I have two installations at schools as firewalls. The biggest drivers for using pfSense were cost-effectiveness and functionality. It offers higher functionality for its cost.

The benefits are fairly obvious at the beginning. There's no specific time frame required. The flexibility and consistency of the product are what draw me to it, regardless of the size or capacity of the operation. It's easy to deploy.

Arguably, the use of products like Suricata for intrusion prevention could help prevent data loss.

It gives a single pane of glass for each individual device, but not across multiple devices. pfSense could catch up with other market providers by offering a view across multiple devices, but the current interface is fine. It is just we have to individually manage each one.

There are two versions of pfSense, the paid "Plus" version and the free "Community Edition." I use the "Plus" paid version.

The way pfSense handles system updates is pretty good. The updates are virtually transparent to any downtime. I've had pfSense boxes running for 200 to 300 days with no downtime. From a software standpoint, pfSense is about as bulletproof as it comes.

pfSense provides visibility that enables us to make data-driven decisions. Its reporting is effective. The data is effective in making decisions based on traffic. It is not just one feature, it is how we manage data traffic. It provides adequate information to make decisions based on traffic.

I have used pfSense in virtualized environments, just not on AWS.

It allows me flexibility in hardware size and capabilities while maintaining the exact same interfaces and controls.

I also like the fact that based on its operating system, it has applications that can be added, such as IDS/IPS and filtering.

I would like to see a single pane of glass for multiple devices.

From a service provider standpoint, it is a bulletproof operation to deploy. Aside from being able to manage and monitor multiple devices from a single pane of glass, that would be the only thing I would change.

I've used pfSense, probably for the last two or three years off and on.

It's one of the most bulletproof solutions out there. I can't recall a problem where the system locked up or had any issue that required intervention to get it started back up again.

Aside from possibly a hardware failure, I haven't had any problems. And that's not the software.

Scalability is one of the reasons why it's a good product. You can utilize it in a budget-friendly way as well as a full-on enterprise. pfSense is almost infinitely scalable. Obviously, hardware is the dictating factor.

I have never had a reason to contact customer service and support.

I've used Unifi products, DrayTek products, and Meraki products.

From a capability standpoint, I would put pfSense at the top of functionality. DrayTek comes close; however, it lacks the add-on applications. So, I would put pfSense at the top.

I build the machines myself. Their hardware is not overly special, and I think it's overpriced, so, I build my own.

It's easy to deploy them, but then I've worked with them for a while. If I reflect back at the very beginning, there is a bit of a learning curve, but I don't think it's that steep. Overall, it's fairly easy.

It's fairly easy to add and configure features in pfSense, though it depends on the application. So, it is moderately easy. Some are simple, while others require a lot of preplanning and time to configure.

One person can deploy it, but the deployment time varies because it depends on the network design. It can be up and running in ten or fifteen minutes, but configuring it for the network design may take longer.

Not much maintenance is required from the end user. Netgate pfSense do a very good job of keeping the application and operating system up to date by itself. Occasionally, applications require updates that need manual intervention, but for the most part, updates can almost be automated.

pfSense's pricing or licensing model is very affordable. Netgate hardware is a bit overpriced, but the software itself is arguably underpriced.

I have not come across a more effective product. Unifi products are inexpensive but not feature-rich by any stretch of the imagination. From a pure feature standpoint, hands down, I would argue that Meraki is as capable and comparable in features, but the cost is prohibitive for most small businesses.

From a pure feature-function standpoint, pfSense has the best total cost of ownership, once it's installed, I don't have any problems with it. If taking into account the software licensing, the hardware, and the amount of time it takes to manage, I'm not sure there's a better TCO on the market.

Overall, I would rate it a nine out of ten.

I use pfSense to provide IT services for small businesses. They typically have a broadband or fiber connection through a router to the ISP, so they're looking for some additional security. We can get a Netgate appliance with pfSense for a few hundred dollars.

We saw the benefits immediately. I live in Edmonton, and one of my clients is a machine shop in Montreal. We configured the firewall and sent it to the shop with instructions on how to set it up. They set it up, and once it was running, I could remote in and start providing IT services to my client two time zones away.

It can help you prevent data exfiltration from the outside, but you'll always have a problem with employees who want to do bad things. It isn't a completely zero-trust approach. It has logs that will tell you if something seems odd. That requires the owner or IT professional to stay on top of it.

The stability of the Netgate hardware and pfSense software helps to prevent downtime. At the machine shop in Montreal, we had an older Netgate model running for almost seven years, which we replaced last Christmas. It wasn't failing, but we upgraded it to ensure uptime. We spent about $200 on that device or about a few months of coffee for the office. You can deploy pfSense on your own device, but it gives the client comfort to see an actual device instead of something I cobbled together.

I don't know if there's a particular dashboard other than the volume of data you are passing through the firewall that we check to ensure it is as expected. All of the businesses we handle are small, so we don't need some of the advanced features, such as VLANs, and I'm not going into them to fiddle with them constantly. If the power is somewhat dodgy, as it is in Montreal, they come back online in the proper configuration.

One of the main benefits of our use case is pfSense's inclusion of OpenVPN. We can set up a server-client configuration so employees can access the office outside business hours. This enables us to provide secure remote access to their workstations and other devices inside their worksite. OpenVPN is included, so I don't need to purchase an expensive VPN solution with its own client.

I also value the community on the pfSense website and other forums. If you're trying to set something up, there's invariably someone else who has done it before. It's open source, so the community is massive.

PfSense is quite flexible. You can tune it to meet your needs. If my client has something provisioned to their clients, we can run that through the firewall. We can also set it up so that everything is locked down and all traffic moves through the VPN. Like any other firewall, you can set up rules. I haven't encountered anything that I wanted to do that I couldn't.

Setting up the VPN is always tricky, but adding features isn't hard overall. OpenVPN is easier to use than any other open-source VPN solution. It does all of the DHCP and DNS forwarding and other firewall tasks out of the box.

In most of our use cases, the pfSense interface acts like a single pane of glass for me to log in, monitor, and configure. You can use the command line interface, but I use the web interface. I would only use the CLI to review logs because everything is on a text interface rather than a browser window, so it's easier. However, for a business user, the web interface is easier if they don't have any complex needs.

Our customer's IT operations are optimized to go through the pfSense firewall and OpenVPN. It enables us to get work done without constant callouts from the clients. When we upgrade to a new unit, we give them configuration files to install on their workstations.

They could improve the VPN wizard to make the configuration easier. I don't know what happened last time, but it was a little fiddly. Adding users isn't difficult, but it's a step that's in a different panel from the configuration of the VPN client itself. You need to create the user on the firewall and then associate that with the VPN. They should make it easier to link the firewall configuration with the VPN client.

I have used pfSense for between five to seven years.

PfSense has always been stable, even in an inhospitable environment. A machine shop is bad for devices because of all the dirt and oil, and I had one that continued running for five years without any complaints.

I always pick a Netgate device that has sufficient hardware for each of my clients, but if I had to expand suddenly, I know Netgate has a range of devices that would work. However, I do think they focus on small and medium-sized enterprises.

I deploy pfSense on Netgate appliances. It's easy for a typical network engineer with no experience with pfSense. If you know about networking, it's an easy device to set up. Coming from a Cisco background, I found it dead simple to install. I have deployed boxes in under an hour. One person is enough to do it. The maintenance and updates are easy. I've never had an issue with updating and fixing bugs. You can do it all remotely.

I rate Netgate pfSense nine out of 10. Having a basic understanding of networking concepts, like firewalls, routing, and VPN will help you navigate the pfSense interface.

I am using pfSense for its firewall, gateway, and intrusion detection. I used the Community Edition for years and then switched to the pfSense Plus free-from-home edition. There was a bit of turmoil when IXSystems announced that they would no longer offer the free-from-home edition

We immediately realized the power when we deployed it a few years ago. It exceeded our expectations. As time went on, I discovered more features in the different packages they provide and whether they fit my needs. Over time, it's been a learning process, and I've been greatly impressed with almost every aspect of this product. It has all the things I wanted but found lacking in other products.

All of the features work together to prevent data loss or any compromise of your data. It all boils down to the rule set. I have mine configured so that all the data goes out depending on my Netgate device. Some machines go through a particular VPN connection. If that connection goes down, I've got the rule set configured like a dead man's switch. It's cut off from the outside world, and I get an alarm, and it allows no more attempts to let traffic pass through that connection.

It helps to prevent downtime. Whenever there is an issue, it's the first place I look because I can check the statuses of various interfaces to check whether they're up and then zoom further out to see if it's something in my internet provider, like a faulty cable. It enables me to reduce downtime by quickly determining where the problem might be.

PfSense provides the visibility I need to make data-driven decisions. For example, if I have a spike in bandwidth usage, it shows me which devices on my network are suddenly eating more bandwidth. I can see what's causing that. It also greatly reduces the time spent maintaining my network, so there's a productivity boost.

PfSense has a learning curve, but once you've mastered that, it isn't that difficult. It's very flexible, and you can do almost anything necessary to secure a home network. It has packages that expand its capabilities. For example, you can install Snort if you want intrusion detection. If that's unimportant to you, you can use it to check the bandwidth of all the machines in your network.

Adding features is simple. You go into the menu to check which ones are available and click on the ones you want to install. If you've done your research on the packages you want and the settings you'd like to use, it's a matter of walking through the configuration in the menu. When removing the package, it will revert the settings 99 percent of the time.

I like the interface. You can arrange the windows to see the important information and put them in the order you want. You can see the various interfaces you have at a glance in a single pane of glass. I have certain bits of information I want to see first, and there are secondary or tertiary pieces of information. If you are using VPN connections, you can see their statuses. You can see hacking attempts, which are logged.

It's powerful. You can get quite granular in setting up a highly topical application of pfSense, but if you want just basic protection, you can do that easily. It depends on your needs and how brave you are. You can go deep into the system and do some cool things with it or set up the bare protection you would get from any firewall.

I'm trying to set up a gaming server for multiplayer games like 7 Days to Die. I spent three or four days trying to publish a private IP address through pfSense to the outside world. Some commercial and consumer-grade routers can do this, specifically gaming routers, but pfSense is not intended for this usage.

That's a feature I'd like to see added, where you can go into a submenu, turn it on, and specify which machine or IP address you want to publish. It's not a must-have, but it would be nice to have. I spent a long time trying to figure that out. Ultimately, I was successful, but it was not intuitive.

I have used pfSense since 2016.

I rate Netgate support 10 out of 10. You must have a license for pfSense Plus, and I called them about an unexpected hardware issue that caused me to switch machines. I emailed explaining the situation and got a response the same day. I provided all the information on the new box, and they gave me a license. It was a pleasant, non-stressful experience.

I have used Smoothwall and a few other things that have been abandoned. I liked the look and performance of Smoothwall's interface. It had many of the same features as pfSense, but its capabilities weren't deep enough. I've also used basic Linux distros set up as firewalls, but pfSense is oriented toward an enterprise-level deployment, and I find myself between hobby and enterprise. I also like the added features pfSense provides.

I am not using a Netgate appliance. I deployed pfSense on a very small machine that has plenty of RAM for the overhead, logs, and speeds I want for my network.

When I first installed pfSense, there was a bit of a learning curve. I had to sit down with the documentation and figure out what to do. It wasn't difficult— just time-consuming. That information has carried forward with me. Other people look at me like I'm some kind of expert but I'm really a few pages ahead of them in the manual.

PfSense isn't something you can turn on and forget about. You need to configure the solution and test it. Then you can turn it on and let it run. From time to time, you have to come back periodically to make sure everything is still fine. The initial deployment takes about 30 minutes. It was a one-person job.

I would like to see the price of pfSense lowered by about $50, or maybe they could create a category for home lab users like me with one device. I'm not running a business or profiting from it. I realize that people need to get paid for the work that they do, so I can't complain. They decided that they needed to change their model after providing the product for free for many years.

Before they changed and started to charge for pfSense, the total cost of ownership was phenomenal. It still offers tremendous value, but that was an adjustment. You can choose to go back to the community edition or just pony up the money.

I rate Netgate pfSense nine out of 10. I only give it a nine due to that recent issue setting up the game server. I eventually figured it out and published my solution to the forums. Otherwise, it would be a perfect 10.

I do some consulting work for a couple of organizations on the side, and I have a few personal home lab builds of pfSense, so I use it in both a professional and personal home lab environment. I'm using the community edition and pfSense Plus.

I began seeing the benefits of pfSense immediately. The use cases for pfSense were creating remote VPN servers and satellite offices where remote employees connect. I've been using it for so long now that I have some baseline configurations. When I bring a new site online, I load that default configuration and ship it out to where it's needed. They plug it in, and the system comes online. It's fantastic from that from that perspective.

PfSense gives you much control and visibility into your boundary that helps you identify nefarious actors and things that could lead to eventual data loss.

It helps minimize downtime from a boundary perspective. They have some features. I have used Plus in boot environments quite regularly to test out some things before going live into production, which has been nice because I've made some configuration changes that I regretted.

The boot environments help you get back into kind of what you had. Both the community and Plus editions have a fantastic configuration export. Your boundary device is relatively static once you can configure it how you need it. You can export those configs relatively easily so that when something goes catastrophically wrong, the hardware fails, or something along those lines, you can reload the configuration onto that device or the replacement device and go about your day.

One thing I can say about pfSense specifically and the Netgate hardware is that it is not something I worry about from a security or a resiliency perspective. It's stable. It works. I have the ability to forget about it. As an IT professional, I have so many things to worry about daily, and it's incredible to minimize those things. I think pfSense has done a great job in that area.

There's a lot of logging that produces a ton of data I can pull into a data analytics platform and make data-driven decisions about bandwidth increases or changes to firewall rules, intrusion detection rules, or employee access.

It also enables us to optimize performance, one of the biggest things you do when you get a new Internet service provider or a modem replacement or something along those lines. There are tons of tools built into pfSense that let you look at how that's working, and even some tools online that allow you to tailor that experience based on your real-world use case.

In the time that I've used pfSense, I'm continuously blown away by the quality of the product, its attention to security, and all of the features it has. It's easy to use. The web-based interface is great. The tutorials on the website are fantastic. I wouldn't say it's necessarily one feature. It's the full offering of all of the features that make it for me. I use firewalling, intrusion detection, and two of the VPN features: WireGuard and OpenVPN.

The flexibility is great. PfSense will run on homebrew hardware and Netgate. The interface is excellent on the web and through the console. There's a lot of flexibility through the console. It lets you get into a low bandwidth environment to do the things that you need to do when you're remotely administering some of these things.

I enjoy the fact that the web interface is customizable. A seldom-used feature is the ability to change to one of several built-in themes. I use those themes to tell which system I'm administering because they're all remote to me, and the interfaces all look the same. I don't have those little tells about changing the colors of certain things.

Sometimes, it takes some back and forth to figure out which one I'm on. I never thought the themes would be a feature I would use. I use it all the time. The user interface is fantastic and responsive. The tooltips are in the right areas and help you build out your firewall and boundary device.

The ease of deploying and configuring features depends on the feature. Most of their features are designed to be implemented with some basic knowledge level, but some are super-advanced, and you need that knowledge level. They have excellent guides for just about every feature on their website or that's inside pfSense. They're great. They explain all the different things about adding new features and each package's function. I don't think that there has been a feature that I wanted that someone didn't already have a package built for.

I would like to see a better plugin for data analytics. They have some things that you can do, but it's not purpose-built to get data out super easily. That's kind of an advanced feature, and you do have to do some configurations that are a little more advanced than some people might be comfortable with.

I would also like some type of fleet management, like a dashboard where I can see multiple pfSense and their statuses. I'd also like that to be self-hosted. I don't necessarily want a cloud version of it. I'd like to host that at a parent site and have the satellite offices push their status there.

I have to manage each of the devices individually. There is no interface where I can manage multiple devices. I wouldn't call it single pane of glass management. It does give me a single pane of glass for everything related to the boundary, including VPN intrusion detection, DNS, DHCP, VPN, and firewall rules. But it doesn't have that fleet management piece. I would love to see something like that.

The last thing that I would like is not a feature. It's Netgate as an organization. I would like more transparency from them when they make some decisions that sometimes appear to be made in a vacuum. Most recently, the change in licensing and some of those things did not go over well in the community in general. I think some transparency from their organization would be valuable to the community at large.

I've been using pfSense for around 15 years.

I rate pfSense 10 out of 10. I have never had a system fail in more than 15 years. I've never had one fail on-site. They are incredibly stable and resilient

PfSense is highly scalable depending on the hardware you buy. Their hardware is well-documented. If you buy a device designed to scale with your business needs, I don't think there would be any issues with that.

I rate Netgate support 10 out of 10. I have never had a bad interaction with any of their folks. They respond quickly, and their answers are always extremely thorough.

I used the old m0n0wall, which I migrated away from. I have also used SonicWall and OPNsense in a lab environment and various Cisco and HP devices throughout my career.

PfSense offers the best bang for your buck from a feature and cost perspective. Many other systems have some cool features that either aren't necessary or are significantly more costly than pfSense.

The initial deployment is easy, and it's even easier once you've spent some time with it. If you buy devices from Netgate, they provide you with "zero to ping."

Even if you have some kind of odd setup or something weird you can't figure out, you can call their technical support, and they will help you get online. They'll even remote into the device to help you get online or solve a problem, which is incredible.

Now, I have a standard image that I use from a configuration perspective, so it takes me about half an hour. It is typically a one-person job. The only reason why I put a caveat on that is I am fully remote from all the services that I support, so I do need a person on-site to at least plug the thing in, but the rest of the setup is a one-person job. After deployment, it doesn't require any maintenance aside from standard firmware updates.

I don't like subscription models, and unfortunately, the latestpfSense license, pfSense Plus, went to a yearly subscription model. I think yearly is probably the best of the worst because at least I can pay it once, and be done with it for the year. I would rather see either a one-time cost or something along those lines that would be at that price point. I think the costs for their hardware are reasonable. I wouldn't call them cheap, but I also wouldn't call them expensive. I think the hardware costs are reasonable.

I personally run a couple of black box or white box servers that are custom built using pfSense Plus that I've licensed, but all of the other deployments that I support are devices purchased from Netgate.

I rate Netgate pfSense eight out of 10. I recommend that new pfSense users join the community. PfSense has an active community on Reddit and a community forum. You can also get a copy of the community edition and deploy it to a virtual machine to learn it before you put it into production. You won't be disappointed.

We use pfSense in our clients' offices to provide secure network access. For remote workers requiring private network connectivity, we deploy a Netgate pfSense router in both the office and the user's home office, establishing a robust IPsec connection between the two. This configuration offers superior security compared to alternatives like OpenVPN, as remote users simply need to connect their LAN cable to the home pfSense for immediate and secure office network access. We primarily serve small organizations with 10 to 200 employees, deploying a pfSense router in each main office and providing OpenVPN or IPsec connectivity. Additionally, we offer optional pfBlocker-NG integration for advanced threat protection, enabling the blocking of traffic from specific geographic regions or known malware sources.

We have several sites with multiple or backup-wide area networks. We use pfSense to manage these networks, configuring them for load balancing or backup as needed. To authenticate OpenVPN logins, we leverage Active Directory on our Windows Server, simplifying user management. Office managers can easily disable both Windows and OpenVPN access for users without needing to access pfSense directly. This centralized approach requires only a single robust passphrase for users to access both the VPN and the Windows domain.

I am accustomed to the interface and find it quick to use. However, I think a new user might need some time to adjust. That said, I've been using it for over 15 years.

As a network administrator, I fully understand the benefits of pfSense before deployment. While end users may not immediately recognize its advantages, I appreciate its value in eliminating the need for costly licenses associated with other firewalls like Barracuda and Checkpoint. PfSense offers a comprehensive suite of features, including VPN, user management, and advanced DNS, without requiring additional fees. This cost-saving aspect is a significant selling point for me when replacing older firewalls with Netgate pfSense. Not only do we improve network security, but we also reduce ongoing expenses, a benefit that becomes apparent to clients over time.

Adding features in the packages section of the interface is quite rapid, especially when limiting options to available packages. However, configuring unfamiliar or infrequently used packages requires research and time, ideally by someone with networking and firewall experience. While pfSense is not entirely plug-and-play, the basic setup is straightforward; adding features demands more technical knowledge. So, feature addition is easy, but configuration can be moderately complex.

pfSense can help prevent data loss by making it difficult for hackers to breach networks. However, most data loss incidents we see result from end-users clicking on malicious links or email attachments. When data loss or ransomware occurs, the issue typically lies with user error rather than pfSense. I believe that the networks I configure using pfBlocker, which restrict communication primarily to the continental US and other approved countries, may help block ransomware. Still, I cannot quantify the frequency of such occurrences.

Approximately ten percent of pfSense routers experience critical issues requiring a factory reset. Previously, this process involved contacting tech support and providing detailed information. However, pfSense has simplified this by offering self-service image downloads. This improvement significantly speeds up customer recovery time. Additionally, Netgate's pfSense Plus hardware comes with a Zero-to-Ping warranty, enabling easy setup and troubleshooting for end users. While not entirely plug-and-play, most users can easily install these routers, and Netgate's warranty provides additional support if needed. I've successfully utilized the Zero-to-Ping warranty several times and believe it is a valuable resource for both technicians and end users.

pfSense has helped enable data-driven decisions. It allows me to communicate the need for faster WAN lines to client management by providing concrete evidence of network performance. Additionally, pfSense offers detailed insights into OpenVPN user activity and IPsec traffic, facilitating targeted problem-solving. For instance, I can readily identify slow IPsec connections for remote users, such as user X, and advocate for necessary improvements based on these data-driven findings.

OpenVPN, IPsec, DHCP, and DNS are the most valuable features. I will also include pfBlocker-NG later in the list, but only a couple of sites use this feature.

pfSense does offer a convenient single-pane dashboard, but I believe it could be improved with additional features. For instance, an administrator log for team members to record notes, such as adding a nameserver, removing user accounts, or other relevant information, would be beneficial. This simple log within the main status page could enhance communication and collaboration among the admin team. While the current status screen provides most of the necessary information, this extra feature would be a valuable addition.

It would be beneficial if Netgate provided a table outlining the recommended maximum WAN port speeds for their various models.

The documentation doesn't align with what I'm seeing on the console. This is frustrating because the online documentation doesn't match the dashboard, leaving me unsure of the correct steps to take.

I have been using Netgate pfSense for 16 years.

I would rate pfSense's stability a perfect ten. When I replace consumer routers with pfSense for small businesses with two or three employees, they are often amazed to discover the router can run for a year without a reboot. This starkly contrasts their previous experience with consumer routers that required weekly or bi-weekly unplugging.

I have been pleased with pfSense's scalability. While I haven't explored all its features, I have successfully backed up an old system and restored it to a new pfSense device, which I consider an upgrade. I know additional capabilities like load balancing and backup device management but haven't implemented them due to a lack of current need. PfSense offers much more potential than I've utilized.

The quality of the support is high. While the speed used to be somewhat slow, I've noticed a significant improvement in recent calls, connecting with a representative quickly within the past year.

We've used multiple firewall solutions over the years. Twenty years ago, we implemented Monowall. Subsequently, we switched to Barracuda, which proved highly problematic and required frequent technical support intervention. Our next choice, SonicWall, was an improvement over Barracuda but still presented challenges. Specifically, SonicWall's licensing model is burdensome, as it necessitates constant management on my part, a task end-users are unwilling or unable to perform. Though less frequent than with Barracuda, technical support interactions are still necessary.

Initial deployment is straightforward, taking approximately half an hour for each unit. While pfSense is not the issue, challenges often arise due to clients' limited understanding of their network configurations. A single person can effectively handle the deployment process.

I appreciate that pfSense eliminates the need for extra payments, license management, or feature limitations. This cost-effectiveness and its reliable Zero-to-Ping guarantee is its most compelling aspect.

The pricing seems fair overall, but I think they need more reasonably priced options for very small offices. They currently offer a few affordable units at the lower end, but then there’s a significant price jump to the next level. I remember they used to have a model around the 2100 range that was a good middle ground. I believe they should offer more choices between the lowest tier and the next one in terms of hardware. Additionally, I'd like to see a per-incident support option, which I don't think they currently provide. I haven’t checked their support options in a while, so I could be mistaken. However, in the past, they only offered annual plans. If I encounter a specific issue, I would prefer the ability to pay a one-time fee for complete support on that particular problem.

The total cost of ownership is great. pfSense is our most recommended appliance for router, firewall, and VPN functionality.

I would rate Netgate pfSense nine out of ten.

Users don't need to do anything to maintain the system, but I like to check all pfSense instances every few months, install updates, and look for any irregularities. I try to check every single pfSense system if possible. pfSense needs to be manually updated.

I use Netgate pfSense as my office firewall.

I implemented pfSense as a firewall, VPN, and content filtering solution using pfBlocker and configured it to verify HAProxy certificates.

Most of our pfSense deployments are on existing machines with a small amount in the cloud.

pfSense offers excellent flexibility and works well with both physical appliances and virtual machines.

The ease of adding features to pfSense and configuring them depends mainly on the user's experience. I find it extremely easy.

Firewalls and Network Address Translation offer immediate benefits once configured, as they are foundational security measures. Other features, however, require more extensive configuration and testing before their advantages become apparent.

Compared to other firewall solutions, pfSense's interface is user-friendly and straightforward.

pfSense allows us to configure multiple internet connections and firewall rules to minimize downtime.

It provides visibility into our network by capturing and delivering log data, such as Syslog, firewall logs, and other relevant information. This enables us to make informed decisions based on data analysis.

pfSense can help optimize network performance. When using appliances, we can install more than ten gigabit network interface cards and add more as needed, depending on the hardware capabilities. Typically, new appliances come equipped with ten-gigabit network adapters or ports. We can significantly enhance network and server communication speeds by fully utilizing these ten-gigabit connections.

The most valuable features of pfSense are the pfBlocker, HAProxy, NAT, and VPN.

I am unsure if it's feasible, but I have previously utilized a web VPN interface with Cisco Firewalls that allows VPN connections through a website, eliminating the installation of VPN software. Such a feature would be a valuable addition to pfSense. Additionally, an easy method to monitor pfSense within other monitoring software would be beneficial.

I have been using Netgate pfSense for ten years.

We have encountered only minor and infrequent stability issues.

Netgate pfSense is highly scalable.

The quality of the technical support is good, but if we cause an issue, we have to pay for the support hours.

I have previously used WatchGuard Firebox and OPNsense, but I prefer pfSense for its excellent usability within my company. Other firewalls like WatchGuard and OPNsense are often retained due to customer preference or specific requirements, but most of my deployments utilize Netgate's pfSense.

Deploying a single pfSense box is relatively straightforward. However, the process can become more complex if outdated hardware is used and network cables must be reconfigured. Deployments using Netgate appliances tend to be more straightforward.

We can have the Web GUI up and running in under 30 minutes, and a complete deployment can last up to four hours. One person is required for each deployment.

The pricing is reasonable.

Netgate pfSense offers effective total cost of ownership by combining firewall, VPN, and router functionalities into a single solution.

I would rate Netgate pfSense nine out of ten.

pfSense does not have any built-in features specifically designed to prevent data loss. Instead, we must configure various functions to indirectly protect against data loss, primarily as a preventative measure against unauthorized access to our servers and equipment.

I use both the paid and community versions of pfSense. Most of my appliances use the paid version. In the cloud, some virtual machines come with the free community version.

Maintenance is required to open ports and create VPN users.

I use the solution in my home network as the main firewall before all data heads out to the internet. I use it for DNS resolution as well.

I noticed the benefits of pfSense immediately after deployment. I was able to take complete control of my security to my house, and it gave me all the things that I needed in order to secure my home network.

The GUI and the user interface have been very clean, understandable, and feature-rich across the board.

The flexibility of pfSense is great.

It is very easy to add features.

There are features that help to prevent data loss. The rules engine of pfSense, a traditional firewall rule structure, has always been the same.

There's definitely a single pane of glass. There's definitely a lot there in front of you.

pfSense provides visibility that enables users to make data-driven decisions. I'd rate the capabilities seven out of ten.

Sometimes it's a bit of a challenge to know how to do something when you want to do something, for instance, setting up a point to point VPN.

Configuration is sometimes a challenge just due to a lack of knowledge on my side. I find that if I don't set up the rules correctly, and this goes to lack of knowledge of being an expert in the firewall space, it's a bit of a challenge sometimes in setting that up.

I would ask them to update it to a more modern interface, as it does look a little tired compared to GUIs today. However, the features are there. A redesign would be greatly appreciated, just from a human engineering aspect.

It might be easier if they separated things out a little bit more instead of putting all the aspects of what pfSense can do for you in a single menu. For instance, they have services, and they have all the services that you could have on your system. It's a lot.

Sometimes I find it difficult to find the data visibility that I would need in the interface to then go make a data-driven decision.

pfSense helps optimize performance. From a performance standpoint, setting up firewall rules does a great job of laying out exactly what those rules are. The layout of the firewall rules makes it easy to create a secure environment on my home network, albeit not very big. However, all the features are within the firewall, and I can create individual rules and organize the rules.

I've used the solution for six years.

I have never experienced downtime from my pfSense device. I'd rate stability ten out of ten.

The scalability is very good. I'd rate it a ten out of ten.

I contacted technical support when there was a major upgrade a few years back, and I needed some assistance.

The quality was perfect. They were fast and very helpful. Even though I wasn't a paying customer for support, they still gave me great guidance and helped me focus on the issues at hand.

I've always had my service provider, Verizon, with their main router, and that router usually has a firewall built into it. I've never used anybody else besides pfSense outside of that.

The initial setup is straightforward. I've done it for my son at college in a matter of two hours, from unboxing to operation. It's easy to deploy a box. I can deploy it by myself.

It does not require any maintenance.

The ROI and the TCO are significant. You get a lot of features under one product. However, I don't use it as a router. I only use it for firewall and VPN capabilities and DNS.

The pricing and licensing are spot on. It's well below the industry average.

I did not look into other options. I knew of pfSense as being a leader in the industry, and that it is utilized by major corporations in large environments. To that end, I assumed it wouldn't hurt for me to have familiarity with the product and use it at home.

I'm an end-user.

I use the Plus version of pfSense. However, I do not pay for support.

I would rate the solution eight out of ten.

We primarily use the solution as a firewall and for managing traffic.

The interface and the integrated services are very useful.

pfSense offers very good flexibility. There are good plugins you can integrate into the software. We can use it for a firewall and to monitor internal traffic. We can do many things.

It's not very difficult to integrate and configure features. At the install level, using the wizard is very simple. As a firewall, it's easy. You can watch usage and target effectively. If I have difficulties or questions or I need to understand how something works, there are videos and tutorials.

We noticed the benefits of using pfSense pretty immediately. We could see it on the graphs that help us analyze the traffic.

We're able to leverage the single pane of glass interface. We can monitor everything from it from traffic to the state of the machine to memory usage and CPU. It provides good visibility so that we can make data-driven decisions. The visibility we get helps with availability.

Performance has been optimized under pfSense. We can filter traffic and limit internet use as needed. With it, we can control throughput.

The first time we deployed it, it was kind of tricky. There were many configurations. You need to first configure the alias, then you have all the IPs ordered correctly, and you can start to manage the VLANs. It would be ideal if we could implement in an easier and efficient way.

One time, we tried to configure a wireless AP to the firewall and that was tricky. Understanding the interface was hard. It could be easier.

The displays of all the plugins could have a better layout. You have to search through all of them to find what you need. They need a search button.

I've used the solution for one year.

We haven't had any issues with stability.

We haven't tried to scale the solution.

We haven't contacted technical support.

Previously, we used a simple firewall called Linksys, among others. It was not very useful for analyzing traffic. pfSense is more granular in terms of firewall rules.

The initial setup was straightforward, and there are a lot of tutorials online. You can just follow instructions. It's not too hard. The setup was fast. It took maybe half an hour.

There might be a bit of maintenance needed. We check from the main page to check it for CPU or disk failures. there might be some updates. That's it. Sometimes I go on Reddit and check to see if I should do the update or not. I remember once I read that someone suggested that we do not update and to wait for an update in a few weeks.

We managed the initial setup ourselves.

The total cost of ownership is good. We don't have too many pfSense subscriptions across our network. However, it's pretty cheap compared to other firewall subscriptions. Plus, the pricing is inclusive.

The pricing is good for us. It's not too expensive considering all of the features on offer. It's about $1700 a year. It could always be cheaper, however, for the most part, it's good.

We use the Plus version of the solution.

I'd rate the solution nine out of ten.

I'd advise users to always follow tutorials which can be found online. Be prepared. That said, the interface is not overly difficult.

We use the solution as a gateway appliance for our own corporate network as well as that for many of our clients. It has become our go-to gateway appliance for clients when they're looking to to have a new network stack installed.

Many of our clients are smaller. However, the big features for them are usually the built-in OpenVPN server for client-based VPN access. The site-to-site links and IPsec site-to-site connectivity are great.

The flexibility is one of the reasons it's become our go-to unit. We don't, unfortunately, get to use so much of its flexibility on a regular basis. That said, I love the fact that it can basically do whatever we need it to do all in one piece of gear.

It's relatively easy to add additional features. They have an application store that already has tools that you can add to pfSense as you need them. At this point, there are 30 or 40 or more of them.

In the long term, when you buy a piece of hardware, you basically get updates for that device for the life of that device. You're not paying for additional licenses throughout the life of that device. You just pay for it once. We do Meraki devices as well, and, every year or few years you need a license. You have to renew.

There are some features in pfSense that help you to prevent data loss. Even just on the firewall side, you can limit what people are able to reach out to. The outbound filtering has a massive effect on that. They also have some other web filtering tools built-in; however, we don't typically use those. We have other tools for that.

pfSense offers a single pane of glass type of management per client site.

The solution does provide features that help minimize downtime. We don't use these features. However, we know they are available. We have the ability to offer that service. You can hook up two of the gateways in tandem. That way, if one of them ever does fail, it automatically fails over to the other functioning unit.

pfSense provides visibility that enables users to make data-driven decisions. You can look at the amount of bandwidth used by the device as a whole or as a client. If there's a problem or if Netgate isn't performing per the client's wishes, we can easily make an assessment.

The visibility in pfSense helps optimize performance. There are a lot of different visualization aspects, including some bandwidth charts as well as some other built-in ways of looking at the way the data or information is flowing through the system, which definitely allows for that.

Something that we would really love to see is a real single pane of glass management for multiple clients. Having a reseller portal of some kind that allows us to easily remotely access all the different pfSense gateways that we have out there (like Meraki does with their equipment) would be ideal. Right now, we have to manage client by client and just maintain access per site, basically.

We've been using the solution for the past three or four years.

They are super stable units. I have not had a single complaint about them.

They are definitely scalable. You can add your own additional storage to them. You can add additional memory to them if need be. They're very scalable, considering what you see in the rest of the gateway appliance market. Those are usually just static boxes where you get what you get, and that's it.

I have contacted support once. I have a Netgate pfSense box that I run as well. I got a little impatient when a firmware update was happening and thought the device locked up and rebooted and ended up having to push the default firmware back. I got help over email, and they were great. They gave me a copy of the factory firmware and I was able to recover the unit.

We've previously used Meraki. We use their gateways as well. We also used to use some Unify gateways but it was too limited.

pfSense is great - and more flexible. It's better than both. It just lacks a centralized management portal.

Initially getting into it, it took took a second or two just to get our team trained up on it. Since it's so flexible, there are some initial configuration assumptions that aren't made. You can do with the device as you wish. There's a lot of network equipment out there that has done a little bit too much hand-holding in terms of the initial configuration, however, those are also devices that are much less configurable. Going in, you want to understand networking a little bit more to make some of those decisions when you're setting up a pfSense box.

How long it takes to implement depends on what you call fully deploy. We're still in the process of doing that. We have, especially on the Unify or Ubiquiti side, every time we have a client where one of those devices fails, we're putting in a pfSense box at this point. We deployed it on our own corporate network rather quickly. I had it done in a couple of hours, basically.

There is some maintenance needed. The firmware updates, and we want to make sure that we're watching for when the new firmware is released, especially if it's being released to cover some known vulnerabilities.

We did the implementation all by ourselves in-house.

We are buying the Netgear hardware and we get the license along with it. The total cost of ownership is is extremely low when you compare it to a lot of the other devices or other gateway appliances that are available on the market.

The pricing is great - for the hardware, at least, which is generally what we're paying for. I was very aware of and paid attention to all the noise that went down when they changed their licensing, especially for the community edition. They created a new product called the Plus version of the license.

For what they charge for it, which is maybe $100 a year, it's still good. If you wanted to build your own router, pfSense is more than worth $100 a year to have all that flexibility and maybe your own piece of custom hardware that you want to run it on. It's definitely a value-driven product.

We're using the Plus version since we buy the Netgate hardware. That comes with pfSense, and we're typically not building our own gateways.

I'd rate the solution nine out of ten.

My advice to new users would be to practice with the product when you get an appliance. It's always easier to start learning with an appliance directly from Netgate. Just set it up and mess around with it maybe on a network that is a test network of some kind. Something that's not in production. It's not a hard device to understand if you understand networking at all.

We deploy the pfSense firewall to our customers' networks.

The solution provides customers with reliability and additional security.

The interface is very good. The configuration options are excellent. All of its capabilities are quite useful. It's more capable than what we need it for. I like having the ability to have additional capabilities compared to others.

pfSense's flexibility is great. I would rate it pretty high based on that.

We immediately witnessed the benefits of pfSense.

The IPS intrusion protection system helps prevent data loss. It works really well. It's a little bit manual process, however, it works really well overall.

pfSense provides high availability to help minimize downtime. They all have built-in high availability, which fails over to another box.

The solution provides visibility that enables users to make data-driven decisions. That said, that's a capability that we really don't need due to how small our customers are.

The visibility in pfSense helps to optimize performance. Just being able to see network traffic and the load on the firewall on the box, or the response times from packets going back and forth is helpful. There is a lot of visibility into network performance.

pfSense does not provide a single pane of glass type of management. That's one of the biggest downfalls. We take care of more than 60 customers, so it would be nice to have the ability to have all of the pfSense boxes that we deploy under one pane of glass so we can manage them centrally.

I've used the solution for two years.

I've had no issues with stability; I'd rate it ten out of ten.

While we do not scale the solution, I can see it being very scalable.

Technical support is of excellent quality, and they have fast response times.

We've never used any alternative to pfSense.

We're buying the machines from Netgate. It's very easy to deploy. I'd rate the ease of implementation as eight out of ten. Even if someone didn't have much experience with pfSense, it would be pretty easy.

It's low maintenance; we may only need to worry about an occasional firmware update.

I did not use an integrator or consultant during the implementation. I handled the process myself.

The total cost of ownership is very good. It's low maintenance. Once you get it up and running, you really don't have to touch it. It's very favorable to have the inclusion of firewall, VPN, and router functionalities.

The pricing is excellent.

We're an end-user.

We use the pfSense Plus version.

I'd rate pfSense nine out of ten.

New users should be aware that it is more complex than just a consumer-grade product. Users need to be prepared for a lot of features that they might not understand or know how to implement at first. Check your resources in preparation.