Netgate pfSense Plus Firewall/VPN/Router
Netgate | 24.03.0Linux/Unix, FreeBSD 14 - 64-bit Amazon Machine Image (AMI)
External reviews
External reviews are not included in the AWS star rating for the product.
pFsense - the understandable and highly capable firewall stack (for you)
What do you like best about the product?
pfsense covers all of the core use-cases for my new and existing networks alike. Firewall, router, traffic classifier, DHCP server IPv4/6, OpenVPN server and client, Wireguard server and client, Certificate Management and Authority, User Manager, DMZ and multi-WAN (incl PPPoE), all with excellent logging incl Syslog to aid traffic analysis and debug. It's very easy to use (which is not true of all firewall software), and it's stunningly robust. Run it on a PC/SBC with multiple NICs or on a dedicated appliance for optimized footprint and power consumption. Support for HA, external packages (OpenVPN Client Export one of the most labour saving of them all), a thriving community and both free and paid support all make for a very predictable experience.
What do you dislike about the product?
There is no one security platform that's perfect, they've all got nuances and application sweet-spots.
What problems is the product solving and how is that benefiting you?
Support for OpenVPN - free in pFsense, but a paid for option in other appliances.
OpenVPN laptop clients and site-to-site VPN clients, we have sme very complex teleworking IP use-cases.
Support for Wireguard for lightning-fast mobile device (dial on demand) remote access).
Support for IPv4 to IPv6 Tunnelling (Hurricane Electric) as our ISP doesn't natively provide any IPv6 addressing on our WAN, but our products need IPv6 for testing.
Total containment of traffic for those "less trusted" interfaces.
OpenVPN laptop clients and site-to-site VPN clients, we have sme very complex teleworking IP use-cases.
Support for Wireguard for lightning-fast mobile device (dial on demand) remote access).
Support for IPv4 to IPv6 Tunnelling (Hurricane Electric) as our ISP doesn't natively provide any IPv6 addressing on our WAN, but our products need IPv6 for testing.
Total containment of traffic for those "less trusted" interfaces.
- Leave a Comment |
- Mark review as helpful
pfSense makes it easy to keep my network safe
What do you like best about the product?
pfSense has an easy to use graphical user interface and plenty of documentation which can be referenced directly from the GUI. For those that enjoy command line, pfSense provides a CLI that is easy to use and that provides access to the core OS and additional controls.
What do you dislike about the product?
If you like spending money on expensive solutions then pfSense isn't for you.
What problems is the product solving and how is that benefiting you?
pfSense keeps my network safe and secure. What else can I say?!
10 years of pfSense Community Edition led me to buy NetGate hardware when the old hardware died
What do you like best about the product?
The router and firewall software are absolutely top notch. I got a CCNA when it first came out and spent years with Cisco hardware and Microsoft software and thought I was dealing with the best, but a jerkoff tech kid I had to work with during a gig at IBM introduced me to pfSense Community Edition and I was instantly hooked. It's beyond comprehensive; it can do anything I'm called upon to do easily, and I'm confident it can do anything I can imagine doing. I'm not a network guy -- networking to me represents a 2-3 day chore at the beginning of a project where you slog and you Google and you tweak until sometime after 2 in the morning -- *ping* -- it starts working, you don't dare touch anything, and you get to start your job 3 days behind.
pfSense is the antithesis of that. Its documentation is fantastic, its support community unparalleled, and this time around when I replaced my hardware and just went with NetGate hardware it was even better. I had trouble getting it configured and their engineers quickly helped me isolate the problem (the ISP), very kindly helped me undo the hacked-together spoof-based solution I had come up with, and then helped me factory reset and configure the router correctly.
As I said, I'm no network guy -- but I know a lot of them, and I'm sure they'd agree. Go with pfSense.
pfSense is the antithesis of that. Its documentation is fantastic, its support community unparalleled, and this time around when I replaced my hardware and just went with NetGate hardware it was even better. I had trouble getting it configured and their engineers quickly helped me isolate the problem (the ISP), very kindly helped me undo the hacked-together spoof-based solution I had come up with, and then helped me factory reset and configure the router correctly.
As I said, I'm no network guy -- but I know a lot of them, and I'm sure they'd agree. Go with pfSense.
What do you dislike about the product?
The only thing I can think of is the problem of "overchoice." The software is incredibly "plastic", which can be a good or bad thing -- if you're prone to address networking problems by just throwing switches and seeing what happens, well -- they give you one hell of a lot of switches.
But I for one appreciate it. They provide guides and wizards that work great, and if you go through the docs and read the community boards you never get the sense that their support group has lost interest in some aspect of their product and just hands you the rope to hang yourself with (my general experience with Microsoft, for example).
But I for one appreciate it. They provide guides and wizards that work great, and if you go through the docs and read the community boards you never get the sense that their support group has lost interest in some aspect of their product and just hands you the rope to hang yourself with (my general experience with Microsoft, for example).
What problems is the product solving and how is that benefiting you?
Basic road warrior VPN use, providing a safe way to protect a public server inside our network
Regularly suggest others use Netgate appliances and pfSense.
What do you like best about the product?
Open-source backed with included updates. Enterprise features, regular community involvement.
What do you dislike about the product?
Would like a (lower-level) command line interface for more rapid configuration.
What problems is the product solving and how is that benefiting you?
Firewalling, NATing, routing participation (via FRR). Remote access and site-to-site VPNs.
The best Firewall in the market
What do you like best about the product?
The fact that the product is in the prodiction for long time and its origins are in the opensource. I use in the infant stage when the name was m0n0wall. Then the product grew and convert to pfsense and now witht he appliances that are the best option for the enterprises. The fact that you can add packages and all those is being maintined and you see the improvement version by version.
What do you dislike about the product?
I only see one issue with pfsense. This is the lack of MFA to administer the GUI. We have the radius that works well in the user validation for VPN and WiFi; but still not MFA for the admin. You can have your admin network and limit where the administrators log in, but still is missing that. The big issue is that some Cyber insurance companies are requesting that like a must in any appliance and the fact that there is nothing makes the system not in compliance. This is not complex to deploy on PFSense. Every day I see more and more companies asking for it and basically there is not a good reponse on this matter. I really would like this to be coming in the product in the next release. Right now over EU and North America we have a lot of companies pushing for this on their devices. This is something that I belive should be addressed with a level of High Importance. I have customer close to change platforms because somethign that is so basic for them is not there.
What problems is the product solving and how is that benefiting you?
PFSense is an excellent Firewall. It has good packages to secure your operations. IDS/IPS, pfBlocker are some of the best must install in all our deployments. VPN offers a good way to connect networks and people. I think product today is in a good stage of development and it has to continue with the improvemet and features that is showing the advantages that is has over its alternatives.
pfSense and Netgate are great
What do you like best about the product?
We don't need it often, but when we do the email support has been quick and great.
What do you dislike about the product?
I'd like to see more development on the CE edition.
What problems is the product solving and how is that benefiting you?
Remote office connectivity and Intrusion detection
Versatile Software & Reliable Support
What do you like best about the product?
pfSense is incredibly stable & reliable. I enjoy the monitoring capabilties the most as a network engineer at a home automation & networking company. They are great for disputing service issues with ISPs.
If there are to be issues, support is quick to respond & give you a helping hand. We've had most of our issues resolved within a few emails.
If there are to be issues, support is quick to respond & give you a helping hand. We've had most of our issues resolved within a few emails.
What do you dislike about the product?
Honestly, I do not see many downsides to using pfSense. If you are exploring pfSense, you are likely a network admin/engineer or a more advanced end user. So while I would not call pfSense beginner-friendly, I would imagine that is obvious.
What problems is the product solving and how is that benefiting you?
Not so much problems, but needs:
- VPN for remote staff & remote access in general.
- Firewall is reliable & not horrible to set up.
- AD/LDAP integration.
- Swift access through firewall & VPN. Speed is not compromised severly like it is with other brands we have used.
- **Versatility/Customization!** We have used pfSense in completely isolated systems solely to bring together IP-based security systems. We have also used pfSense for office networks with many VLANs, advanced firewall needs, VPN access, etc. For monitoring services with our service contract clients with residences filled with home automation (Savant, Crestron, Control4, etc.), we have used pfSense in the past, too. We are actually planning to bring them back for our new clients who ask for monitoring as we have yet to find another router/software capable of pfSense's accuracy & reliability.
- VPN for remote staff & remote access in general.
- Firewall is reliable & not horrible to set up.
- AD/LDAP integration.
- Swift access through firewall & VPN. Speed is not compromised severly like it is with other brands we have used.
- **Versatility/Customization!** We have used pfSense in completely isolated systems solely to bring together IP-based security systems. We have also used pfSense for office networks with many VLANs, advanced firewall needs, VPN access, etc. For monitoring services with our service contract clients with residences filled with home automation (Savant, Crestron, Control4, etc.), we have used pfSense in the past, too. We are actually planning to bring them back for our new clients who ask for monitoring as we have yet to find another router/software capable of pfSense's accuracy & reliability.
Excellent Software and Hardware. Amazing support.
What do you like best about the product?
Very easy to implement and maintain. Hardware is solid with the newer generation of devices. Being open-source is a plus, and the ability to enable specialized lists for security is fantastic.
What do you dislike about the product?
The use of eMMC is a little confusing. I understand the use of it for small devices, but for the larger devices for business, it seems to have a high failure rate.
What problems is the product solving and how is that benefiting you?
Ability to connect multiple locations with multiple remote workers in a safe a secure manner. Ability to keep track of devices connecting to our networks and to segment particular users and devices.
Solid enterprise solution
What do you like best about the product?
Simple use for basic needs as well as vast depths to fine tune and secure infastructure.
What do you dislike about the product?
Reliance on 3rd party utilities (pfBlockerNG for example)
What problems is the product solving and how is that benefiting you?
Solutined as a replacement/upgrade for older Sonicwall appliances.
Various remote user connections (OpenVPN)
Site to site connections (IPSec)
Exposing some web services to external (HAProxy)
Various remote user connections (OpenVPN)
Site to site connections (IPSec)
Exposing some web services to external (HAProxy)
Support
What do you like best about the product?
The support is absolutely very good in many ways.
1- The community is fantastic.
2- The pfSense documentation is extensive and thorough
3- The business support model is fantastic by its availability and openness
(We bought a TAC enterprise contract and find, it is of really very good value).
1- The community is fantastic.
2- The pfSense documentation is extensive and thorough
3- The business support model is fantastic by its availability and openness
(We bought a TAC enterprise contract and find, it is of really very good value).
What do you dislike about the product?
Even though the WebGUI is well organized and very descriptive it falls short of describing the full aspects of parameters and their incidences.
It would be great if it could be linked to the documentation or a wiki or even specific forum posts.
It would be great if it could be linked to the documentation or a wiki or even specific forum posts.
What problems is the product solving and how is that benefiting you?
Routing and network management
showing 51 - 60