Easy to use, configurable, flexible, excellent user group support
What is our primary use case?
I can restrict IP addresses by country, for example, which is very useful. If I don't have business traffic from specific regions of the globe, I can restrict them. I loaded SNORT and started playing with some of the rules and packages.
Overall, I've experienced fewer problems since I started using it at home, so I'm very happy with it. It's very flexible. I think it's extremely flexible.
I can configure as much or as little security as I want. A lot of it comes out of the box and I can fine-tune it toward my needs according to my knowledge, obviously. I think it's pretty flexible, yeah.
How has it helped my organization?
Less down time, less denial of service attacks.
What is most valuable?
I received a great deal of guidance and help from the technical user group, the forums are awesome and the community is outstanding.
Netgate technical support is also very good although it incurs a cost.
The software is easy to use and rather flexible, it is just a matter of getting to know it.
You can buy the appliance pre-configured, there are many models available, to suit your needs and your budget.
However, you don't need to buy the hardware, which is what I'm really excited about, in other words, you can buy the service on the AWS cloud.
Since I purchased the service, I have not had as many denial of service attacks, it minimizes downtime by reducing the number of computer crashes, so yes, it increases uptime.
The solution is very flexible, you can configure as much or as little security into it as you want, a lot is available right out of the box, you can fine-tune it.
I saw results of using the solution immediately. You can start restricting IP addresses by country right away. That's very useful. It's easy to restrict regions.
Overall, I have experienced fewer problems since using the solution.
pfSense does provide a configurable dashboard, however, you have to connect to it through a browser. I can see a lot of stats in a single pane that is quite flexible. It does what I need it to do so far, you can add or remove sections.
It doesn't directly minimize downtime, however it does indirectly, by minimizing the number of DDoS attacks. This increases uptime. Since using pfSense, I don't have as many attacks.
I use pfSense on an Amazon EC2 virtual machine. It works well in the cloud. This implementation optimizes resource utilization because it doesn´t rely on static hardware which quickly reached EOL support, I can grow/re-size easily.
I can take it with me wherever I go - as long as I have a network connection, laptop or cell phone without being tied to hardware.
What needs improvement?
I'm not knowledgeable enough to suggest new features. The use has been very straightforward. Whatever questions I've had, I've found videos to help me on YouTube, or I've been able to ask the forums.
I've also reached out to technical support and I've received help although there could be more videos or tutorials from Netgate, in addition to third parties who have already implemented it, which is great.
I have suffered a lot of problems over time but I don't think the problems are related to the hardware or the software. I am convinced that the problems have been related to hacking during configuration.
During the setup process, while experimenting, the device would stop working or the password would suddenly not allow access, requiring re-installation and re-configuration, it was very slow going until I moved to the cloud.
The dashboard is a little bit slow and the reporting isn't always current or immediate but acceptable. I'm not sure I can make data-driven decisions due to insufficient volume. I would need enhanced reporting, statistics, playback.
I haven't looked at the reports a lot since because you have to access the log files, time is an issue, I use it in a home office environment.
For how long have I used the solution?
I have been using pfSense on and off since August 2015 when I bought my first device with the pre-loaded operating system. I've been working ON it ever since, on and off.
What do I think about the stability of the solution?
I suffered a lot of problems but they are not related to the hardware or the software. They were related to hacking that I was subjected to. The device would stop working. The password stop working suddenly. I had to reinstall the whole thing. So it would be very slow going. 100% up time since I went to the cloud. There you have it in a nutshell.
What do I think about the scalability of the solution?
I'm not tied to the size of the hardware that I'm using. An SGA 2440 is a really nice device for a home office. However, if I should grow into a business, then all I need to do is resize the virtual machine capacity. I don't need to buy a new device and reconfigure it. I can just grow the device that I already have. That might imply a migration but not reconfiguring from scratch.
How are customer service and support?
The support is excellent quality, yet it's expensive.
They're very quick to rule out things if they're not cutting edge. In other words, if it's not a new device, if the device is near its end of life, they tend to kind of say, "well, you know, no. We don't deal with that anymore."
My device was still supported, although older. In any case, it was clear that they were not going to give it as much effort as something in its main life cycle. My impression was that it I was summarily brushed off on account of age.
User groups helped me a great deal. Support offers a certain amount for free when you get the subscription in the cloud which I purhased. However, if you have a really big issue, then you have to pay for support.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I looked at another Netgate option which also runs in the cloud on AWS. I haven't used/evaluated it. I don't remember the name of it although it looked very interesting. I settled on Netgate because my friends recommended it.
Malicious behavior is something that I've noticed over the years and it is growing.
I sought help and joined a nonprofit organization locally whose charter is to educate people about the dangers of being on the Internet and how to modify their behavior to minimize the risks and protect themselves.
This solution is very configurable, reliable and approachable open-source software. When I re-nstalled the latest version on my home device, I downloaded it for free, I got an invoice from Netgate for zero dollars.
Netgate makes money from subscriptions on the cloud or selling the hardware with the installed operating system. However, the operating system is still free. It's still open source.
The community is wide, and there's a lot of help available. It's relatively cheap if you buy your own hardware and very configurable.
I can't say that I went into a very exhaustive investigation of other options. When you're ignorant or inexperienced like me, it requires a huge time investment to make the evaluation, I discarded over the counter solutions.
So you try to approach people who have already evaluated a whole bunch of products, and ask them to tell you which one they think is best, most flexible and configurable, NETGATE pfsense was the overall winner.
How was the initial setup?
The initial setup in the cloud is easy and I received good instructions and a fair amount of coaching when I purchased the service.
The on-premise appliance, which was also pre-configured did not come with instructions, so it was less straight forward. I didn't have a guide. It didn't come with a manual. It was more difficult for me and I struggled a great deal.
The second time around, I already had seen the operating system its interface, configured it, reset passwords, the whole thing so I was more comfortable with that, received more help and had more documentation available online.
The cloud version was easier since even if I did not have a lot of experience, I had more help. Maybe it's just the perception. While it wasn't difficult for an inexperienced IT person, it might be a little more complicated for a regular user.
What about the implementation team?
Netgate has TOP of the line expertize and customer service.
What was our ROI?
Not measurable in the USD but considerable in terms of productivity.
What's my experience with pricing, setup cost, and licensing?
It's a little expensive in my region. I really want to buy a device, a hardware device, and have it on-premises. I want my own security gateway appliance at home, my own router to log into, configure and play with.
However, I don't have that, my SG-2440 just died from a power surge, it's a huge up front investment and it is also more vulnerable in more ways than one.
An average device costs around $500, is vulnerable, can be stolen, damaged by electrical surges, tampered with.
If I buy the subscription in the cloud, I eliminate the danger of theft and losing my investment, and I can take it wherever I go. I feel more secure with the cloud version, even though I know it's more expensive.
The cloud lease cost $50 a month at the time I was interviewed, about $120 now, a lot of money for me. However, it has been worth it. I can access all of the resources remotely, manage, configure, upgrade, use at home and on the road.
Which other solutions did I evaluate?
No, I asked around for recommendations.
What other advice do I have?
I'm just a customer considering a partnership.
I now have a pfSense subscription on AWS, I've installed it on my laptop and mobile devices. I can use it at home and away from home. My cell can share Wi-Fi and extend the benefits to others around me.
I'm considering alternate architectures to split my home office network using an on-premise device here at home.
That will allow the mobile component on the AWS Cloud for my cell and my laptop if I travel, since the OpenVPN is installed on them, as well as the ethernet connection from the home appliance for wired access to repeater, TV, laptop.
It doesn't matter if it's Ethernet or Wi-Fi everything will be covered.
Overall the product rating is nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
