Sold by: Netgate
Deployed on AWS
AWS Free Tier
pfSense Plus software is a leading price-performance edge firewall, router, and VPN solution. Millions of installations used by homes, businesses, government agencies, educational institutions and service providers.
4.6
Overview
Video
Launch pfSense Plus software on AWS
Video
Product video
OVERVIEW pfSense Plus software is a leading price-performance edge firewall, router, and VPN solution. Millions of installations used by homes, businesses, government agencies, educational institutions and service providers.
PRICING Save money with a Private Offer! Contact us at sales@netgate.com or use the Request Private Offer button above. /As of 24.03 - Supports High Availability configurations across both AWS zones and regions, with seamless settings and configuration synchronization ensuring enterprise grade consistent performance. See pfSense Plus on AWS documentation and HA blog at Netgate.com.
No hidden fees for features or functions. No arbitrary licensing fees. No artificial user limitations. Just unparalleled ROI and TCO.
FEATURES Firewall: Stateful packet inspection, GeoIP blocking, Anti-spoofing, Captive portal guest network, Time-based rules, Connection limits, NAT mapping (inbound/outbound)
Router: Policy-based routing, Concurrent IPv4/v6 support, Configurable static routing, IPv6 network prefix translation, IPv6 router advertisements, Multiple IP addresses per interface, PPoE server
Attack Prevention: IDS/IPS, Snort-based packet analyzer, Layer 7 application detection, Multiple rules/sources/categories, Emerging threats database, IP blacklist database, Pre-set rule profiles, Per-interface configuration, False positive alert suppression, Deep packet inspection (DPI), Application blocking
VPN: IPsec, OpenVPN, Wireguard, Site-to-site and remote access VPN, SSL encryption, VPN client for multiple operating systems, L2TP/IPsec for mobile devices, IPv6 support, Split tunneling, Multiple tunnels, VPN tunnel failover, NAT support, Automatic or custom routing, Local user authentication or RADIUS/LDAP
Reverse Proxy and Load Balancing: HTTP and HTTPS proxy, high availability, load balancing, and proxying for TCP, HTTP and HTTPS-based applications.
Network Services: Dynamic DNS, DHCP Server, DNS Forwarding, DNS Filtering
Management: GUI, full suite of configuration, user authentication, system security, resilience/reliability, and system reporting/monitoring features See the full feature list here: https://www.netgate.com/solutions/pfsense-plus/
ABOUT NETGATE Netgate is the company behind the pfSense project and the only official source for pfSense Plus and Community Edition (CE) software. As the primary contributors, our developers work hard to provide the best firewall security technology for your cloud infrastructure.
Highlights
- The leading open-source driven firewall, router, and VPN (OpenVPN/IPsec/WireGuard) solution for network edge and cloud secure networking.
- Millions of installations protecting homes, businesses, governments, educational institutions and service providers.
- Made possible by open source technology. Made into a robust, reliable, dependable product by Netgate.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
FreeBsd 14
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
If you are an AWS Free Tier customer with a free plan, you are eligible to subscribe to this offer. You can use free credits to cover the cost of eligible AWS infrastructure. See AWS Free Tier for more details. If you created an AWS account before July 15th, 2025, and qualify for the Legacy AWS Free Tier, Amazon EC2 charges for Micro instances are free for up to 750 hours per month. See Legacy AWS Free Tier for more details.
Dimension | Cost/hour |
|---|---|
m6i.large Recommended | $0.34 |
t3.micro | $0.12 |
t2.micro | $0.12 |
r4.large | $0.56 |
r4.xlarge | $0.56 |
c5n.large | $0.34 |
m5d.large | $0.34 |
m5.xlarge | $0.45 |
m3.xlarge | $0.45 |
t2.large | $0.12 |
Vendor refund policy
Hourly users may cancel or stop using this service at any time. Annual subscriptions may be cancelled for a full refund within 48 hours of purchase or a prorated refund within 14 days.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
An instance may be managed via ssh or https. Most of the system configurations may only be adjusted via the https interface. To access the instance via ssh: log in as the admin user using the SSH key associated with the instance. E.g. run the command 'ssh -i my_aws_rsa_key admin@instance_host_name'. Substitute the file your private SSH key is stored in for my_aws_rsa_key and the hostname of the instance for instance_host_name. To access the instance via https, use a web browser: Type admin for the account name. The password can be set to a value of your choice when you start the instance by setting a value of the form 'password=your_desired_password' in the "User Data" field of the "Advanced Instance Options" section of the launch screens. If you don't set a password, a random password will be set. The random password can be viewed by choosing Get System Log from the Actions menu for the instance. To set a password during the creation of an instance: On the "Configure Instance Details" screen expand "Advanced Details". Make sure "As text" is selected for "User data". In the "User data" field enter a password of the form 'password=your_desired_password'.
Resources
Vendor resources
Support
Vendor support
Get expert technical support via email, portal, or phone with a four (4) or 24-hour initial response SLA from the Netgate Technical Assistance Center (TAC). Learn more about our support options at
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Netgate
By Palo Alto Networks
By Juniper Networks
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Network Security
Advanced stateful packet inspection with GeoIP blocking, anti-spoofing, and deep packet inspection capabilities
Intrusion Detection
Snort-based packet analyzer with multiple rules, emerging threats database, and IP blacklist detection
VPN Connectivity
Multi-protocol VPN support including IPsec, OpenVPN, and WireGuard with SSL encryption and split tunneling
Network Routing
Concurrent IPv4/IPv6 support with policy-based routing, static routing, and network prefix translation
Attack Prevention
Layer 7 application detection, application blocking, false positive alert suppression, and per-interface security configuration
Network Traffic Inspection
Advanced layer-7 application visibility and control with comprehensive traffic inspection capabilities
Threat Prevention Technology
AI/ML-powered security engine with researcher-grade signatures for detecting known and zero-day threats
Cloud Security Integration
Native integration with AWS infrastructure components including Gateway Load Balancer, Auto Scaling, and Transit VPC
Dynamic Policy Management
Automated policy application using AWS tags, Application IDs, User IDs, geographies, and network zones
Deployment Flexibility
Seamless deployment through EC2 instance creation workflow with cloud-native form factor
Network Security Services
Advanced firewall solution with core firewall, VPN, NAT, and L4-L7 security services
Threat Protection
Intrusion detection and prevention (IPS) with application visibility and control through AppSecure
Cloud Integration
Native integrations with AWS services including Elastic Load Balancer, CloudWatch, Security Hub, and Amazon GuardDuty
Routing Capabilities
Advanced cloud-grade routing with IPsec and full mesh VPN termination services
Protocol-Level Protection
Anti-virus capabilities detecting and blocking malware across POP3, HTTP, SMTP, and FTP protocols
Standard contract
No
No
No
Customer reviews
Jim Voige
High availability routing has secured our network and delivers reliable support every day
Reviewed on Dec 26, 2025
Review provided by PeerSpot
What is our primary use case?
We use Netgate pfSense Plus Firewall_VPN_Router as a high availability BGP solution.
What is most valuable?
My favorite feature about Netgate pfSense Plus Firewall_VPN_Router is the fact that it's open source, so if you go online and look at other people's comments and reviews, you find it's transparent with nothing hidden and no additional charges for software.
Netgate pfSense Plus Firewall_VPN_Router is extremely scalable; we chose the highest end product at that time and have greatly expanded its capabilities. We needed to upgrade the RAM in the firewall, and I found compatible RAM on Newegg, receiving it in just 24 hours. Overall, we've been very happy with it being a Supermicro-based server, which we already use in production.
What needs improvement?
One downside of Netgate pfSense Plus Firewall_VPN_Router is the need for a better understanding of what hardware it would run on. Right now, we're using Netgate's hardware, but I'm interested in knowing if there are other hardware options available, particularly heavier duty hardware, because the Supermicro 1537 version we have only has a single power supply, which is a shortcoming in an IT environment where dual power supplies are ideal.
The pricing for the hardware of Netgate pfSense Plus Firewall_VPN_Router is steep, which is one reason I'd explore other options. I'm familiar with the costs of Supermicro servers, and I believe Netgate charges a premium for their server hardware without enough upside to justify it. The pricing is not justified.
For how long have I used the solution?
I have been using Netgate pfSense Plus Firewall_VPN_Router since 2018.
What do I think about the stability of the solution?
In terms of stability, we've experienced a couple of upgrades that didn't affect functionality, but other smaller issues arose. For the most part, the hardware is rock solid. I haven't faced total failures, which was a significant problem with the Ubiquiti gear that had power supply failures. Overall, the entire Netgate pfSense Plus Firewall_VPN_Router product has been reliable, though some of their smaller gear aimed at remote offices hasn't been cost-effective.
How are customer service and support?
We use their technical support services and have been very happy with their online technical support people.
The support is included, and it comes with a four-hour response time, so it's fairly high-end technical support. The quality of their answers is impressive; the support team is humble and knowledgeable. I've dealt with many customer support professionals over the years, and the support group at Netgate pfSense Plus Firewall_VPN_Router is by far the best. They identify problems quickly and connect you with the right specialist without hesitation, working diligently to resolve issues, even if it takes hours, which is refreshing compared to many tech support experiences I've had.
I give Netgate pfSense Plus Firewall_VPN_Router a 10 out of 10 for support because we have a great deal of confidence that any outage we encounter will be resolved quickly with their help. Overall, I rate Netgate pfSense Plus Firewall_VPN_Router a 10 out of 10; they are an impressive company with interconnected teams, making it easy to get consistent answers from both sales and tech support.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I've used a whole bunch of Ubiquiti gear; we used exclusively Ubiquiti before switching to Netgate pfSense Plus Firewall_VPN_Router.
I prefer Netgate pfSense Plus Firewall_VPN_Router because it provides regular updates and has longevity, meaning I don't worry about it going obsolete. Many IT products have maybe a three-year lifecycle, and once you stop receiving updates for a product, it becomes practically useless. We've faced problems with Ubiquiti gear that has gone obsolete, where updates would trash our system, requiring us to revert to old versions. Netgate is good about ensuring updates won't disrupt my system.
I saw benefits from Netgate pfSense Plus Firewall_VPN_Router after we made the change in 2019, due to power supply issues with our Ubiquiti gear when we couldn't obtain replacements. That prompted our decision to switch to Netgate pfSense Plus Firewall_VPN_Router, as it proved to be a more robust product.
How was the initial setup?
The initial deployment of Netgate pfSense Plus Firewall_VPN_Router was extremely easy thanks to an incredible amount of documentation online, user videos, and a robust user community that quickly helps troubleshoot issues.
The first deployment took about four hours, even though we had a pretty complicated situation, as we were integrating multiple features from the Ubiquiti world into the Netgate pfSense Plus Firewall_VPN_Router setup, which I consider quite fast.
What about the implementation team?
Two people were involved in the initial deployment of Netgate pfSense Plus Firewall_VPN_Router.
What other advice do I have?
We use the Plus version of Netgate pfSense Plus Firewall_VPN_Router, which comes automatically with any Netgate hardware, so really, I'm paying for it once.
We do all our own maintenance on Netgate pfSense Plus Firewall_VPN_Router, reaching back to pfSense only when we encounter issues unfamiliar to our IT people or if it's something highly specialized. Currently, we're using the premium support product for quick callbacks.
My overall rating for Netgate pfSense Plus Firewall_VPN_Router is a 10 out of 10.
RajWurttemberg
Simplified firewall management has reduced costs and improved network visibility for clients
Reviewed on Dec 23, 2025
Review provided by PeerSpot
What is our primary use case?
I use Netgate pfSense for my side gig customers' firewalls, and also for my home firewall.
What is most valuable?
One aspect I appreciate most about Netgate pfSense is that it is easy to administer and very straightforward.
I see the benefits of Netgate pfSense immediately due to cost. It costs significantly less than Ubiquiti, Cisco, or other firewalls out there, and it is just easy to manage, which saves me and my customers money.
The packet inspection feature of Netgate pfSense is valuable; I have had to use it for troubleshooting and it provided the necessary data.
The dashboards for managing network traffic patterns and security threats in Netgate pfSense are simple and give me what I need.
Netgate pfSense's plugin ecosystem is very easy to manage; I simply point and click on the plugin and it installs directly, which is very well done.
The stability of Netgate pfSense is rock solid; I have never had any problems with stability.
The initial deployment of Netgate pfSense is very easy; you install it and it just works on the first try.
What needs improvement?
The downsides of Netgate pfSense include a lack of graphics to show a customer. I would prefer to see a more graphical UI similar to Ubiquiti.
Setting up fault tolerance on Netgate pfSense is difficult to do, and I do not enjoy that part.
For how long have I used the solution?
I have been using Netgate pfSense for approximately 15 years.
What do I think about the stability of the solution?
The stability of Netgate pfSense is rock solid; I have never had any problems with stability.
How are customer service and support?
I have contacted Netgate technical support regarding Netgate pfSense once. I had a hardware failure in one of my Netgate pfSense nodes and they provided an easy fix and got the customer back online quickly.
How would you rate customer service and support?
Negative
How was the initial setup?
The initial deployment of Netgate pfSense is very easy; you install it and it just works on the first try.
For a new technician with no experience with any Netgate pfSense products, it would be easy for them to deploy for the first time because they can reference Google or the Netgate pfSense community web pages.
What about the implementation team?
One person can easily do this.
What was our ROI?
Netgate pfSense costs significantly less than Ubiquiti, Cisco, or other firewalls out there, and it is easy to manage, which saves me and my customers money.
What's my experience with pricing, setup cost, and licensing?
The pricing of Netgate pfSense is incredible; I love the pricing, which is the best part.
Which other solutions did I evaluate?
I prefer Ubiquiti because of the ease in setting up fault tolerance and the user interface on Ubiquiti.
What other advice do I have?
Netgate pfSense requires just a monthly reboot on the firewalls and that is all. I would give them a 10 out of 10 as they are good. I give this product an overall rating of 8.
Juan-Arias
Rapid VPN setup has connected offices in minutes and brings live insights for proactive issue control
Reviewed on Dec 22, 2025
Review provided by PeerSpot
What is our primary use case?
I would use Netgate pfSense both at work and at home, as I really love their interface, the rule management, and their collaboration, especially with FreeBSD. Everything that they have done with the OpenVPN parameters is impressive, and it is basically everything I need. The ease of use is exceptional, and whatever I need to do and change is just two to three clicks away.
What I appreciate the most about Netgate pfSense is the ease and straightforward nature of the platform. I can set up a new office in less than 10 minutes.
What is most valuable?
What I appreciate the most about Netgate pfSense is the ease and straightforward nature of the platform. I can set up a new office in less than 10 minutes.
The benefits of using Netgate pfSense are that I can set up VPNs in less than two to three minutes, and then just deploy the file across my networks, where everybody would be connected in less than an hour.
The dashboards of Netgate pfSense bring all the necessary information that I need at a glance, and it is actually a live update every three to five seconds. It is spotless, and I have been able to catch issues before they hit operations.
What needs improvement?
Something that I do not appreciate about Netgate pfSense and I wish they would change would be the feature limitations. If I have pfSense Plus, I have all of the features, but if I am using my own spin-off server, which I cannot get pfSense Plus with, I do not get all the features, so I have to forcibly buy the hardware to get pfSense Plus.
For how long have I used the solution?
I have been using Netgate pfSense since before they were acquired by Netgate, so it was more than 10 years.
What do I think about the stability of the solution?
Regarding the stability of Netgate pfSense, I have not seen any instability regarding lagging, crashing, or downtime. It all depends on the hardware on my home-brewed pfSenses. If I am using their hardware, it has been spotless with no issues.
What do I think about the scalability of the solution?
The scalability of Netgate pfSense is great, as it can grow with what you need. It all depends on the equipment that you have, and at this moment, I have their highest tier, and I have been able to allocate more than 15,000 users, and it has not even reached 60% of utilization, so I am satisfied with four 10 gig uplinks.
How are customer service and support?
I have contacted customer support of Netgate for all the equipment that I have bought, and it has been hands-on and perfect. I have needed images and I get the images in less than 24 hours when I need to do a special type of format that I do not have access to anymore, and I need to perform a format on it. In less than 24 hours, I would have the latest image which I could then install on the equipment. Hardware-wise, I would get in less than 48 hours the RAM or hard drives that have failed and were under warranty, so no issues on that.
If I were to put the support of Netgate pfSense on a scale from 1 to 10, I would give a score of nine.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have used alternatives to Netgate pfSense, and it would be OpenSense. I just used it for not more than 20 minutes and I said goodbye to it.
How was the initial setup?
The initial deployment of Netgate pfSense will be easy, since I have done it a couple of hundred times.
The deployment of Netgate pfSense goes the following way: the first thing is to just set up my WAN, my LAN, setting up the netmask, subnet, and gateways, and then just opening the NAT and doing all the NAT configurations, which is automatic if you have it set on auto. Then I just create my first firewall rule for an allow-all, and the setup is complete. Then I just need to start doing all the pretty tough magic that might be required, so for my type of setups, everything is less than 30 to 45 minutes. Afterwards, hardening depends on the business case.
What about the implementation team?
All of this setup process of Netgate pfSense can be done by one person; you do not need a team for this. You can do it all alone.
What's my experience with pricing, setup cost, and licensing?
The pricing of Netgate pfSense all depends on the hardware that I need. For a large office, the last appliance that I bought was around $2,000 and it is working perfectly with no issues whatsoever. I have no complaints about it, as my only complaint is when I want to do a home lab or something, and then I need to forcefully buy Netgate products to get pfSense Plus, but besides that, the pricing looks good.
What other advice do I have?
Netgate pfSense requires a little maintenance on my end, as the maintenance part that I only get from them would be their software updates, and that is basically it. After that, everything is on my end: hardening, firewall rules, and all that kind of work. Besides that, it is just their quarterly or twice-a-year updates.
I have not really explored the packet inspection feature of Netgate pfSense that much, so I know I have it; I just have not played around with it right now.
I use the integrated VPN provisioning of Netgate pfSense, and it has not affected my network security setup at all; it has been flawless.
I would rate this product a 10 out of 10.
Askar Parveez
Open source platform provides cost-effective enterprise-class features with efficient support
Reviewed on Aug 18, 2025
Review provided by PeerSpot
What is our primary use case?
The typical use case for Netgate pfSense is VPN connectivity, content blocking, and IDS/IPS. Users typically implement it for these specific purposes.
What is most valuable?
The best features of Netgate pfSense include its open-source nature, and one of the most appealing aspects is the absence of recurring expenses, as there are no licensing fees. Users get enterprise-class firewall networking with this product.
Customers who use other firewall products such as Sophos or FortiGate often conduct research and choose Netgate pfSense because the yearly expenses of other firewall products are higher compared to pfSense, which has no licensing fee. While there is no yearly licensing fee with this product, users still receive all the enterprise-class firewall features.
The stateful packet inspection feature is enterprise-class, and when compared to other firewall products, it matches their capabilities effectively.
What needs improvement?
Areas of Netgate pfSense that can be improved include the customers' requests for antivirus protection, which they refer to as Unified Threat Management, available in other products. Unified Threat Management can match up with other brands as well.
For how long have I used the solution?
I have around one and a half years of experience working with Netgate pfSense.
What do I think about the scalability of the solution?
Netgate pfSense is definitely a scalable solution.
How are customer service and support?
The technical support from Netgate pfSense deserves a rating of 10 on a scale of one to ten, where one is the worst technical support and ten is the best.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup of Netgate pfSense is easy because it has a wizard. Users can run the wizard and set up the firewall within five minutes.
What other advice do I have?
Netgate pfSense comes with Netgate appliances, in which pfSense is loaded, ensuring compatibility with different hardware platforms. The solution proves to be stable in operation.
On a scale of 1-10, I rate this solution an 8.
Information Technology and Services
pfSense - reliable and user friendly.
Reviewed on Aug 05, 2025
Review provided by G2
What do you like best about the product?
The interface is easy to use, well organized, and easy for admins to setup. Their support documentation/forums are well documented and up to date. I think it's secure when integrated with the right platforms and packs cool useful features.
What do you dislike about the product?
The CE edition could have better support, although kept up to date, they can improve on security and some integrations.
What problems is the product solving and how is that benefiting you?
VPN integration and configuration/management, radius and simplifies traffic management.