We use pfSense as the primary firewall for our data center.
External reviews
419 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Had to cancel, too expensive for me now
Since the cost was dubbed, I can no longer justify they expense.
Like the product and use an applicate implementation in the office.
Gives us metrics about how the firewalls perform in terms of CPU and memory
What is our primary use case?
How has it helped my organization?
We have a high availability setup, so we have had no downtime. PfSense gives us metrics about how the firewalls perform in terms of CPU, memory, etc., but I don't think it tells us how to address it. If we have an issue, we can always open a support ticket.
What is most valuable?
I find pfSense easy to use and configure. We have a high-availability pair, so if one has issues, it will failover to the other automatically. Overall, it's been pretty easy to build VPN tunnels and functions like that.
What needs improvement?
I don't think pfSense is as good about monitoring as it could be. There are logs, but they're kind of hard to get to. You need to send it to a log monitoring system. It's good about monitoring and learning this. You'll get an alert if there's an issue with the firewall itself, but it's not detecting security attacks.
PfSense has the bare necessities essentially, but it isn't an advanced firewall that protects against layer 7 attacks or DDoS. It's not on the same level as Palo Alto, for instance. You can add some higher-level security features, but it doesn't do that out of the box. Maybe there's another functoin we can add to it, but it feels like it's not catching more advanced attacks.
For how long have I used the solution?
We've used pfSense for around five years.
What do I think about the stability of the solution?
The stability has been great. We've rarely had any issues that have caused a failover. When we do, the failover has made it. I don't think we've experienced any real impact from it that caused any product issues.
What do I think about the scalability of the solution?
While we've added more IP addresses and traffic, there are some limits to its scalability. We've run into this before with graphical issues. We opened a ticket about that, and they said they found a bug that they were looking into.
I think we're going to get close to reaching a limit with the mid-to-lower-end models at some point. The scalability is good but probably not great.
How are customer service and support?
Their response has been excellent. Sometimes we've opened a ticket, and we've gotten a response back right, other times it took an hour or so. They're responsive now.
In terms of the quality of their answers, they have been good to great.
Which solution did I use previously and why did I switch?
At previous companies, I have worked with Cisco and Palo Alto firewalls. Palo Alto is probably a better firewall because it does more blocking. It's also quite a bit more expensive. For what you get, a Netgate pfSense solution is a highly cost-effective firewall.
How was the initial setup?
It was in place when I joined the company, so I wasn't involved in the deployment. It requires some maintenance, like adding new firewall rules or VPN connections. We also upgrade it once or twice a year.
What's my experience with pricing, setup cost, and licensing?
Including the support costs and the hardware, I think pfSense is reasonably priced. It's very affordable. The total cost of ownership is favorable. We've had a hardware device that lasted over five years, and they're still doing well. We're able to buy at least software support for them.
What other advice do I have?
I rate Netgate pfSense seven out of 10. If you have an enterprise environment, I recommend having two for high availability. Make sure you purchase and keep up with the software support in case there are any issues. Those are the two biggest things that helped us out.
Will not launch in the US-WEST-2 region
I've successfully launched this in other regions, but it will not launch in the US-WEST-2 region. Please fix this! The system log shows the operating system halting and rebooting constantly.
IPsec VPN routing issue
GUI is very easy to use, site-to-site VPN tunnel established easily.
However, it seems miss routing config, I could not find a way to route traffic into this VPN tunnel.
showing 1 - 4