Netgate pfSense Plus Firewall/VPN/Router

We use pfSense and Netgate pfSense Plus Firewall/VPN/Router to establish a VPN tunnel between our client and our headquarters to transfer data between client and our equipment. It's very simple to use, efficient, up to date, and the hardware is very available; it's very safe.

We use pfSense and Netgate pfSense Plus Firewall/VPN/Router to establish a VPN tunnel between our client and our headquarters to transfer data between client and our equipment. It's very simple to use, efficient, up to date, and the hardware is very available; it's very safe.

Everything works well inside pfSense. It's affordable. For our use of pfSense, it meets one hundred percent of our needs. It features easy installation, and we use direct installation on the equipment rather than cloud deployment.

Regarding tuning, it's not really an advantage as we need that functionality.

The most significant drawback in recent years has been the cessation of firmware release downloads. In the past, when we wanted to update our equipment, we simply downloaded the latest firmware. Now pfSense has changed its policies. Instead of providing firmware for download, they require customers to proceed with updates through the cloud, which isn't an optimal solution for us. I prefer the old method of updating where we could download the latest firmware and install it directly. Without an internet connection, we cannot update our equipment, which is problematic.

Everything is very stable for us at the moment; we have encountered no problems.

Adding new equipment is very easy for our organization.

I am not in charge of networking in our company, so I may not be the most appropriate person to answer detailed questions. The solution is used for security to establish private communication.

We use OpenSense for our operations.

I usually use it on premises, and I use it for different purposes. I use it for network security for my infrastructure, and I use it for my web servers and data servers that are on-premises.

My main use cases for Netgate pfSense  are proxy servers and IDS/IPS, blocking ads, clearing the network for adware and malware, and monitoring the network flow. 

As an open-source solution, Netgate pfSense is highly flexible because a person with kernel-level or code-level experience can control the firewall as per their requirements, and there are multiple packages and tools readily available to integrate with Netgate pfSense. In the IT industry, most of the tools can be integrated with pfSense.

Adding packages to Netgate pfSense is very easy. I just need to search for the required package and then install and configure it.

Netgate pfSense has a very intuitive dashboard. The information is readily available on the dashboard.

Netgate pfSense has routing facilities that help minimize downtime while having multiple internet connections. If one bandwidth goes down, it automatically diverts to the other. 

Netgate pfSense helps prevent data loss by monitoring data transactions and network protocols, allowing us to block certain amounts of data and implement policies to reduce malware and firewall threats. 

From my perspective, the best feature of Netgate pfSense is the load balancer, as I usually take multiple internet connections. I can use both internet providers' bandwidth as a single network bandwidth, which helps in a very smooth network traffic flow. Netgate pfSense has a very interactive and intuitive dashboard that provides all the major and informative information that is readily available.

Netgate pfSense has positively impacted my organization because when we look at other firewalls or alternatives, they are costly. 

For my requirements and use cases, it is sufficient for me, and I have never faced a need for additional features. AI would always be a plus point, and if pfSense could change its framework from FreeBSD and PHP to a different language and Linux OS, that could enhance security.

I have been providing services for network solutions and network security, and I have been using Netgate pfSense for almost four to five years.

Netgate pfSense is definitely stable; I've multiple sites using it, and they are live right now. I've at least 20 sites operational.

It is a scalable product. I would rate its scalability a seven out of ten.

I have never used the services of Netgate, but I can rate the product itself as a 10 out of 10 because it has been very helpful to me.

Neutral

I have previously used Fortinet and Sophos. The major reason I switched from Fortinet and Sophos to Netgate pfSense was to mitigate the financial aspect, as those alternatives were costing us lakhs.

Deploying Netgate pfSense is very easy because I used to deploy it on my personal hardware. Whatever spare hardware I have, I install it directly on that. Installing and configuring it is very easy for me.

I deploy Netgate pfSense  for various companies. There are many startups in India that require a cost-effective solution that allows them to use their hardware and provide basic security. 

Deploying infrastructure for a new company takes me approximately one day, unless there are separate requirements to configure, such as creating usernames and passwords for each user, which may take two to three days.

I do everything in-house by myself. I am the only person involved in the deployment.

I have seen a return on investment with cost savings after implementing Netgate pfSense, as other firewalls would cost me lakhs of rupees while pfSense is free.

Everything we need is covered in the free version of the open-source pfSense. I have never used the licensed version or required certified partner help to implement or deploy anything.

If we are not purchasing any support or incurring any Netgate costs, the total cost of ownership for Netgate pfSense is zero, as it is freely available to download and install, requiring only hardware for deployment.

The cost of other firewalls goes to thousands and lakhs of rupees compared to pfSense, which costs zero. If we opt for Fortinet, it costs about one lakh thirty thousand Indian rupees for the firewall, and then it costs up to almost fifteen to twenty thousand annually for the user subscription. With Netgate pfSense, all those things get covered at zero cost.

I did not evaluate any other options aside from Netgate pfSense because it was the only solution I could find that effectively met my needs. It works for our use cases.

In terms of data-driven decisions, there is a package that can help me understand each and every packet and time. I have not gone through that avenue yet, but it allows us to get all the data for data-driven decisions.

There is a paid feature to increase performance, but there are multiple tweaks available in the advanced settings that can help increase bandwidth or usability based on requirements.

I have not used pfSense Plus on Amazon EC2  VMs because there was no requirement. 

I would rate Netgate pfSense a ten out of ten.

We have been building local firewall systems since 2008. 

The main use cases for Netgate pfSense  are its exceptional stability and reputation as a premier network operating system worldwide. Millions of people are using it, and we have rolled out a new hotspot system that works from the cloud. The service is running under the pfSense portal.

Netgate pfSense impacts our organization positively because it's open source and has a free edition, which helps us significantly in building our own systems for our customers. It helps in building a new firewall system for the Turkish market. It helps us substantially.

Netgate pfSense 's best features are that it's open source and flexible. We have implemented IPsec VPNs, site-to-site VPNs, and client-to-site VPNs. 

We appreciate the flexibility of the Netgate pfSense solution, but we have waited approximately two years for new updates to the Community Edition. We are now moving to OPNsense.

I appreciate Netgate pfSense because we have been using it for approximately 18 years, which is a considerable amount of time. We are waiting for pfSense to integrate AdGuard , Pi-hole, or Zenarmor directly into the pfSense kernel. When I install packages, such as Snort or OpenVPN  client export tool, I need to install AdGuard or Zenarmor because it's very challenging to ban TikTok, YouTube, or social media for our customers. In the early days, we managed this using SquidGuard, but since the blacklist has changed, we are struggling. There are many other blacklists I have tried, but I couldn't make them work. It has to be much easier for engineers to implement this. It's easy to integrate AdGuard into OPNsense; it becomes a function under the firewall. You can easily switch blacklists on and off, and create custom blacklists to block all social media with a toggle. We would appreciate such facilities in pfSense as otherwise, we have to manually enter all the websites, DNS resolver, and DNS overrides. Writing numerous rules on the LAN side during installation takes considerable time.

We have been using Netgate pfSense since 2008.

Netgate pfSense is a stable solution for me.

It's a scalable solution. Two months ago, I purchased a brand new server edition, a Lenovo ThinkSystem server with 128 GB RAM. I installed this pfSense server in a data center, and it's working fine. Many people connect via VPN; three or four sites are connecting site-to-site, and we also established another IPsec connection to one of the biggest ISPs in Turkey. It's working great now.

We have never asked for technical support from Netgate. We rely on the resources on the web for information.

Neutral

Two months ago, we switched to OPNsense , and we are now studying OPNsense . We made a strong decision to switch to OPNsense because of the large solutions. There are many facilities, such as AdGuard  and Zenarmor, which can be easily installed under OPNsense. We are studying OPNsense, and we will likely switch to OPNsense in 2025 because we are still waiting for a stable version of pfSense. 2.7.2 is very old, and we have switched to the 2.8 beta version, but we are still making our tests now.

Since we have been using pfSense for almost 18 years, we have learned extensively about Netgate pfSense. We have worked extensively and watched many educational videos from the United States, and we have made ourselves ready for pfSense. If one understands the system, it's easy to handle, but without knowledge, it's very challenging for everybody. Many people try to work with pfSense in Turkey with the free edition, the Community Edition, but they couldn't succeed because it's a complex system. It's a vast ocean, and understanding every protocol is necessary. Basically, all firewall systems are the same. Brands such as Cisco, FortiGate , and Sophos sell well in Turkey, and we are competing with these companies. Our target market is the small market, not the big companies or holdings, especially in the hospitality sector, where we deal with hotels and motels.

We would appreciate seeing facilities similar to OPNsense for Community Edition. In Turkey, people generally don't want to pay for yearly subscriptions to firewall systems. We barely recouped our investment for our Safe Hotspot system in Turkey. Competing with other brands such as Sophos, FortiGate , and Cisco is challenging. These brands also require annual payments, and due to Turkey's economic conditions, everyone is eliminating such costs. We have produced our hardware for pfSense, but it was not Netgate; it was only pfSense in the early days. We made our own rack mount 5 or 8 port firewall systems in Turkey and sold many.

The initial setup of Netgate pfSense is not complex; it's very easy. I can even have one of our resellers burn a pfSense USB stick and install pfSense without knowing anything about it. 

Because the Community edition is free, we only charge for our services to the customers. In Turkey, we cannot demand normal pricing; if we were in Europe or the United States, we might collect more money from customers. The conditions in Turkey are very challenging, and collecting payment is difficult. We often charge half or one-third of the price compared to Europe.

We would like to buy Netgate hardware, but when I checked its price in Europe, it seemed expensive.

I would rate Netgate pfSense a 10 out of 10.

I prefer this product because it is open source. Another thing is that it is Unix-based, so it is not affected by viruses or attacks. Support is also available.

With the right hardware, its VPN capabilities and performance are amazing.

From my usage, controlling the bandwidth for each user is valuable. Also, the availability of working as a backup or aggregating downloads is useful. All these capabilities are key.

Its interface is simple and easy.

Maybe they can add two-factor authentication.

I have been working with this solution for almost four to five years.

It is very stable. I would rate it a ten out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

We have 60 to 65 users.

I have not taken any technical support from Netgate. I was able to get all the information from the web or Netgate forums. I did not use their technical support because it is an open-source and free edition.

Neutral

I used OPNsense .Using the module for controlling the bandwidth for the users in OPNsense required payment. There was also a subscription, and I dislike subscribing to any service.

It was not complex. It was straightforward. They had a wizard with ten steps. I just had to fill in the information.

It took me about 45 minutes to be completely up and running with my configuration.

There were no third parties involved. It was implemented on-site.

I am using the free version. 

I would recommend pfSense to others. It is free. Overall, I would rate it a nine out of ten.