I was looking to improve my security posture. Bottom line, I just wanted really high-quality cybersecurity. When I look at appliances for cybersecurity, they can get up to almost seven figures for some businesses. So, this was a good compromise for me.

It optimizes performance right away. That is apparent to your everyday user. It makes the whole system work better and more efficiently. When there is an intrusion or an attack, it's very easy to eradicate the issue.

Before having the cybersecurity mechanisms I have now, even with VPNs from the App Store, I faced issues like hijacks that became multi-day issues where I had to perpetually get into some type of power struggle through remote based issues from another cyber threat. For example, in October 2022 or 2023, I sat down at my computer to move files from a cloud-based drive to an external hard drive. I opened the cloud drive, and all the files had been corrupted/damaged intentionally. Someone specifically corrupted the entire iCloud Drive. I called tech support, and the next day, there was an iOS update. Since I implemented the security appliance, I haven’t had this issue.

It means there's a better level of security in terms of what you can build into your system than is available through downloadable software.

pfSense helps prevent data loss:

I haven't had one issue of data loss since implementing it. Previously, I had to file reports with the FBI and CIA because the intrusions were so serious. These documents had criminal penalties associated with tampering. I haven't had one of those instances since using pfSense. Netgate and pfSense are good go-tos, even for the government. They often use Netgate as their server, and the military uses it too. The fact that the American military and foreign militaries use Netgate was a big selling point for me. It's good quality for what you pay.

It's a really great entry-level way to see how much, and it's scalable, too. When you talk about flexibility, the important thing to know is that the appliance and the software are scalable, too. I can start at the entry-level point, or I can build in and scale it up to enterprise-quality software, too.

pfSense Plus:

I use pfSense Plus. I use VoIP through the router.

It minimizes downtime in terms of having to debug and things of that nature. When there's an intrusion, it doesn't turn into a multi-day issue. It took me about ten minutes to eradicate one aggressive intrusion. Simple maneuvers resolved it quickly, avoiding days on the phone with tech support.

There was an instance where my firewall software—I don't know what happened exactly—but I did have to call tech support. Something happened where my firewall needed to be completely reconfigured.

So, are the entry-level ones invincible? No. But do they save you tons of effort in terms of preventing a lot of problems that could get worse? Yes. It's like a preventative measure to cancer before it spreads. It helps you catch things quicker before they spread and become something bigger.

The visibility that pfSense Plus provides helps us optimize performance. I feel more comfortable exchanging information and having personal conversations. It makes me more comfortable, more confident that what I'm doing is not... Some people I even work with are just not comfortable to talk openly. Some people are very email-retentive, like, "Do not click that hyperlink on this computer system. Don't do this or that." So it's understandable with some people.

It absolutely optimizes my entire computer system. In fact, I'm opening a brick-and-mortar storefront, and I'm going to use pfSense. Actually, I'm going to step it up to the TNSR software, but I use the Netgate routers because it optimizes performance. I feel comfortable to have a small to medium-sized office operating off this stackable network I'm creating. It's still a prototype, but I can have six screens, and that's really all I need. I can probably get six screens or five screens and a hardwired payment processing system at most if I need it.

Plus on Amazon EC2 VMs:

I haven't tried it recently. I did in the past, but I didn't have it configured correctly, so I can't truthfully comment on it. It was more complicated than I could set up. Like I have to pay for that. I can download the AWS EC2 application, launch the instance from a cellular device, and intermesh the cellular device into the router. That's also extremely valuable if I want to have a coworking situation where everyone's on my network a certain way, so when I do exchange information, it's highly confidential.

I get a mesh VPN network. I can have an enterprise-grade VPN for the business without spending too much. That's important for some people.

For me, I liked the pfBlocker, which is pfSense's firewall. I get a couple of different options with the firewall. I can use AWS as your provider to pass data through AWS's workstations to the router. There are a ton of important features.

I can build an instance, have it move through the router, and then be just cellular. There are so many great features.

I haven't even completely finished configuring it, and it's an ongoing process. There are always new, innovative, great things I learn. It's like a little gadget with a lot of great features. It's hard for me to decide what I like best and don't like.

It's pretty easy to customize. Once anyone gets past the technical jargon, it's highly flexible.

I would like to see a subscription-based tech support option as opposed to this flat yearly rate. I'd like to see more of a monthly tech support feature. I think that would be helpful for a different type of consumer. So, there could be more room for Netgate to expand. To me, it would have been nice to have a little bit more tech support at first.

But since I'm becoming so satisfied with this system I'm developing, I'm gonna step up anyway into the TNSR software. And when I do that, I get unlimited tech support.

So, it's kind of like this: if I don't want to pay for tech support, I teach myself and learn how the device works. And that's what I've basically done to this point. It's pretty plug-and-play but some of it is, like, if you don't configure it correctly, it just doesn't work.

I had a couple of instances where I was setting it up, and I set it up a certain way twice where I just didn't configure it in a way that it worked. I put so many security features in that I had locked myself out from even being able to log in.

So, it would be better to make tech support more accessible because they're really good at what they do, like behind the scenes. They know how to configure things through the terminal differently than I was.

System Reports:

Reports would be good, like system reports and functionality. Dumbing it down a bit more would help, too. We do have a Setup Wizard , but it is even less complicated in terms of setting it up because the user guide is 2,000 pages long.

So, the manual itself is, like, 2,000 pages for this device. If Netgate could make it a little bit less complicated for users. But, part of this appliance goes to IT departments anyway. So, they're more adept at setting it up than your average consumer. So that's generally who buys these things and sets them up. It's like your IT community usually gets involved with these because they understand that when you buy a computer, and you just start logging into the Internet, you've created a sort of dangerous atmosphere that not everybody understands by not making it safer. Everybody understands that when you log in if you don't even play with the settings on your computer. You're basically just setting yourself up to put your data out there like it's some type of free-for-all.

I bought my first router from pfSense in early 2023. It was pfSense's entry-level appliance, around January last year. I was so impressed with it that I stepped up to the 8200 level, which is one step beneath a TNSR-grade server. pfSense has two models of appliances that are higher than the one I have before I get into more elaborate appliances with different companies.

I've stayed with this one for a year and a half now. I still have the original, which is nice. I bought it to use for a prototype concept that was built in. It worked, so I stepped it up.

I don't really know how to compare it to anything more elaborate. For my purposes, it's been a ten out of ten in terms of what I was expecting.

Scalability was definitely what I was looking for, so I would give it a ten out of ten for my business needs. It's perfect right now.

If I can't get that level of security or sense of security, I can always stack the units more cost-effectively than going with something like Fortinet or Cisco.

I'd almost rather stack the appliances at this price point than get into a $7,000 to $ 10,000 appliance. I get a lot of security just by stacking them, too. So, I'd rate it as highly scalable. I'd give it a ten.

The customer service and support are excellent, especially when they're supposed to charge you and they don't. When my entry-level router was fried and needed to be rebuilt, they did it from scratch, they made it seem easier than I would have ever been able to do.

I had to download software onto a USB drive, insert the USB drive into the router, and then rebuild it from scratch because, for whatever reason, it was completely trashed.

So, I get tech support, and I pay for it. Unless I get the enterprise software, which includes unlimited tech support. Initially, I called tech support for help, and they were always willing to assist but reminded me of the limitations because I hadn't bought the support packages. Their tech support is excellent, 24-hour, and multinational.

I used some other DNS-quality firewalls, but they were cloud-based. Like cloud-based DNS providers, but not an appliance base. That's why I bought Netgate pfSense bottom-line product to test out a prototype concept. I was satisfied with it, so I set it up to be highly competitive against everything virtually, except maybe a really high-end computer lab that could cause some type of intrusion.

Buying it, brainstorming, and waiting for it, as they build each one for you, which takes about two weeks.

I wanted it partially because it's not one of these fantastically elaborate routers that you would just want to be completely encapsulated and protected a certain way. This is the kind of router that I wanted to be able to bring around with me, too, because I created a mobile stackable cellular network with it.

I have it attached to an entry-level desktop that was not custom-made or custom-built but premanufactured. But it worked well. I wanted more processing speed than I have now. I just didn't have time to step up my processor. But, unfortunately, with the system I'm on now, you can't switch them. So it's fine. It's a grade lower than what I wanted, but it's fine.

Creating a Portable Network:

But what is good about this is that it does work for what I was trying to do, making it mobile, stackable, and cellular. I can put a laptop. I can get a laptop as long as it has, like, a hard drive, and I can download the SI Labs, the Silicon Labs software onto the laptop. Then, I can connect the router to the cellular, like a cellular modem, which is what I have. I have one of these Netgear Nighthawk mobile cellular so it's like a cellular modem. So, I put in a SIM card with unlimited data. I connect the the Netgate router to the cellular modem, and now I connect the computer to the router. And if it's a laptop, I can connect all of this to, like, a portable network, and now you have a portable network. So I have, like, a portable point server if I want for significantly less.

Security Considerations:

You're not gonna get that level of cybersecurity on a mobile device unless you configure it that way. I mean, you could. You'd have to be getting into, like, your your, like those kinds of vans that you see on movies where they have, like, like, those vans where they're doing, like surveillance and intelligence work. Netgate pfSense is pretty excellent quality if you wanna sit at a cafe and feel comfortable doing business and things, not being on their Wi-Fi.

Future Deployment Plans:

Right now, I'm getting ready to put enterprise-grade software on my devices exclusively; that's what I'm going to do until I get the business off the ground.

The real deployment will be once I'm transacting service-related business against the appliance. I'm going to open a healthcare practice in Europe. I have a business in the United States that I structured to be a multinational business. I'm going to take this network and put it into a 30 to 60-square-meter office space.

I'll probably have about ten employees, but none of it will be for their personal devices. The purpose of the network will be to offer a secure Wi-Fi network to my patrons and to set up payment processing and other business-related tasks. It's going to be a small scale, with maybe six computer screens tops.

I have seen ROI, it saved me time by preventing frustration and loss of content, data, and time. The confidence it provides also pays for itself.

I used to deal with intrusions weekly, spending anywhere from an hour to several hours each time. Now, it's less tedious and frustrating to optimize and eradicate threats and intrusions.

It’s like a high-maintenance car that needs fine-tuning but ultimately runs smoothly.

It's highly cost-effective for both the average consumer and business users. It's highly competitive, which is why so many people use it. It's extremely down-to-earth compared to Fortinet or Cisco, Netgate doesn't reach that financial tier but is extremely competitive and extremely cost-efficient. They offer superb levels of service for what we pay.

Currently, my setup is for a small to medium office. My first one was more for a home-based office—you could have a printer, computer, some gaming systems, TV. I would do a personal office with my first one, and this next one for a small to medium-sized office business for myself and others. I feel comfortable with that.

And they're also stackable, so I can scale it that way. It's highly scalable. It's really something worth playing with. And they offer a return policy, which is fair too, for the security appliance too.

The total cost of ownership of Netgate pfSense:

It's basically a one-off deal, which is good. You might consider building in installment payment options on the Netgate website, possibly with services like Afterpay or Klarna. This could appeal to noncommittal consumers. Personally, I would just pay cash upfront for my clients.

I'm clearly recommending it to others. It's scalable, cost-effective, practical, and down-to-earth. It's enterprise quality. It has a reputation that even the military endorses openly. When you buy something described as indestructible, and even the military uses it for their security, it says a lot. The government also uses it, testing prototypes and various things of that nature with it.

If someone looks at the website, they'll see a large naval ship where cadets are operating off that prototype, testing if they could use the step-up with the pfSense software. They were using a higher-grade appliance with pfSense software to see if it was feasible. This shows that it's practical because the price point is unbeatable for that level of quality.

The solution for me is a ten. It's still a prototype, but I'm confident I can meet the needs of a medium-sized office with ten to twenty employees. However, scaling it up for something like an Airbnb with a high level of traffic is uncertain. It's not like a navy ship with a hundred military personnel. For my needs, it's perfect.

It's a solution for my personal needs, and I feel confident about it. Looking into the future, scalability-wise, I think it meets my needs. But when you get to a different level of e-commerce, I'd be interested to hear their perspectives too.

I work for a small business. We have a number of different remote sites, so I use the solution as my primary firewall. I use it as a way for my remote sites to connect back to the main office via VPN.

The VPN features are the most valuable aspects of the solution.

It's pretty flexible. It does everything I need it to do. My use cases are somewhat limited.

I do like how easy it is to restore if you lose a router. I lost a firewall over the weekend at one of my remote sites. As of right now, I'm setting up a new piece of hardware and restoring it. It couldn't be more simple.

There are features in pfSense that help me to prevent data loss. It's relatively easy for me to back up what I need. I've created a pretty simple script that I run on a computer inside of my network that reaches out to all of the different pfSense firewalls that I use. It grabs a config file. And that's pretty simple. It's a script that runs daily. I could probably even run it weekly. It simply reaches out and grabs these things and backs them up. Data loss is not something that I'm really concerned about as long as I have a good backup, which I do, and I check it regularly.

It’s easy to add features to pfSense and to configure them. I don't add a lot to pfSense with regard to the package manager that it comes with. That said, the packages that I do use are easy to install, easy to update, and easy to configure.

I witnessed the benefits of pfSense immediately. I have what I consider an enterprise-class firewall and routing stack at a pretty reasonable price.

pfSense gives you a single pane of glass type of management. You can see pretty much most things inside of the firewall, everything from bandwidth charts to DHCP leases - anything you've set up with regards to DNS. It's got pretty good logging features. I wind up sending most of the Syslog information from pfSense to third-party logging software. That’s why I'm not really using it to peer through logs. However, to do quick checks, I'll use it. The UI is pretty similar to Netgate. It makes a lot of sense.

pfSense provides features that help minimize downtime. The high availability configuration allows me to mitigate downtime. I've worked with their deployment team to set that up and also set up the LAN. Regardless of whether or not I lose a firewall or an Internet connection, my connection to the Internet remains pretty resilient.

The visibility in pfSense helps optimize performance. I'm primarily using it to see how our bandwidth is being utilized. Outside of that, I'm not using pfSense to visualize a ton of data. I offload pfSense data to third-party software that I use to visualize things that are happening on my network. If I just pop in and take a quick glance at what might be going on in my network, it's sufficient.

I'm hard-pressed to think of a needed additional feature. It would be nice to see which packages are officially from pfSense and which are from a third party in the package manager.

I've been using the solution for more than a decade.

The stability is rock solid.

I haven't really had to scale my deployment. My deployment was for an in-place network. My network hasn't changed much as I've redeployed the pfSense over the years.

The speed of response is good. It was well within the SLA.

They were incredibly helpful. They answered follow-up questions in a timely manner. I was very pleased. I have had to use it very minimally. However, I was very pleased with how it worked.

I may have used something different a decade ago. Since then, I've been using pfSense. We're a small business. I do have some Cisco hardware, however, I'm not using it on my edge network. It's mostly just for switching.

I typically buy the hardware myself for the installation. I have one or two pfSense appliances. One is sitting on a rack as a backup unit in case I need it. I have a couple in the field. At the end of the day, if I'm going to buy the appliance, I get a year or two of CE. I'd much rather just buy the hardware myself and purchase a CE or get a Plus license.

It's incredibly easy to deploy. Even for a new engineer, it would be pretty simple.

I am in the process of restoring one. It took me 20 minutes to flash the image to a thumb drive, install it on the device, boot the device, restore the configuration backup, and have it up and running. I'm familiar with the hardware that I purchased, and I take and test good backups. That said, the process is incredibly easy. It takes very little time to deploy something that has failed.

With regard to a new setup, it's impossible for me to answer broadly; however, even then, it's not a long time. It just depends on how sophisticated a given user's network is.

There is very little maintenance outside of updating the software.

I deployed devices to our remote sites myself. I used Netgate Professional Services to help deploy a high availability stack at our main office, and they were outstanding to work with.

Anybody not using it, at least at the small or medium business level, is crazy. There's a significant return on investment. We're getting a pretty state-of-the-art device that runs OpenVPN and some other VPN software. It's not Cisco. It's not Juniper or any of the others out there. However, I keep my ear to the ground with regard to vulnerabilities generally out there, and it seems like there are far more vulnerabilities that you hear about day-to-day in their competitors than in their software. At the enterprise level, there may be some more sophisticated and purpose-built solutions. That said, pfSense meets all of my needs. I can't imagine it not meeting the needs of anybody in a business my size and slightly bigger or slightly smaller.

The licensing is fair.

I'm a pfSense customer.

There are two versions of pfSense. The plus version, which is paid, and the community edition, which is free. I primarily use plus.

I'd rate the solution ten out of ten.

We use Netgate pfSense as the next-gen firewall because it has a lot of additional capabilities.

The solution's most valuable features are its ease of use and versatility. You can do anything you want with it. We implemented the solution for better security at better prices.

Netgate pfSense is extremely robust and stable compared to other firewalls.

You can use Netgate pfSense as a very basic firewall or with next-generation capabilities and full monitoring. With the command line and the openness of the platform, you can do a lot of things with the tool.

It is extremely easy to add features to the solution and to configure them. We have extensive monitoring capabilities that we have configured into Netgate pfSense so that we can probably monitor any firewall available. We have also utilized the solution's DNS black holes features.

When configured properly, the solution's data loss prevention capability is absolutely top-notch. We use the solution to monitor and detect users' odd or anomalous behaviors on the network, which are usually malware-related. We also use the tool to protect against various blacklists.

We use Netgate on Amazon and have one of their firewalls. Using pfSense Plus on Amazon EC2 has helped simplify our EC2 network. It has definitely helped us with Amazon and tightening things down there.

With the inclusion of firewall, VPN, and router functionalities, Netgate pfSense's total cost of ownership has been very good. For your infrastructure, you're typically looking at five to seven years. Netgate pfSense is definitely punching above its weight in that sense because it comes at a lower cost.

Based on our experience, it lives that long and longer than what you would expect. The solution's ROI and longevity do shine in that sense.

The solution's internal logging could be improved. However, it does have some external logging capabilities. It would be more problematic if you didn't have a very robust environment. We developed our own internal API about five to six years ago, but I hear all the time on newsgroups that one of the solution's biggest problems is API.

I have been using Netgate pfSense for over 15 years.

I rate the solution a nine out of ten for stability.

Netgate pfSense is a highly scalable solution. I would say there are at least three of us who are fairly proficient with the solution, almost at an expert level. We have a few others who utilize it, but they're limited in what they can do. Most of our clients for Netgate pfSense are small and medium-sized businesses, but we also have some larger businesses.

I rate the solution’s scalability ten out of ten.

The times I've worked with the solution's technical support, they've been excellent.

I rate the solution’s technical support a ten out of ten.

We are in the managed IT space and constantly deal with numerous, big name firewall vendors. Aside from the cost alone, Netgate pfSense provides a lot of benefits. Even if Netgate were the same price as the rest of the other vendors, I would still prefer to use Netgate just because of its ease of use.

The solution's initial setup is very straightforward. There's even a built-in wizard that will take you from out of the box to basic firewall setup in about 9 steps.

The solution's deployment time depends on the complexity of the environment that you're going into. On average, the deployment takes probably less than a day. We have a team involved in the solution's deployment.

We have seen a return on investment with Netgate pfSense. We've won some bids for firewall replacement jobs based on the cost alone.

I think Netgate pfSense is very fairly priced. I think it's a great way to get people locked in by being a little bit cheaper than many other solutions. Once they see it, they wonder why they would use anything else.

One of the features of pfSense Plus is backup capabilities, which didn't really help us because we had our own backup solution built in for several years. We also keep additional firewalls available if something like a storm comes through so that we can restore the configuration in five to ten minutes without too much trouble.

pfSense Plus doesn't provide a lot of features and benefits, but we use it because we want to see them continuing to develop the solution.

Netgate pfSense gives us a single pane of glass management, but we don't live in the firewall itself. We monitor it from our single pane of glass, which we're pulling about 20 other security stack solutions into as well. We're pulling in a lot of other enterprise-level solutions, including EDR, vulnerability scans, domain filtering, etc.

Since we have a few hundred clients, we have both cloud and on-premises deployments of Netgate pfSense.

Any product requires some care and feeding. It goes back to our monitoring aspect. As a general rule, you have some firmware updates about every six months. You definitely have a few things to maintain here and there in Netgate pfSense, but it's minimal compared to other solutions.

The solution's cost alone is well worth it. I would recommend it for its adaptability to any complex environment with added security features. You can start off by just doing a standard firewall and then grow from there and really expand on its security features. I really can't think of any reasons why you wouldn't use it. Netgate pfSense is pretty much all we use, and we use a lot of different vendors when we go to different places.

Overall, I rate the solution ten out of ten.

We are a reseller. We resell the product to our customers as we are an MSP. We use it for various different verticals, from manufacturing to schools to typical offices. That is mainly the use of this solution.

There are a lot of limitations with competitors like WatchGuard and SonicWall where there are a lot of costs for licenses to utilize their products. We felt that by going to pfSense, we have a little bit more freedom. We can use certain features without having to pay exorbitant costs for licensing. It is better for the small to medium-sized customers.

They are the most flexible, for sure. In my experience, it is quite easy to add features to pfSense and configure them. There is a lot of support from the local community. Because it is an open-community-built platform, there is a lot of support out there. Adding features and configuring them seems to be quite simple from my experience so far.

There is an overall performance increase. The hardware is much more performance-driven. The constant upgrades certainly make it easier to keep up with the evolving environment. The community-driven platform certainly helps to ensure that things are kept current.

pfSense gives us a single pane of glass management. There is a user interface and also the command line. The user interface is very friendly and easy to navigate. The single pane of glass management certainly increases productivity. The ability to look at one single pane of glass, add different widgets, and see things at a glance certainly helps to cut down the time of looking for certain statuses or things like that. It makes things more efficient.

We deal with pfSense Plus in a few cases. It can help minimize downtime. We have not experienced it in any sort of live environment, but I am confident that it would.

pfSense Plus provides visibility that enables us to make data-driven decisions.

It optimizes performance, and in most cases, it affects operations and makes things more efficient. Efficiency means money.

The ability to utilize the features instead of having to pay a license fee for every single thing that you want to use on a firewall is valuable. A lot of other companies give you a firewall out of the box that has very basic functionality, whereas pfSense gives you all the good features, and if you want to have more advanced features, you can pay a fee. You are able to use a lot of the features that you cannot use on other products. That is the best thing.

It is very good from a troubleshooting perspective. Things like logging are very good. We have been using these firewalls with filtering very successfully, and VPN has been very successful on them. We have not had any issues with that.

One thing that stuck out to me was the move to use plastic chassis on the Netgate devices or products. They are moving away from using metal chassis, and I find that the plastic seems to get hotter than the metal. Other than that, they are such great devices. They always seem to have all the cool things and bells and whistles.

One thing I would like to see Netgate do is to have a cloud-based management portal, similar to SonicWall, WatchGuard, Ubiquiti, etc. With all these platforms, you create an account, and you have a way to cloud-manage these products. Currently, one of the challenges that we face is not being able to manage those things from a centralized platform. It has always been one thing I have dreamt of for Netgate. That is the only place where it falls short. Apart from that, they are far superior in building, keeping up with the times, and keeping things current.

It has been probably eight or nine years.

A couple of times we have had some strange issues that have been unexplainable, but overall, it is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

They have been fantastic. I have never had an issue, and it has always been very good. They are a highly intelligent and very resourceful team. I would rate them a ten out of ten.

We have used everything, such as Cisco, SonicWall, and WatchGuard. You name the flavor. We have used them all, and Netgate is definitely a much better product than those. It also depends on the use cases.

It has been very straightforward to very complex. We have set up entire data centers run by Netgate devices to small offices using a 2100. We have gone from the most complex to the least complex. We have seen everything in between.

Its deployment is a matter of hours. Our clients are small to medium size. We have about ten people working with pfSense.

It requires general maintenance. We have to keep up with firmware and updates. From a physical perspective, there is no maintenance.

It is very cost-effective. There is 100% ROI.

They are on the higher end, but you do not get stuck with spending thousands of dollars every year. You do not have recurring license costs to have people use a simple feature like VPN. That makes it more cost-effective in the long term. There is a very good price point. No one ever complained, and I have not ever thought that they were overpriced. That is for sure.

If you are looking to deploy a product that is reliable and high-performing and that is going to be cost-effective for yourself or your customer in the long term, you are doing the right thing by looking at Netgate.

I would rate Netgate pfSense a ten out of ten.