfSense because it was the only solution I could find that effectively met my needs. It works for our use cases.

In terms of data-driven decisions, there is a package that can help me understand each and every packet and time. I have not gone through that avenue yet, but it allows us to get all the data for data-driven decisions.

There is a paid feature to increase performance, but there are multiple tweaks available in the advanced settings that can help increase bandwidth or usability based on requirements.

I have not used pfSense Plus on Amazon EC2 VMs because there was no requirement. 

I would rate Netgate pfSense a ten out of ten.

I run a company that is a managed service provider. We supply our clients with products and purchase on their behalf. We install pfSense in their offices or main client offices.

What I like most about the product is that it is simple to use. I use it at home and in other locations. It offers great value for money because there are no licensing issues apart from the support package. I don't have to worry about licenses expiring or the firewall not working. The overall security gain is stable and reliable.

Multi-appliance monitoring and management, like a single pane of glass, would be very nice to have. A centralized management console would help us. There might be improvements to the web UI, which could benefit from a new look. It looks a little dated, although everyone knows where the options are.

I have used the solution for four years.

The solution is stable. I'm happy with the stability, I would rate it a nine. I had some minor issues, like hardware power supply failure after two to three years, but it was rock-solid until it failed.

The solution is pretty much scalable. I would say nine, although I'm not sure why.

I used their support about two times. I don't need much support, as I've managed to fix everything by myself. I would rate it ten because they went above and beyond expectations.

Positive

Sophos was used in some cases. Some clients require products which are used in their other offices.

The initial setup takes about one hour. It is fairly simple and sometimes only takes half an hour, depending on what needs to be done.

We implemented it in-house with one person.

Because we are familiar with the product, the ROI is between ten to twenty percent. We have been saving by having a stable, well-known product.

I estimate it to be between four or five, something like that. I cannot say it is cheap, but it is not expensive either, so let's say three or four.

I usually advise having a solid firewall with a low cost of ownership, which is why I rate it nine. There's room for improvement, as I would love to have more control over the packets. Overall, I would rate the product nine out of ten.