We use the Netgate pfSense firewalls for each location in the same metropolitan area.

We implemented Netgate pfSense at the most basic level, aiming for a reliable firewall solution without incurring the high costs associated with Cisco products.

Netgate pfSense is a flexible firewall solution. It supports OpenVPN and IPsec, providing various options for establishing secure connections. Additionally, it offers features for monitoring user browsing behavior, enabling administrators to implement restrictions if desired. Overall, pfSense is a versatile platform that can be adapted to meet the needs of different network environments.

Adding new features to pfSense is quick. We select the feature we want and click install.

One feature that pfSense had, which my Cisco PIX firewall lacked, was built-in failover. With the Cisco PIX, if I wanted to implement failover, for instance, if one internet connection went down and I had a backup, I had to purchase additional hardware and a whole other firewall. However, with pfSense, failover configured two ports on the existing box to switch between them if one connection failed.

The security of pfSense is excellent. It effectively prevents unauthorized access.  To date, we haven't experienced any security breaches.

pfSense Plus provides a cold spare that helps minimize downtime. In the event of a failure, the other firewall can be activated while the broken one is restored and configured.

We saw the value of pfSense within a few days. Some of it was instant, but other things took time. When we first implemented it, we saw some value, and a few days later, it kept impressing me with more. A week went by, and I still saw more value.

With a firewall, VPN, and other router functionalities, pfSense offers an excellent total cost of ownership. It's a one-time purchase with no hidden fees, making it significantly more affordable than Cisco products, which require additional licensing, subscriptions, support, and per-feature purchases. While pfSense necessitates some time investment to learn and configure, this is comparable to the effort needed for any enterprise-grade solution, including Cisco, which also incurs substantial licensing costs. Overall, pfSense's upfront cost and user's time represent its total cost of ownership. 

Netgate pfSense is 100 percent flexible and configurable. We can do anything with it. We have not run into any scenario where it didn't work.

The overall documentation has room for improvement. Currently, we need to search forums for answers, as the official documentation by Netgate is not very helpful. The community support is excellent, and there should be a feedback loop to incorporate missing information from the community forums into the official documentation.

I have been using Netgate pfSense for four years.

I would rate the stability of pfSense ten out of ten.

The scalability of pfSense fits our company requirements.

Based on both my partner's and my experience with technical support, it is excellent.

The user community support is fantastic. It's a large and engaged community where members show genuine interest in one another's questions.

Positive

I switched from Cisco Firewalls to pfSense Firewalls. I had a Cisco PIX, but they started implementing a subscription model where we had to pay for individual features. It was like, if we wanted this feature, it's a dollar. And if we wanted that feature, it's another dollar. I decided I was done with that approach and wanted something different. I like that with Netgate, what we buy is what we get. It's not a subscription model. We can get a support subscription, which is perfectly natural to me, but we don't have to buy or pay extra for every feature. We get what you get.

It was a gradual learning experience, beginning with our initial purchase and installation of a pfSense firewall. Its features impressed us, so we decided to replace another firewall with pfSense to enable failover capabilities. This success led to a broader implementation across our network. It wasn't a planned, calculated rollout; rather, it evolved organically as we replaced outdated firewalls and discovered the benefits of pfSense, particularly its ability to work in tandem with other pfSense devices for enhanced functionality.

The initial deployment takes a couple of hours and can be done by one person.

Netgate pfSense offers good value for its price. I prioritize getting the most out of my money, so I choose pfSense. I don't always seek the cheapest or most expensive option but rather the best value for my investment. With pfSense, I get the most product for every dollar spent.

I would rate Netgate pfSense ten out of ten.

I am one of two IT people in the organization, and we are the only two who can access the pfSense firewalls. We have what will soon be four metropolitan locations that use pfSense.

Other than updating pfSense, no other maintenance is required.

I recommend pfSense to others. It's an awesome product that fits everything we've ever needed, and they don't overcharge for every little license feature.

We use Netgate pfSense as a firewall solution for small and medium-sized businesses.

Netgate pfSense offers firewall protection, VPN access, and a range of monitoring tools.

Adding features to pfSense is easy to do through the wizard.

Netgate pfSense is well documented, and the interface is easy to use when we consult the documentation.

Netgate pfSense was recommended, so the benefits were immediate.

It provides a single wizard. Some third-party tools out there allow us to manage remotely. It also helps us optimize performance by enabling us to turn features on and off.

With the inclusion of firewall, VPN, and router functionality, we love pfSense's total cost of ownership. 

The most valuable features are the alerting and local monitoring.

We are a security shop. It would be very useful if we could place pfSense appliances in customer environments and remotely manage them.

I have been using Netgate pfSense for four years.

Netgate pfSense is relatively stable. It has been running for four years now without any issues.

The scalability is limited without upgrading the appliance.

The technical support offers great quality and good response times.

Positive

The initial deployment is not a plug-and-play out of the box. It takes a little bit more than that. For us, it takes ten to 20 minutes for one person to deploy one pfSense firewall.

Netgate pfSense has a great pricing model.

I would rate Netgate pfSense ten out of ten.

Maintenance is required for software updates.

We use pfSense as our router and firewall on several sites.

We implemented the pfSense open platform because we wanted to move away from SonicWall.

We use the community edition of the software and purchase the Netgate router separately. I used white boxes initially, but now I'm also using the Netgate hardware. It's a great product.

The pfSense offers exceptional flexibility, far surpassing SonicaWall's capabilities. Its intuitive interface, complete with a better layout of management screens, makes it a breeze to use. While Cisco routers may be overkill for many applications, pfSense performs well.

Using pfSense is easy. It has intuitive management screens. And if I ever run into a blockade, I pay for the technician annually. I am confident in sticking with that platform. It's always worked for me. It's tried and true.

I hired a seasoned professional with extensive experience using pfSense on white boxes for years, specifically the community edition. His mastery of configuration was evident, and I was impressed by his expertise. After he walked me through several scenarios, I was convinced of the benefits of the Netgate product and began replacing my aging SonicWall devices with it, drawn to the ease of use that Netgate offered.

Netgate pfSense provides a single-pane-of-glass to manage all our firewall needs.

It's relatively straightforward for a novice to deploy pfSense, likely easier than SonicWall. However, I've used SonicWall extensively and am gradually phasing them out. While SonicWall is a solid product, pfSense is remarkably easy to set up.

The intuitiveness and ease of use are the most valuable features of pfSense.

One thing that has always bothered me is that when I buy an appliance, there are two tiers of support: email-only and a premium tier, like TAC, that allows me to speak to someone on the phone. If I'm purchasing their hardware, I should have phone support for a certain period, even at the lower price point. My only complaint is that I need phone support, not just email, because if there's a support issue, I don't have time to wait for an email response. I need to speak to someone immediately. Therefore, I think I should receive TAC support for the Netgate pfSense for at least the first year after purchasing the hardware.

I have been using Netgate pfSense for six years.

I have never experienced any stability issues with pfSense.

To scale we need to add a unit.

I had email support for about a week before calling Netgate to request telephone support. I explained that if I'm calling for assistance, I'm likely experiencing an urgent issue and need immediate help. I decided to pay $699 or so for annual telephone support, which has been excellent. The support is prompt and effective, making it well worth the investment.

Positive

I previously used SonicWall but migrated to pfSense because it is a more intuitive router and firewall.

Compared to Cisco, Netgate is definitively the product that is better for my use case. I know there's a want in the industry for Cisco devices. However, in the hotel vertical, I just don't need it, nor do I need to pay for the expertise in configuration of that platform.  

The first time I deployed a pfSense, a seasoned professional guided me through the process, making it incredibly easy to complete.

Netgate pfSense is fairly priced. It's probably the most powerful router firewall I've come across.

The total cost of ownership of pfSense is reasonable, considering the value it provides. I appreciate the VPN, router, and firewall functionality it offers, which is essential for my business operations. In fact, the ongoing costs associated with pfSense do not significantly exceed the initial purchase price.

I would rate Netgate pfSense nine out of ten.

Other than firmware updates, pfSense requires minimal maintenance. I update the firmware every two to three months for routine maintenance or immediately if a security vulnerability is discovered.

For a new user, I would recommend TAC support. I've spoken with others in my industry who have had positive experiences with TAC, particularly compared to email support. They've reported being up and running within five minutes of contacting TAC. Additionally, problem resolution is also swift and effective. So, I highly recommend new users invest in TAC support. It's well worth the money.

I use pfSense as a home firewall and router. I don't use it for anything professional. When I first deployed pfSense, I was using my ISP-provided gateway, and there were a few things that I felt a little frustrated about. I didn't have control over the networks in my home and lacked some features, such as dynamic DNS, the ability to split different VLANs, multiple gateways, etc. There are a lot of features I use now, such as DNS or GeoIP blocking, that I knew about but couldn't take advantage of. 

The gateway failover helps prevent downtime. The ZFS Boot Mirror would also help prevent downtime in the event of a disk failure. The dynamic DNS is nice because when my IP changes, my web services won't be affected because it automatically caches my new IP.

PfSense has features that drive data-driven decisions. I was using pfSense years ago on a capped internet connection. It was a Comcast connection with a set amount of data I could use monthly. One useful thing was that it had the traffic totals as a package, so I could track the amount of data I was using and the clients that were using it broken down by client and network. I can determine how much data I use to ensure I don't exceed that limit. That's something I couldn't find in any other similar product.

From a performance perspective, it can help in terms of bandwidth and things like that because I know that the machine I'm using has enough processing power to establish all of my routes, DNS blocking, IDS, IPS, etc. I can utilize the full spectrum of my connection and a custom 10-gig NIC. If I had a smaller off-the-shelf product or an ISP-provided gateway, it wouldn't have the performance I need.

I'm using pfSense Plus, which has several features I like, such as the ZFS boot environment. I support Netgate because they're one of the biggest contributors to FreeBSD, so I'm happy to contribute. The most valuable feature to me is the gateway failover.  The area where I live has a lot of natural disasters and times when my Internet connection will go down. I work from home sometimes, and my wife works from home all the time, so it's essential to have a reliable connection. I like that it can automatically pick the connection based on packet loss.

The flexibility seems to be excellent. It has a large set of features to choose from that are built into the UI, so I can do 99 percent of it through the interface. It's also nice that I can run it on my own hardware. I don't necessarily need to buy a Netgate appliance, even though they make good products. It's nice that I can run it just about on any x86 PC with a dual NIC.

If we're adding a plug-in to the pfSense platform, that can be difficult, but I don't mind because Netgate vets the plugins before they make them available. That said, I found FreeBSD easy to deploy, and adding custom packages to it is simple. 

It doesn't prevent data loss in other machines, but pfSense has ZFS built in and can mirror it in two disks in different boot environments. If I have a corrupt OS, a bad update, or something else that goes wrong so that I can't connect to my Netgate, that's something built in so I don't have data loss on my firewall.

The dashboard is extremely easy to use. I like that I can go to one page and see the status of my hardware, packages, gateways, interfaces, disks, RAM, thermal sensors, and traffic graphs. It's a one-stop to look at each item and see everything operating properly. I can see them in different menus in the UI, but having one page where I can view them together is nice.

I would like them to have more security platforms. The pfBlocker is nice, but they don't have anything native for CrowdSec or Fail2Ban. I'm running CrowdSec on a web server instance on my server instead, but I'd like to move more of these services to the edge and put them in pfSense. I think that's something that's coming. I don't know if Failed2BAN is, but I'm sure CrowdSec is a popular platform, so it would be nice to have a package that's native to the platform. 

I've used pfSense for about five years.

I rate pfSense 10 out of 10 for stability. I've never seen it crash, and I have deployed two of them without any problems.

I think the scalability should be pretty good. I can put two of them into high availability. If I add more clients and start to deploy a lot of these for a small business, it would be able to handle that. I don't have experience doing that personally, so I can't speak to that, but I have seen evidence of it being used in a more scaled environment.

I rate Netgate support nine out of 10. I only needed help from the support team to transfer a license because I bought new hardware. They could answer my questions pretty easily.

Positive

I've tried UniFi gateways. The feature set was lacking, and it ran on substandard products. Unlike pfSense, I could not run it on my equipment. I've run OPNsense, which was a fork of pfSense at one point. I didn't like the UI or their documentation, but it seems like a fine product. I've also tried OpenWRT back in the day. 

Deploying pfSense is easy. I'm not a network administrator, but I'm familiar with computers. I can install it on a USB and set it up like any other operating system. The documentation is excellent. I can configure it based on that, and many YouTubers cover it.

The only people who would have any problems installing it would be people who don't know how to use a computer beyond basic functions. Anyone who's installed Windows can easily install pfSense, and anyone who has used an off-the-shelf consumer router would know how to use it. If you don't change anything, it doesn't require any maintenance besides updating packages twice or thrice annually.

The price of pfSense seems reasonable. I pay around a hundred dollars a year for pfSense Plus, which is inexpensive for such a complex product. It's also good that they can still release a community edition. If it started to get extremely expensive to the point where it was more of an enterprise-only product that costs thousands of dollars a year or something like that, I might consider stepping down to the community edition or looking elsewhere.

The total cost of ownership seems pretty low because you have the cost of the OS and VPN. If I'm paying for a VPN that's probably five to 10 dollars a month, and the firewall is already included.  

I rate Netgate pfSense nine out of 10. It's an excellent product. I advise new users that you don't need a Netgate product if you're deploying it at home. It's one way to go, but pfSense works on any old mini PC or PC you have lying around. You can get something off eBay and throw a 20-dollar network interface card into it and you're off to the races. It's not as expensive as you think to get started. The basic routing and firewall rules aren't too complicated. Don't be intimidated, and it's not expensive.

I work in IT at a German insurance company, and I studied computer science. I also work in the network sector, so I know a lot about network solutions. I work with VPN solutions, Fortinet, and other products. For me, pfSense is a private home solution for my family. It's not the solution in my company.

I use pfSense as a firewall appliance, and the function is very good. But I think it's for users with more experience. It's not a solution for beginners.

If you are a professional, it's not difficult to add features to pfSense and configure them. But it is difficult if you are not. 

I utilize the core features. I have pfBlockerNG, SquidGuard, OpenSSL, and WireGuard. So, these are the core features I need.

The core benefits are that I can virtualize it with platforms like Proxmox or VMware, and I can buy third-party appliances. And Netgate offers a lot of hardware possibilities.

pfSense offers a lot of things that help to prevent data loss and intrusion, protect telemetry information, and so on. 

pfSense gives a single pane of glass management. But for me, it's not a problem because I have one appliance, but I think if you manage a lot of appliances, it could be better. It's important to be able to centralize management if I have 10 or 20 appliances.

I use pfSense Plus, it's called the "Zero-to-Ping" license [TAC Lite]. It's a very good solution, but it's a bit too expensive for private use. pfSense Plus is very good, but, for example, if I want to add another pfSense appliance for a cluster, it requires two licenses. For private use, if I want two licenses, it's very expensive.

pfSense Plus provides features to minimize downtime. One of the key features is ZFS. It's the file system. ZFS is very important for backups. I can make snapshots, and that is very good to make backups.

I am satisfied with the visibility that is provided by pfSense Plus. It is very good and optimizes performance because the hardware acceleration is very good for IPsec, SSL VPN, OpenSSL, and so on. This is very good support from pfSense.

The best feature is a function called pfBlockerNG. In pfSense, you can whitelist and blacklists for IP addresses or dangerous DNS sites. The top feature is the VPN. It's a very good SD-WAN solution and a very good VPN engine. It supports a lot of VPN techniques; it supports IPsec, SSL VPN, and WireGuard. It's the core feature of pfSense.

The flexibility is very good; we have a lot of possibilities. You can connect it with different WAN connections, whether you have a cable provider or fiber.

The feature list is good. For me, it's more important that we have fewer patches and better stability compared to OPNsense. I think OPNsense is too big. They support a lot of things, but pfSense is better. I think pfSense is better for stability.

The only thing that could be better is the hardware compatibility for LTE devices. This is a bit tricky for me; I wish the hardware compatibility were better for LTE devices.

I wish the FQ_CODEL limiters were improved. They're very good, but the FQ_PIE limiters don't work well. FQ_PIE limiters are important for cable modem connections. In Germany, we have a lot of cable providers for these interfaces, and the FQ_PIE limiters don't work well in pfSense.

I have been using it for eight to ten years. It has been a very long time. pfSense is very popular in Germany.

I use the latest pfSense Plus version.

The stability is very good.

I use it for my family, for maybe 20 or 30 devices. It's not a big environment.  

I utilize the pfSense forum and the community forum, and it's okay for me.

My preference in comparison with OPNsense is pfSense. I think it is better; it is stable.

The difference is that OPNsense has more features, but also has more bugs.

For me, pfSense is stable. It's better for my use case.

The deployment process is very good. For example, I can set up a new appliance and boot directly from a config file. This is very good.

It's very simple. I download new images, and during the boot process, if you make an image, you have a directory. In the directory, you make the config file, and then you can directly boot with the setup. You can boot a finished version. It's a good thing.

I use it on-premises. The on-prem version is very good. The software is good.

Maintenance depends on the features you use. If you have a proxy server with SSL introspection, sometimes it creates a small firewall size. If you have an easy firewall setup, then it's not so complicated. It depends on your environment and feature settings.

I did the deployment myself without the help of third parties or anything like that. It's very simple. I have enough skills because I studied computer science and work in the network sector. It's not a problem for me.

It took me ten minutes to deploy it. 

The ROI is good. pfSense is a very good solution, not only for home use, but also for middle-sized or larger companies.

In comparison with pfSense CE (Community Edition), pfSense Plus is a little bit too expensive. The pricing is a little bit high for private users. 

With the inclusion of the firewall, VPN, and router functionalities, the total cost of ownership of the pfSense Plus solution is very good because pfSense Plus has a lot of features. For the VPN features, it is good for the total cost of ownership.

I can recommend it if you are a professional or if you know what a firewall is.

It is a very good solution for the home sector, for companies, and for larger companies. I would recommend it to a lot of companies.

Overall, I would rate it an eight out of ten. 

I have two installations at schools as firewalls. The biggest drivers for using pfSense were cost-effectiveness and functionality. It offers higher functionality for its cost.

The benefits are fairly obvious at the beginning. There's no specific time frame required. The flexibility and consistency of the product are what draw me to it, regardless of the size or capacity of the operation. It's easy to deploy.

Arguably, the use of products like Suricata for intrusion prevention could help prevent data loss.

It gives a single pane of glass for each individual device, but not across multiple devices. pfSense could catch up with other market providers by offering a view across multiple devices, but the current interface is fine. It is just we have to individually manage each one. 

There are two versions of pfSense, the paid "Plus" version and the free "Community Edition." I use the "Plus" paid version. 

The way pfSense handles system updates is pretty good. The updates are virtually transparent to any downtime. I've had pfSense boxes running for 200 to 300 days with no downtime. From a software standpoint, pfSense is about as bulletproof as it comes.

pfSense provides visibility that enables us to make data-driven decisions. Its reporting is effective. The data is effective in making decisions based on traffic. It is not just one feature, it is how we manage data traffic. It provides adequate information to make decisions based on traffic. 

I have used pfSense in virtualized environments, just not on AWS.

It allows me flexibility in hardware size and capabilities while maintaining the exact same interfaces and controls. 

I also like the fact that based on its operating system, it has applications that can be added, such as IDS/IPS and filtering.

I would like to see a single pane of glass for multiple devices.

From a service provider standpoint, it is a bulletproof operation to deploy. Aside from being able to manage and monitor multiple devices from a single pane of glass, that would be the only thing I would change.

I've used pfSense, probably for the last two or three years off and on.

It's one of the most bulletproof solutions out there. I can't recall a problem where the system locked up or had any issue that required intervention to get it started back up again. 

Aside from possibly a hardware failure, I haven't had any problems. And that's not the software.

Scalability is one of the reasons why it's a good product. You can utilize it in a budget-friendly way as well as a full-on enterprise. pfSense is almost infinitely scalable. Obviously, hardware is the dictating factor.

I have never had a reason to contact customer service and support. 

I've used Unifi products, DrayTek products, and Meraki products.

From a capability standpoint, I would put pfSense at the top of functionality. DrayTek comes close; however, it lacks the add-on applications. So, I would put pfSense at the top. 

I build the machines myself. Their hardware is not overly special, and I think it's overpriced, so, I build my own.

It's easy to deploy them, but then I've worked with them for a while. If I reflect back at the very beginning, there is a bit of a learning curve, but I don't think it's that steep. Overall, it's fairly easy.

It's fairly easy to add and configure features in pfSense, though it depends on the application. So, it is moderately easy. Some are simple, while others require a lot of preplanning and time to configure.

One person can deploy it, but the deployment time varies because it depends on the network design. It can be up and running in ten or fifteen minutes, but configuring it for the network design may take longer.  

Not much maintenance is required from the end user. Netgate pfSense do a very good job of keeping the application and operating system up to date by itself. Occasionally, applications require updates that need manual intervention, but for the most part, updates can almost be automated.

pfSense's pricing or licensing model is very affordable. Netgate hardware is a bit overpriced, but the software itself is arguably underpriced.

I have not come across a more effective product. Unifi products are inexpensive but not feature-rich by any stretch of the imagination. From a pure feature standpoint, hands down, I would argue that Meraki is as capable and comparable in features, but the cost is prohibitive for most small businesses.

From a pure feature-function standpoint, pfSense has the best total cost of ownership, once it's installed, I don't have any problems with it. If taking into account the software licensing, the hardware, and the amount of time it takes to manage, I'm not sure there's a better TCO on the market.

Overall, I would rate it a nine out of ten. 

I use pfSense to provide IT services for small businesses. They typically have a broadband or fiber connection through a router to the ISP, so they're looking for some additional security. We can get a Netgate appliance with pfSense for a few hundred dollars.

We saw the benefits immediately. I live in Edmonton, and one of my clients is a machine shop in Montreal. We configured the firewall and sent it to the shop with instructions on how to set it up. They set it up, and once it was running, I could remote in and start providing IT services to my client two time zones away.

It can help you prevent data exfiltration from the outside, but you'll always have a problem with employees who want to do bad things. It isn't a completely zero-trust approach. It has logs that will tell you if something seems odd. That requires the owner or IT professional to stay on top of it.   

The stability of the Netgate hardware and pfSense software helps to prevent downtime. At the machine shop in Montreal, we had an older Netgate model running for almost seven years, which we replaced last Christmas. It wasn't failing, but we upgraded it to ensure uptime. We spent about $200 on that device or about a few months of coffee for the office. You can deploy pfSense on your own device, but it gives the client comfort to see an actual device instead of something I cobbled together. 

I don't know if there's a particular dashboard other than the volume of data you are passing through the firewall that we check to ensure it is as expected. All of the businesses we handle are small, so we don't need some of the advanced features, such as VLANs, and I'm not going into them to fiddle with them constantly. If the power is somewhat dodgy, as it is in Montreal, they come back online in the proper configuration.  

One of the main benefits of our use case is pfSense's inclusion of OpenVPN. We can set up a server-client configuration so employees can access the office outside business hours. This enables us to provide secure remote access to their workstations and other devices inside their worksite. OpenVPN is included, so I don't need to purchase an expensive VPN solution with its own client. 

I also value the community on the pfSense website and other forums. If you're trying to set something up, there's invariably someone else who has done it before. It's open source, so the community is massive.

PfSense is quite flexible. You can tune it to meet your needs. If my client has something provisioned to their clients, we can run that through the firewall. We can also set it up so that everything is locked down and all traffic moves through the VPN. Like any other firewall, you can set up rules. I haven't encountered anything that I wanted to do that I couldn't. 

Setting up the VPN is always tricky, but adding features isn't hard overall. OpenVPN is easier to use than any other open-source VPN solution. It does all of the DHCP and DNS forwarding and other firewall tasks out of the box.  

In most of our use cases, the pfSense interface acts like a single pane of glass for me to log in, monitor, and configure. You can use the command line interface, but I use the web interface. I would only use the CLI to review logs because everything is on a text interface rather than a browser window, so it's easier. However, for a business user, the web interface is easier if they don't have any complex needs. 

Our customer's IT operations are optimized to go through the pfSense firewall and OpenVPN. It enables us to get work done without constant callouts from the clients. When we upgrade to a new unit, we give them configuration files to install on their workstations. 

They could improve the VPN wizard to make the configuration easier. I don't know what happened last time, but it was a little fiddly. Adding users isn't difficult, but it's a step that's in a different panel from the configuration of the VPN client itself. You need to create the user on the firewall and then associate that with the VPN. They should make it easier to link the firewall configuration with the VPN client.

I have used pfSense for between five to seven years.

PfSense has always been stable, even in an inhospitable environment. A machine shop is bad for devices because of all the dirt and oil, and I had one that continued running for five years without any complaints.  

I always pick a Netgate device that has sufficient hardware for each of my clients, but if I had to expand suddenly, I know Netgate has a range of devices that would work. However, I do think they focus on small and medium-sized enterprises.

I deploy pfSense on Netgate appliances. It's easy for a typical network engineer with no experience with pfSense. If you know about networking, it's an easy device to set up. Coming from a Cisco background, I found it dead simple to install. I have deployed boxes in under an hour. One person is enough to do it. The maintenance and updates are easy. I've never had an issue with updating and fixing bugs. You can do it all remotely. 

I rate Netgate pfSense nine out of 10. Having a basic understanding of networking concepts, like firewalls, routing, and VPN will help you navigate the pfSense interface.