I can restrict IP addresses by country, for example, which is very useful. If I don't have business traffic from specific regions of the globe, I can restrict them. I loaded SNORT and started playing with some of the rules and packages.

Overall, I've experienced fewer problems since I started using it at home, so I'm very happy with it. It's very flexible. I think it's extremely flexible.

I can configure as much or as little security as I want. A lot of it comes out of the box and I can fine-tune it toward my needs according to my knowledge, obviously. I think it's pretty flexible, yeah.

Less down time, less denial of service attacks.

I received a great deal of guidance and help from the technical user group, the forums are awesome and the community is outstanding.

Netgate technical support is also very good although it incurs a cost.

The software is easy to use and rather flexible, it is just a matter of getting to know it. 

You can buy the appliance pre-configured, there are many models available, to suit your needs and your budget.

However, you don't need to buy the hardware, which is what I'm really excited about, in other words, you can buy the service on the AWS cloud.

Since I purchased the service, I have not had as many denial of service attacks, it minimizes downtime by reducing the number of computer crashes, so yes, it increases uptime.

The solution is very flexible, you can configure as much or as little security into it as you want, a lot is available right out of the box, you can fine-tune it.

I saw results of using the solution immediately. You can start restricting IP addresses by country right away. That's very useful. It's easy to restrict regions.

Overall, I have experienced fewer problems since using the solution. 

pfSense does provide a configurable dashboard, however, you have to connect to it through a browser. I can see a lot of stats in a single pane that is quite flexible. It does what I need it to do so far, you can add or remove sections.

It doesn't directly minimize downtime, however it does indirectly, by minimizing the number of DDoS attacks. This increases uptime. Since using pfSense, I don't have as many attacks. 

I use pfSense on an Amazon EC2 virtual machine. It works well in the cloud. This implementation optimizes resource utilization because it doesn´t rely on static hardware which quickly reached EOL support, I can grow/re-size easily.

I can take it with me wherever I go - as long as I have a network connection, laptop or cell phone without being tied to hardware.

I'm not knowledgeable enough to suggest new features. The use has been very straightforward. Whatever questions I've had, I've found videos to help me on YouTube, or I've been able to ask the forums.

I've also reached out to technical support and I've received help although there could be more videos or tutorials from Netgate, in addition to third parties who have already implemented it, which is great. 

I have suffered a lot of problems over time but I don't think the problems are related to the hardware or the software. I am convinced that the problems have been related to hacking during configuration.

During the setup process, while experimenting, the device would stop working or the password would suddenly not allow access, requiring re-installation and re-configuration, it was very slow going until I moved to the cloud.

The dashboard is a little bit slow and the reporting isn't always current or immediate but acceptable. I'm not sure I can make data-driven decisions due to insufficient volume. I would need enhanced reporting, statistics, playback. 

I haven't looked at the reports a lot since because you have to access the log files, time is an issue, I use it in a home office environment.

I have been using pfSense on and off since August 2015 when I bought my first device with the pre-loaded operating system. I've been working ON it ever since, on and off.

I suffered a lot of problems but they are not related to the hardware or the software. They were related to hacking that I was subjected to. The device would stop working. The password stop working suddenly. I had to reinstall the whole thing. So it would be very slow going. 100% up time since I went to the cloud. There you have it in a nutshell. 

I'm not tied to the size of the hardware that I'm using. An SGA 2440 is a really nice device for a home office. However, if I should grow into a business, then all I need to do is resize the virtual machine capacity. I don't need to buy a new device and reconfigure it. I can just grow the device that I already have. That might imply a migration but not reconfiguring from scratch.

The support is excellent quality, yet it's expensive. 

They're very quick to rule out things if they're not cutting edge. In other words, if it's not a new device, if the device is near its end of life, they tend to kind of say, "well, you know, no. We don't deal with that anymore." 

My device was still supported, although older. In any case, it was clear that they were not going to give it as much effort as something in its main life cycle. My impression was that it I was summarily brushed off on account of age.

User groups helped me a great deal. Support offers a certain amount for free when you get the subscription in the cloud which I purhased. However, if you have a really big issue, then you have to pay for support. 

Positive

I looked at another Netgate option which also runs in the cloud on AWS. I haven't used/evaluated it. I don't remember the name of it although it looked very interesting. I settled on Netgate because my friends recommended it.

Malicious behavior is something that I've noticed over the years and it is growing.

I sought help and joined a nonprofit organization locally whose charter is to educate people about the dangers of being on the Internet and how to modify their behavior to minimize the risks and protect themselves. 

This solution is very configurable, reliable and approachable open-source software. When I re-nstalled the latest version on my home device, I downloaded it for free, I got an invoice from Netgate for zero dollars. 

Netgate makes money from subscriptions on the cloud or selling the hardware with the installed operating system. However, the operating system is still free. It's still open source. 

The community is wide, and there's a lot of help available. It's relatively cheap if you buy your own hardware and very configurable. 

I can't say that I went into a very exhaustive investigation of other options. When you're ignorant or inexperienced like me, it requires a huge time investment to make the evaluation, I discarded over the counter solutions.

So you try to approach people who have already evaluated a whole bunch of products, and ask them to tell you which one they think is best, most flexible and configurable, NETGATE pfsense was the overall winner.

The initial setup in the cloud is easy and I received good instructions and a fair amount of coaching when I purchased the service. 

The on-premise appliance, which was also pre-configured did not come with instructions, so it was less straight forward. I didn't have a guide. It didn't come with a manual. It was more difficult for me and I struggled a great deal. 

The second time around, I already had seen the operating system its interface, configured it, reset passwords, the whole thing so I was more comfortable with that, received more help and had more documentation available online.

The cloud version was easier since even if I did not have a lot of experience, I had more help. Maybe it's just the perception. While it wasn't difficult for an inexperienced IT person, it might be a little more complicated for a regular user.

Netgate has TOP of the line expertize and customer service.

Not measurable in the USD but considerable in terms of productivity.

It's a little expensive in my region. I really want to buy a device, a hardware device, and have it on-premises. I want my own security gateway appliance at home, my own router to log into, configure and play with. 

However, I don't have that, my SG-2440 just died from a power surge, it's a huge up front investment and it is also more vulnerable in more ways than one.

An average device costs around $500, is vulnerable, can be stolen, damaged by electrical surges, tampered with. 

If I buy the subscription in the cloud, I eliminate the danger of theft and losing my investment, and I can take it wherever I go. I feel more secure with the cloud version, even though I know it's more expensive. 

The cloud lease cost $50 a month at the time I was interviewed, about $120 now, a lot of money for me. However, it has been worth it. I can access all of the resources remotely, manage, configure, upgrade, use at home and on the road.

No, I asked around for recommendations.

I'm just a customer considering a partnership.

I now have a pfSense subscription on AWS, I've installed it on my laptop and mobile devices. I can use it at home and away from home. My cell can share Wi-Fi and extend the benefits to others around me.

I'm considering alternate architectures to split my home office network using an on-premise device here at home. 

That will allow the mobile component on the  AWS Cloud for my cell and my laptop if I travel, since the OpenVPN is installed on them, as well as the ethernet connection from the home appliance for wired access to repeater, TV, laptop. 

It doesn't matter if it's Ethernet or Wi-Fi everything will be covered. 

Overall the product rating is nine out of ten.

I have at least two pfSense routers at home in my home lab, serving my house. Additionally, we use it in my company. We have our satellite office in LA, and we use it as the main router. The use cases involve a router, firewall, and DHCP server.

I was able to see pfSense's benefits immediately because I used it as a learning tool too. From the very beginning, I was able to inspect traffic and see what was happening on my network. That was pretty useful.

pfSense is flexible. I like it. I can install it on different hardware. I can virtualize it if I want.

It is pretty easy to add features to pfSense and configure them. If something is supported by Netgate and it is in their package manager, it is pretty easy, and if it is not, I would not want to add it. I would not be confident enough to put it on my firewall.

pfSense has not directly helped to prevent data loss, but it helps indirectly by protecting the network and not letting in malicious things.

pfSense Plus provides features that help us minimize downtime. Preventive notifications and ZFS snapshots are helpful features. 

pfSense Plus helps to make data-driven decisions to some extent such as which device is using the most bandwidth. The visibility that pfSense Plus provides helps us optimize performance.

The Tailscale integration is very helpful. The DHCP and DNS server functionalities, as well as the package manager, are also good. 

I am using its paid version. I am paying at home for the Plus version, but I wish they would pay attention to the community version. I know there is less incentive for Netgate to develop the community version, but it would be cool to have that.

pfSense does not give us a single pane of glass management. I know that they are coming out with that as a beta or alpha feature, but it is not there yet.

I have experienced only hardware-related issues with Netgate. They are not related to pfSense as a software. I purchased a Netgate firewall, an SG-4100, which is a $600 device, intending to make it a solid piece of my home lab and support the project. It died in one and a half years. I do not see the value in buying their hardware, as their customer support was not friendly or helpful. Eventually, I bought pfSense Plus, which allows using a roughly $200 device that offers part-swapping to keep the device alive or even buying two of them. The pfSense Plus subscription is roughly the same value.

Support for third-party hardware is less documented, not being their preferred option. For most things, it is pretty solid. Other firewalls such as SonicWall offer more protection features such as deep packet inspection. I know that is possible with Snort or Suricata. That is one thing that could differentiate open-source firewalls from the main players. 

Another suggestion is automatic updates to reduce maintenance for smaller setups.

I have used Netgate pfSense for roughly three to four years.

Since they fixed the DHCP issues, it has been pretty stable.

Scalability has never been an issue. I have not dealt with more than 10 gigabit traffic, so I have not experienced any problems.

They answer promptly. However, I do not feel valued when I pay about $150 a year, and they only include certain things for people without the Netgate hardware. They had some general first-time setup features but nothing that actually caused problems. For instance, when I imported my previous configuration to my new hardware, it was not covered. So, even if advertised similarly, it is not the same if I do not own the Netgate hardware.

Neutral

At work, in our main office, we use SonicWall. I also use UniFi Firewalls, ranging from smaller to larger ones, and actively manage two or three of them.

As compared to SonicWall, the user interface of pfSense is much easier to handle. It is also faster even though our SonicWall is a much beefier device. pfSense is more well-organized compared to SonicWall.

With their own devices, it was pretty easy. With third-party hardware, it was a little more difficult because certain devices are not as compatible. It is easier if people double-check compatibility, but in general, it is pretty easy.

It requires maintenance from me. I have to update packages and make sure that everything is running properly and the hardware is fine.

It is a one-person task. If you have the specifications and knowledge of what network segments and VLANs need to be set up, it can be managed by one person.

It is on the higher side. If you want to purchase pfSense Plus alone, the cost is roughly $150 a year, but the value provided justifies the expense. However, a lower-end tier option, around $100, would be beneficial.

With the inclusion of firewall, VPN, and router functionalities, for a business, pfSense makes much more sense. I was comparing different solutions and our SonicWall costs way more when we include VPN and other small features.

If installing on your own hardware, you should definitely research compatibility with FreeBSD, and use ZFS, which I believe is the default now. This allows rollback capabilities. It is important to read what is included in the pfSense support package before contacting support, as you might not get answers, and it might be easier to go directly to the forums.

I would rate pfSense a nine out of ten.

I typically use it as an edge firewall.

pfSense is easy to configure. The features I have configured are firewall rules and dynamic routing through FRR. These advanced features are straightforward to configure, and the documentation, if needed, makes things even easier. 

We are using pfSense Plus. It helps us minimize downtime. There is high availability built into the software. I can deploy two pfSense firewalls, configure them correctly, and they can back up each other in case one of them fails. It is a fantastic free feature integrated into the product, and I utilize it constantly.

pfSense has been somewhat beneficial in helping to prevent data loss. We were able to see its benefits immediately after the deployment.

I find the overall amount of configuration flexibility to be valuable. 

It is fairly maintenance-free. That is one of the strengths of the product. It has no frills and is extremely easy and painless to use. It does not cause any trouble.

Another strength of pfSense is that the documentation is very digestible and easy to understand.

One of the features I know they are working on and would like to see improved is the single pane of glass. They have a beta feature available right now that is good, but I would like to see that more developed and made available to customers sooner rather than later. It is currently very basic. When dealing with a fleet of pfSense firewalls, considering them individually is not the most efficient use of time. 

It does not provide visibility to make data-driven decisions. I cannot derive any analytics or information from the pfSense GUI or software to make data-driven decisions. The visibility that pfSense Plus provides does not help us optimize performance. I want more information and context around the data passing through my firewall to make data-driven decisions. I have used other vendor firewalls that provide some capability to show the traffic or bandwidth passed within the last hour, directly within the firewall software. I need a way to generate a report that I can deliver to my C-suite, allowing us to discuss and determine the best path forward. Currently, you deploy it, and it performs as expected, but there are no analytics or reporting capabilities to extract information from the firewall, generate a report, and engage stakeholders in discussions about network connectivity issues, concerns, or upgrades.

I have used Netgate pfSense for more than five years.

I would rate the stability of the product a nine out of ten.

When assessing scalability, I would probably give it a seven out of ten.

I have interacted with their customer service, and they have been, without a shadow of a doubt, beyond helpful. They are fantastic and truly among the best I have worked with. I would rate them a ten out of ten.

Positive

I have used Palo Alto Firewalls and Cisco ASAs as my primary solutions. If money was no object, Palo Alto Firewalls get the edge only due to the fact that they provide more visibility and analytics in regard to the data that goes through the firewall.

Setting it up is extremely easy. Installing the hardware, configuring the software, and getting it ready to forward and pass traffic takes as little as 45 minutes. It is extremely robust and easy to manage and use.

In my case, it definitely involves a team. When we visit on-site, one person can deploy it, but at least in my business, it is accomplished as a team.

pfSense is excellent for a low total cost of ownership. pfSense pricing is extremely competitive, and it delivers exactly what is advertised. If you are looking for a firewall with advanced feature sets at a very low cost, you cannot get anything better than pfSense. It does exactly as advertised, and that is one of its biggest strengths.

It is extremely affordable in relation to TCO. You get everything that other commercial products give but at an extremely affordable rate, so you can deploy en masse to numerous customers and clients.

My overall advice would be to read the fantastic documentation. Everything you will ever need to do with the product is explained very easily in the documentation. If you have any troubles, just read it, and you will always find an answer. It is one of the best documentation of a product I have used in a very long time. Nothing is hidden.

Overall, I would rate pfSense a nine out of ten.

I run a company that is a managed service provider. We supply our clients with products and purchase on their behalf. We install pfSense in their offices or main client offices.

What I like most about the product is that it is simple to use. I use it at home and in other locations. It offers great value for money because there are no licensing issues apart from the support package. I don't have to worry about licenses expiring or the firewall not working. The overall security gain is stable and reliable.

Multi-appliance monitoring and management, like a single pane of glass, would be very nice to have. A centralized management console would help us. There might be improvements to the web UI, which could benefit from a new look. It looks a little dated, although everyone knows where the options are.

I have used the solution for four years.

The solution is stable. I'm happy with the stability, I would rate it a nine. I had some minor issues, like hardware power supply failure after two to three years, but it was rock-solid until it failed.

The solution is pretty much scalable. I would say nine, although I'm not sure why.

I used their support about two times. I don't need much support, as I've managed to fix everything by myself. I would rate it ten because they went above and beyond expectations.

Positive

Sophos was used in some cases. Some clients require products which are used in their other offices.

The initial setup takes about one hour. It is fairly simple and sometimes only takes half an hour, depending on what needs to be done.

We implemented it in-house with one person.

Because we are familiar with the product, the ROI is between ten to twenty percent. We have been saving by having a stable, well-known product.

I estimate it to be between four or five, something like that. I cannot say it is cheap, but it is not expensive either, so let's say three or four.

I usually advise having a solid firewall with a low cost of ownership, which is why I rate it nine. There's room for improvement, as I would love to have more control over the packets. Overall, I would rate the product nine out of ten.

Most of my clients want to use it as a firewall. There are two things that they're looking for. Number one is bandwidth management so that if there are multiple links, they can share bandwidth for their staff. The other important aspect that has come up recently is for IDS and IPS.

Currently, for me, the most valuable feature is the implementation of pfBlockerNG. The community behind pfSense is really strong. 

In terms of the features, the simplicity of the installation is a significant advantage. Out of the box, I am ready to start using pfSense after installation, which is very important. It allows minimal downtime before integration, enabling use even on a weekday without users knowing there's a new firewall in place. 

The key thing I found is saving on the cost of equipment. Whether CapEx or OpEx, we appreciate this.

The user interface needs improvement. Even though it's a system that's easy to get working upon installation, the configurations are not intuitive. The interface needs to be friendlier. That's the only complaint I have about pfSense.

I have been using pfSense since 2008.

One issue is due to bugs and broken links.

I have not had the chance to experience Netgate technical support, because most of the time I have been able to sort out the issues with forums.

Positive

Before Netgate, I used a lot of MikroTik. In comparison, pfSense is more robust in terms of the feature set. The open form of the GPL system makes it better than MikroTik.

The steps to implement involve aligning with the key aspects I am going to implement, knowing what they already have running, and what needs to be mirrored and improved. I usually have it pre-installed, tested, and then deployed.

I have a team. There are around three of us, and we do this together.

I would recommend it a lot because it's a proper firewall, and there are no issues apart from the interface and broken links. It's very easy to recommend pfSense without even going through the POC stage. For me, pfSense is a ten out of ten.

I use pfSense for my home network firewall.

I've installed pfSense on nearly every environment type, including Virtual Manager and most virtual machine hypervisors like Microsoft Hyper-V, ESXi, and even older versions like VM Player. Currently, it's running as a VM in Virtual Machine Manager on my NAS, showcasing its flexibility.

pfSense is a highly flexible product with a rich feature set. While designed with a graphical user interface in mind, it also offers command-line access for greater control. This versatility allows users to tailor the product to their specific needs.

Adding packages to pfSense is straightforward; navigate to the package manager and click "add." However, incorporating hardware, such as a dongle, is slightly more complex.

I saw the benefits of pfSense immediately. Going from a SOHO router to a pfSense one is night and day. pfSense is an enterprise-grade product that is easy to use and has a simple GUI.

The dashboard is very handy. I use mine almost daily. I can put up the widgets I want to see or remove widgets I don't want to see. It has pertinent information about my services running, any VPN connections I have, and clients connected. It's a nice dashboard.

The failover functionality for connectivity helps minimize downtime. It has also been simplified recently with some excellent added features. If I lose or corrupt my image, I can easily reinstall the operating system and restore my configuration. I'm pleased with these features of pfSense.

pfSense is a straightforward, feature-rich firewall. I am a big fan.

One area where Netgate could improve is communication with its user base. While they make an effort, much of their user base isn't composed of enterprise-level engineers who regularly read release notes and stay abreast of feature changes. A few years ago, they held a commendable meeting with forum moderators to discuss upcoming changes, which was appreciated. However, they could enhance their communication further by providing more precise information about changes and release timelines for new features.

I have been using Netgate pfSense for 13 years.

I have not contacted technical support for any technical issues. I did contact them for a replacement box, and their support was fantastic. I received the replacement box within a couple of days. I do contact their TAC when they release a new version. That process is changing with their new Netgate, the store, and everything. Previously, if we had a Netgate appliance and wanted a new image to install natively, we had to contact TAC with a ticket. The turnaround time was always excellent, just a couple of minutes. They would provide a link where we could download the image. I've been surprised by how fast they respond sometimes. Even when they're in the middle of deploying a new version, I've reached out and received a download link within five minutes. So they're usually on the spot.

Positive

Over the years, I've played with quite a few different firewalls, but I always go back to pfSense. It's a leader in its field, with its direct competition being OPNsense. There was a feud when they forked off. pfSense is the leader in that sense.

Installing pfSense should be relatively straightforward, even for a network engineer unfamiliar with the product. The process is user-friendly and guided, similar to installing an operating system like Windows. With a basic understanding of networking concepts, setting up pfSense can be accomplished within minutes. The main challenge arises when users need more fundamental networking knowledge, such as understanding IP addresses or the difference between DHCP and static configurations. For someone with networking experience, however, the installation process is quick and straightforward.

The pricing is reasonable. It costs money to run a product. It used to be completely free, and I think that's where many people became a bit disappointed when the pricing model was introduced, but I think it's a pretty fair price point. Some users don't understand that they can't offer everything for free. The development work involved costs money.

The inclusion of firewall, VPN, and router functionalities significantly reduces the total cost of ownership. In my previous role, we utilized pfSense in some locations due to its superior cost-effectiveness compared to other enterprise solutions. For smaller companies or those aiming to reduce expenses, it's a highly affordable option, and even their hardware is reasonably priced.

I rate Netgate pfSense ten out of ten.

We use pfSense as our main router.

We implemented pfSense to address the instability and limited customization options we experienced with our previous router.

pfSense is highly flexible, allowing for creating IPsec tunnels and various other configurations.

Adding features to pfSense is easy.

Since implementing pfSense, our overall stability has improved significantly over the last ten years as we transitioned from Prosumer equipment to a more robust tool. This success has allowed me to implement more pfSense routers in other locations. We saw the benefits of pfSense in less than a couple of weeks. Having that added stability is great.

pfSense Plus provides us with the visibility to make data-driven decisions. We can see historical data and bandwidth utilization, allowing us to make informed decisions about our internet connection based on that information.

The most valuable aspects of pfSense are the stability, hardware compatibility, and low cost.

I want pfSense to add some next-generation firewall features.

The scalability has room for improvement.

I have been using Netgate pfSense for ten years. 

I rate the stability of pfSense ten out of ten.

Due to the absence of a single pane of glass management feature, scaling out pfSense becomes quite challenging. I'd rate its scalability a three out of ten, as the process is far from straightforward at present.

The few times we've had to engage support, they have been professional and incredibly knowledgeable. If we encounter someone who doesn't have the answer immediately, they can find it very quickly. In the past, they have even joined meetings with us and a client to work on a problem, providing a lot of insight and assistance throughout the process.

Positive

We previously used Prosumer routers, but their capabilities were insufficient for our needs.

Initially, it was a bit complex when I started using the system over ten years ago. pfSense required a deeper understanding than the Prosumer devices I had used before. I had to grasp the ramifications of every action. However, once I overcame that learning curve, it became knowledge I possessed.

It took us about two weeks to implement and learn how to use pfSense. I've noticed that with pfSense, I'm always learning something new. Just because we've used something for a long time doesn't mean we know all of its functionality. For example, I needed to establish an IPsec tunnel for the first time last year. I called in support, and we successfully established the tunnel to another location. There's always something new to learn, whether pfSense adds new features or we encounter a need for functionality we haven't used before.

pfSense Plus is cost-effective for what we're getting. I've been using Netgate hardware for a long time, and including the pfSense Plus license with the hardware offers significant value. Additionally, using pfSense software for free is of great value.

The total cost of ownership is very low. We've used pfSense historically in a simple configuration, and I've been able to train peers on how to use the Netgate hardware and pfSense Plus effectively.

I rate Netgate pfSense seven out of ten only because of the lack of ability to manage all our switching and WAP from one location.

We have three locations, and two to 25 users use a combination of wired and wireless devices and a typical broadband connection.

pfSense requires maintenance when new versions or patches are released. This does not happen often, but it does happen.

I recommend pfSense to others. Once you overcome the learning curve, it becomes almost second nature to use. The cost is also a major factor. Every year or so, I explore alternatives to Netgate hardware, but almost everything I find is subscription-based, like Cisco Meraki or other brands. I'd struggle to justify renewing a router license every 18 months or risk it stopping working. So, using a platform like pfSense without an annual fee is a huge benefit for our budget.