One of our clients operates multiple branches, and we've implemented a solution involving feature and IP address tunnels connecting these branches. The main branch serves as the hub, housing the Central PBX and providing services to the other branches.

We use pfSense to handle VPN connections, extending to remote workers in our various branches as well.

The feature I find most valuable for fulfilling network security requirements is pfBlockerNG. It offers exceptional visibility and filtering capabilities, without the need for dedicated hardware or recurring expenses. Unlike other solutions, pfBlockerNG operates seamlessly and continuously without additional costs or maintenance concerns.

The traffic shaping and bandwidth management features of pfSense significantly enhance our network performance. The inclusion of a QoS wizard simplifies the process, eliminating the complexity often associated with configuring QoS on other platforms like Cisco routers. With pfSense, utilizing the wizard streamlines the setup process, making it accessible and effective for users without requiring an advanced understanding of networking intricacies.

There have been specific incidents where the reporting and monitoring tools of pfSense played a crucial role in identifying and resolving network issues. In one instance, we received complaints about internet connectivity problems affecting productivity across the business. Upon investigation, I discovered that the issue stemmed from excessive bandwidth consumption caused by multiple HD camera streams being watched simultaneously. Utilizing pfSense's reporting and monitoring tools, I quickly pinpointed the source of the problem and implemented measures to alleviate the network congestion. These tools are invaluable for identifying resource-intensive processes and resolving performance issues effectively.

The process of integrating pfSense with other tools and services has proven to be quite straightforward thus far. While there may be a slight learning curve at the outset, particularly for those less familiar with networking concepts, it becomes manageable with experience.

The most valuable feature, for instance, is the ease of migrating configurations between different Netgate devices housed in the same box. This capability simplifies troubleshooting, as it allows for faster identification of DNS discrepancies or any other issues compared to proprietary systems. With pfSense, network configurations adhere to standard practices, facilitating troubleshooting without the need for complex overlays or policies. The interface, prioritizes network principles, making it intuitive for those familiar with networking concepts to navigate and achieve desired outcomes efficiently.

It lacks a solution for SD-WAN integration. I believe improving integration with various antivirus vendors could be beneficial. Partnering with trusted antivirus providers such as Bitdefender or Sophos as an add-on feature could enhance the antivirus capabilities of pfSense. Incorporating a centralized management console for easier administration would be a valuable addition.

I have been working with it for over five years.

The stability of pfSense is exceptional. I've only encountered one instance of hardware failure, which was due to an electrical issue. Otherwise, all other deployments have been reliable. I would rate it nine out of ten.

The scalability of pfSense is impressive. I've witnessed its capabilities firsthand, especially when it was deployed in environments supporting up to seven thousand employees. I would rate it nine out of ten. Currently, pfSense is our top recommendation for clients, tailored to their budget and specific requirements. Depending on the client's needs, such as compliance with PCI or HIPAA regulations, we may suggest models that offer corresponding features and evaluations of network security. This flexibility allows us to cater to clients with varying compliance needs, ensuring they receive suitable recommendations.

In terms of technical support, I primarily rely on the forums whenever I have a question or need technical information. I've found that the answers I seek are often readily available there. While pfSense does offer paid support packages, I haven't had the opportunity to utilize them yet.

The main difference between Fortinet and pfSense lies in their integration with different vendors. While pfSense offers integration with multiple commercial antivirus solutions, Fortinet primarily provides its own antivirus offering. However, the effectiveness of the antivirus provided by pfSense may not be as high as some other options available in the market. In terms of cost, pfSense offers a one-time payment for cloud services, providing continuous service without ongoing fees. On the other hand, Fortinet's pricing structure may seem appealing initially, but if you wait until close to the license expiration date, the renewal cost significantly increases, which could result in unexpectedly high expenses.

The initial setup was straightforward.

To set up pfSense, you start by configuring firewall rules to allow the necessary traffic. Once that's done, you can explore and download additional security packages from the package manager to enhance your environment's security. The initial setup is quick, typically taking around ten minutes for a basic configuration. However, if you're integrating features like pfBlockerNG, it may take a bit longer as you need to ensure you're not inadvertently blocking any essential services. Despite this, the task can be managed by a single person, such as an IT manager.

Maintenance tasks, such as checking logs and ensuring updates are running smoothly, are typically handled by two designated individuals. They connect to the firewall periodically to perform these checks. While we do have a management console, it's not fully integrated with the pfSense Manager (PSM) solution. Having a dedicated management console that allows remote management of all wireless devices would be ideal, as it would streamline the process of making changes across multiple devices.

The price point is highly competitive. The cost varies depending on the license type, such as licenses for eight to five support or twenty-four seven support. Opting for twenty-four-seven support significantly increases the price, reaching around ten thousand to thirteen hundred dollars. I would rate it four out of ten.

Overall, I would rate it nine out of ten.

Our most common use cases are for our corporate firewalls, and currently, I'm using it as our school firewall. So it's our perimeter firewall. So, we're running three firewalls on our network. 

So we have separate networks each because we have, like, different use cases. So we're running three at the moment.

We've been running it for six years now, and so far, it's been good.

Netgate pfSense has been utilized to create and manage VPNs within our organization. So we're running pfSense with VPN on one of our private cloud providers. So we're using IPSec VPN on that.

For everyday tasks, we just get alerts. It's anything that's suspicious, including from our Netgate. So, it's part of how we maintain cybersecurity in our school. This is working alongside our endpoint security solution. 

We were using an open-source endpoint solution for that. So we're integrating that with the one we have on pfSense. 

The ease of use. Like, it's easy to manage the firewall, rule-wise and interface-wise. For me, it's quite easy and friendly to use.

We have a set of rules so that it can manage all of our rules. We have a complex network here in our school. We have a lot of rules running, so it's really easy to match all of those rules using pfSense.

Integrating pfSense with other products was a bit tedious at first. We researched and tested for about a month, so it was not too hard but not instant.

For the third-party packages, I'd rather have it built-in, like a core feature of pfSense, part of the core model. This feature of pfSense would be great, instead of relying on a third-party module.

I have been using it for six years. 

It's about 95% stable, not perfect, but quite reliable.

If I needed to scale it and merge our pfSense machines into one, I'd prefer a dedicated hardware appliance instead of running multiple x86 servers on the firewall.

We have around 4,000 endpoints. 

I reached out to support for an unusual CPU usage issue after an upgrade. They were responsive, and even though I ultimately found a solution, they were helpful in diagnosing.

Positive

We used Fortinet. We opted for pfSense because of budget limitations. pfSense was a more affordable solution for our requirements.

pfSense is easier to manage and offers modularity for features. With FortiGate, everything is there, but we might not need everything, and too many features can be challenging.

The initial setup is very straightforward and intuitive. 

We use the pfSense software directly and install it on our rack servers. So, we're adding three instances of that.

I handle all the deployment processes. I am the core manager for the entire infrastructure, so I manage and deploy everything.

I consider how many users and gigabytes we expect on the network and try it on a test network first to validate before actual deployment.

Just my core team members manage the whole deployment, so that's enough for us.

Migrating the old one to the new one took around a month because we have many rules, and the new Netgate was quite different.

From the maintenance perspective, it is not difficult at all. 

While configuring or maintaining pfSense, we had high CPU usage on one firewall, but the GPAC subscription provided a good response. The support team was helpful, and we resolved it in a few hours. So, we had good support because of the support subscription. 

We just have the yearly support subscription.

I just found pfSense online. I just tried it out on a home lab and found it worked well enough for us. So, just started out, like, searching online and responded and tried it.

I would advise you to try to estimate your network first and do a test network just to have a proof of concept of what you want to run and check the routes you want to run against your network, making sure that your requirements are valid before deploying it.

Overall, I would rate the solution a nine out of ten. 

I use pfSense for various reasons, including implementing IPsec technology due to having limited branches. I use a VPN for secure connections, control the Internet or network flow, employ it as an NTP server, facilitate conference calls, and set up VLANs. I use it to run a proxy server.

I use the free version of Netgate pfSense software. I installed it on my servers with mini network cards, allowing me to create mini gateways and implement different plans.

The Netgate forums and community don’t provide extensive discussions and topics related to every pfSense service.

I have been using Netgate pfSense for five years. We are using the V23.09 of the solution.

Everything is very smooth, with a user-friendly interface. You can use the user interface or CLI as a command.

We have 250 employees using this solution.

We have Git Community forums with a million topics about all issues regarding Netgate pfSense. We can save this information to address various concerns.

I have several reasons for choosing Netgate pfSense. Firstly, it serves my purposes effectively and is entirely free. Secondly, when I search on Google or inquire about past experiences with firewall workloads, its reliability and cost-effectiveness stand out.

The initial setup is too easy.

The product is free of cost.

I recommend using Postgres. However, if you need a firewall without additional tools and prefer a pool of well-established services, pfSense offers suitable features."

Other solutions like Postgres, Sophos, and Palo Alto are in the market. We've used firewalls for a long time, but in the last three years, I worked with pfSense, and it's efficient for all devices.

Overall, I rate the solution a seven out of ten.

We use Netgate pfSense for load balancing. 

The tools' most valuable feature is load balancing. 

Netgate pfSense needs to improve the configuration for a VPN. 

I have been working with the product for three months. 

I rate the product's stability a nine out of ten. 

I rate Netgate pfSense's scalability a seven out of ten. 

I have used online documentation and hence haven't contacted the support yet. 

I rate the tool's deployment a nine out of ten. Its deployment takes only a few hours to complete. 

We did the deployment in-house. 

I use the product's free version. 

I rate the solution a nine out of ten. 

I install Netgate pfSense in various locations. It is also used for monitoring traffic and acting as a proxy.

I handle the scanning for the finance department. I recently encountered an issue with our company bills. I resolved the matter, cleared the bill, and received calls regarding it using pfSense. 

The user interface is extremely user-friendly, which is why we use it across various sites. Our IT representatives at the plants find it easy to use and manage because of its straightforward interface.

They rely on third-party tools, unlike Fortinet, for example, which has its own tools. In comparison, we also use third-party tools on pfSense. For example, we had a situation where we needed a tool to identify authorized users, and when I searched for a solution, I found a third-party tool. However, using such tools may come with additional costs.

I have been using Netgate pfSense for around one year. 

If I think about pfSense, I would rate the stability around six. There have been some issues with stability, causing occasional downtime. I haven't extensively worked with pfSense in the last year, so my experience is limited.

The scalability of pfSense is excellent, and it's easy to expand. Currently, we have around 200-plus users at our head office using pfSense. I would rate it 7 out of 10.

I haven't contacted Netgate technical support, so I can't provide feedback on that aspect.

Comparing pfSense with other vendors, I appreciate Fortinet for its all-in-one device with ALi involvement. However, for a country like Pakistan with limited resources, pfSense is suitable for small offices due to its cost-effectiveness.

Installation is straightforward, especially for IT professionals. During the installation process, you are prompted to input the brand of the internet and LAN cables. If you're unsure, you can simply connect the cables – one for the internet and one for LAN – and proceed. You can choose to use either one or two cards based on your preference.

Regarding maintenance and technical support, we have a team of around 14 technical staff who handle phone calls and work on maintenance when required.

On a scale of one to ten for pfSense overall, I would rate it a seven. In comparison with other top devices like Fortinet and UDMP, pfSense stands equal in my opinion.