We primarily use the solution for firewalling, site-to-site VPNs, and VPN management.

We largely needed a good firewall solution. We wanted to find a suitable firewall for our company size and what we're doing with it.

It's open-source and everything is available to me without having to pay subscription fees. 

The support with NetGate probably is the most value I've seen from it. They've been really, really helpful. The open-source nature of pfSense, paired with the amount of support we receive, has been great.

The flexibility is great. It does everything I need it to do. The amount of open apps for it is extensive. I was able to help track some networking issues using the pfSense to scan the network.

It's significantly easier than expected to configure the solution and simple to handle add-ons.

pfSense can help prevent data loss. In our environment, things are fairly strict. However, it makes it easy to manage and configure the firewall and handle inter-VLAN routing and firewalls between them.

We do have access to a single pane of glass management. It's easy to review traffic, usage between VLANs, threat monitoring, and user connectivity. I'd have to monitor items separately without this single pane which would make monitoring difficult. 

We do use pfSense Plus. It provides us with the features we need to minimize downtime. The updates and everything that comes with it have been great.

The visibility provided allows us to make data-driven decisions. The modules I have access to for network monitoring and management have been very helpful.

We've been able to optimize performance. With NetGate support, I've been able to utilize traffic shaping and performance optimizers. 

I'd like to see it become more of a next-gen firewall or deep packet inspection, however, I'm very happy with the way it is as of now. 

I've used the solution personally for about two years. My company has been using it for about eight years now.

The stability is very good. 

We have two locations. I have yet to uncover any scalability limitations. 

Support is quick to respond. For the amount we pay a year, the support has paid for itself. I'm very happy with the level of support we get. 

Positive

I do have experience with Meraki and NetGate devices. I've used FortiGate devices in the past. The expense and support were not near the quality of pfSense.

The initial setup was easy to set up and straightforward to configure. It did take a moment to learn where each tool set was. However, after that, it's really good. I handled the deployment myself. I was able to implement it within 16 hours. 

There isn't really any maintenance; it is pretty much set and forget. I do updates every three months or so and that's it. 

90% of the setup was handled in-house; I referred to NetGate support for a few items along the way. 

We do pay about $600 a year for NetGate support. pfSense is free, however, NetGate, that made the appliance, charges for a support package. I'm very happy with the quality of service that I get for the price. 

We would have paid another $7,000/year for subscription fees if we went anywhere else.

I'd recommend the solution to others. I'd rate it ten out of ten.

We're using our offices including the main endpoint VPN connections from the main office to our seller offices.

The ability to load third-party apps, et cetera,  into the firewall is pretty useful for a commercial-grade router and file, which is very customizable.

Out of the box, it's about 90% plug-and-play. The last piece, you do need to know how you're setting the firewall up for your environment. It varies on what you're trying to do with it. It can be really easy or difficult, depending on your knowledge base for the application.

We were able to witness the benefits of the product pretty much immediately.

Once you've navigated around it, it's pretty self-explanatory as to where to go. Compared to other products out there, it's pretty easy.

We do have a sort of single pane of glass for management purposes. You do have to dig around. If we had, for example, ten pfSense routers deployed, it would be nice to have one console where you could see all ten devices, update them, and keep them all central. A management portal would be very nice.

I've been using the solution for seven years. 

The solution is very stable. Issues are rare unless a box gets hit with a power surge or something. 

I found the solution very scalable. I can load multiple VMs on it and add a second port onto it. Depending on your deployment, it is very scalable. 

I've only contacted support for corrupted systems. If the unit loses power and comes back on every once in a while, the file system gets corrupted, or it won't boot the device, and you have to reimage the whole thing, in those instances, I've had to reach out to them. They are pretty quick. I can get help within an hour even with just the free version. I imagine the paid version has good support. 

Positive

We used to use Ubiquiti, which was not a great solution. We also used something previously to that. Their interface was very clunky. You'd have to go through multiple different routes to get to the same thing that pfSense has on a single drop-down. pfSense has a more user-friendly setup. Plus, it has CLI integration, which is great. You can make configurations in the command prompt too, which is a lot easier.

To me, the setup is fairly easy. That said, I already knew what I was doing to set it up. If I were coming fresh out into the network and environment, I'd never switch one of the firewalls; there may be a challenge to go through and figure out what the router can do to make the deployment work. When you get the box, you plug it in. There are a lot of features that are ported in that don't come pre-installed. However, they have a complete database listed in their browser. You just go down and pick what services you need. If you don't know what is there, it may take you a while to figure out what the unit is capable of. 

There is no maintenance beyond occasional updates. They don't push those out too often. However, when they do come out, you have to go through them one by one to make sure the update is successful. It would be easier if you could do everything all at once and be done with it.

How long it takes to deploy varies as each office is different. If I'm building three or four VLANs, that's going to take time. In my role, I built one base configuration that contains the VLANs IP servers that I want to use. I've extracted that as a file that I can modify and push to different boxes. So if I get 100 2100 or 4100, it doesn't matter. All I have to do is change the interface names and push it back to the box. So to me, it's pretty fast, and it already has my settings ready to go.

I handled the initial setup myself. 

I use the community version. For configurations and troubleshooting, you do need to pay. I'm not sure what the pricing is for Plus.

I'd rate the solution ten out of ten. 

I'm a customer and end-user. 

I use pfSense at home, and my friends and family use it in their homes. I'm also the IT solutions administrator for a council of governance organizations, and I use it for them. I use pfSense Plus at home and the community edition at some of my friends and family's houses.

I pfSense Plus at home and use the community edition at my friends and family's houses. I have used the community edition multiple times in labs, but I use pfSense Plus for all of my enterprise applications.

I started seeing the benefits when I began playing with it at home 10 years ago. It was an immediate success when I put it in enterprise locations because it was much cheaper than WatchGuard. I was familiar with pfSense, so I quickly trained my staff on it. They know how to operate everything well in pfSense.

With pfSense, you can do a failover. I have used that before, and I see it as a benefit, but there are some drawbacks. You have to use multiple external IP addresses to set it up, but it works well. However, I don't use the failover anymore because of the price. You can have two of these things on the shelf, and in the event of a failure, you can get another one up within five minutes by throwing it on there, configuring it, and plugging it in. That's my failover plan for all my main locations.

PfSense's visibility enables me to make data-driven decisions. I love the way they do geoblocking. You can see where you're improving. The logging ability is diagnostic. You can see all kinds of data. For example, when I make a new rule, Immediately know what's going through that rule. That visibility is very helpful in knowing immediately if my rules are being applied correctly. 

The most valuable feature of pfSense is that it's a stateful firewall. I also like the way the rules are implemented on the firewall. It makes things much easier to see at a glance. 

PfSense is the most flexible device I've ever used. It's open-source software. I've used all the big names, including Palo Alto, WatchGuard, and Sophos. In terms of dependability, this is the best of them. 

It's simple to add and configure features and easier than some of the big competitors like WatchGuard. The front dashboard on pfSense is very customizable. You can get it at first glance. Everything you need to do is in that single box. It shows you if your LAN and interfaces are up. You can see what kind of traffic is going across each interface because they give you a traffic graph that you can do for each interface. 

You can see if your gateway is up and precisely how much data passes through each interface. I like how you can get direct visibility over your IP address updates. If you're not running a static IP address, there's another cool thing on the front page where it shows when the dynamic DNS updates. The way you can customize that dashboard is cool. I haven't seen that with other firewalls, and pfSense gives you good visibility at first glance.

I don't think pfSense's web filtering solution is the best, so I don't use it for that purpose. They could add a little better web filtering solution to pfSense. They have solutions in place, like SquidGuard, but they aren't very good. 

Another feature about pfSense I would improve is adding a single pane of glass management for multiple units I manage across the municipal district. I would love to manage all those devices through one single pane of glass, but that's not a deal breaker for me.

We have used pfSense for around 10 years.

I rate pfSense 10 out of 10 for stability. I've never had a Netgate system fail on me.

The scalability of pfSense is great. It costs very little to expand to multiple systems across multiple locations. It'd be better if they had a mass edit platform where you're running multiple systems. I've heard quite a few people in the community talking about that. I heard someone in France was developing a dashboard that gives you visibility across multiple boxes, but the cost of deployment is very cheap. It's easy to put boxes out there and write rules for them. 

I rate Netgate support 10 out of 10. Most of the tech people I have contacted seem to know exactly what they're doing. They've got, like, 10 people named Chris working support. Every Chris that I've ever spoken to has been spot on. Every once in a while, if I call after hours or something, I might get someone who isn't as adept at it, but they quickly escalate it to someone who can fix the issue. 

Positive

I have used Palo Alto, WatchGuard, and Sophos, and all the major competitors, but I would compare pfSense to WatchGuard, the one I have the most experience with. In my type of environment, pfSense wins hands down over WatchGuard because it's a stateful firewall. One thing I've hated about WatchGuard is that it's not a stateful firewall. It's rules in and rules out. You end up getting thousands of rules over a four or five-year period. PfSense enables you to put notes on your rules. 

If you have a question about a rule, you can read the note you made when you made that rule. Having the ability to document your rules in the dashboard has been a game-changer for me. After you have used a stateful firewall, it's hard to go back because it's much harder to make rules on both sides. 

Deploying pfSense is as easy as any other system. It helps that pfSense has a massive user community and some great YouTubers, so you can go to YouTube University and become a professional with pfSense quickly. You can learn to do some complicated edits and set up complex VPNs. It takes only 20 minutes from start to finish. For maintenance, you only need to update it when the updates come out and change the configuration of your rules as needed. 

PfSense offers huge savings. The price is the lowest in the business. The only thing you can use in place of pfSense is a fork like OPNsense. I'm more familiar with pfSense, so I never got on the OPNsense bandwagon. 

I rate Netgate pfSense 10 out of 10.

We are a reseller. We resell the product to our customers as we are an MSP. We use it for various different verticals, from manufacturing to schools to typical offices. That is mainly the use of this solution.

There are a lot of limitations with competitors like WatchGuard and SonicWall where there are a lot of costs for licenses to utilize their products. We felt that by going to pfSense, we have a little bit more freedom. We can use certain features without having to pay exorbitant costs for licensing. It is better for the small to medium-sized customers.

They are the most flexible, for sure. In my experience, it is quite easy to add features to pfSense and configure them. There is a lot of support from the local community. Because it is an open-community-built platform, there is a lot of support out there. Adding features and configuring them seems to be quite simple from my experience so far.

There is an overall performance increase. The hardware is much more performance-driven. The constant upgrades certainly make it easier to keep up with the evolving environment. The community-driven platform certainly helps to ensure that things are kept current.

pfSense gives us a single pane of glass management. There is a user interface and also the command line. The user interface is very friendly and easy to navigate. The single pane of glass management certainly increases productivity. The ability to look at one single pane of glass, add different widgets, and see things at a glance certainly helps to cut down the time of looking for certain statuses or things like that. It makes things more efficient.

We deal with pfSense Plus in a few cases. It can help minimize downtime. We have not experienced it in any sort of live environment, but I am confident that it would.

pfSense Plus provides visibility that enables us to make data-driven decisions.

It optimizes performance, and in most cases, it affects operations and makes things more efficient. Efficiency means money.

The ability to utilize the features instead of having to pay a license fee for every single thing that you want to use on a firewall is valuable. A lot of other companies give you a firewall out of the box that has very basic functionality, whereas pfSense gives you all the good features, and if you want to have more advanced features, you can pay a fee. You are able to use a lot of the features that you cannot use on other products. That is the best thing.

It is very good from a troubleshooting perspective. Things like logging are very good. We have been using these firewalls with filtering very successfully, and VPN has been very successful on them. We have not had any issues with that.

One thing that stuck out to me was the move to use plastic chassis on the Netgate devices or products. They are moving away from using metal chassis, and I find that the plastic seems to get hotter than the metal. Other than that, they are such great devices. They always seem to have all the cool things and bells and whistles.

One thing I would like to see Netgate do is to have a cloud-based management portal, similar to SonicWall, WatchGuard, Ubiquiti, etc. With all these platforms, you create an account, and you have a way to cloud-manage these products. Currently, one of the challenges that we face is not being able to manage those things from a centralized platform. It has always been one thing I have dreamt of for Netgate. That is the only place where it falls short. Apart from that, they are far superior in building, keeping up with the times, and keeping things current.

It has been probably eight or nine years.

A couple of times we have had some strange issues that have been unexplainable, but overall, it is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

They have been fantastic. I have never had an issue, and it has always been very good. They are a highly intelligent and very resourceful team. I would rate them a ten out of ten.

Positive

We have used everything, such as Cisco, SonicWall, and WatchGuard. You name the flavor. We have used them all, and Netgate is definitely a much better product than those. It also depends on the use cases. 

It has been very straightforward to very complex. We have set up entire data centers run by Netgate devices to small offices using a 2100. We have gone from the most complex to the least complex. We have seen everything in between.

Its deployment is a matter of hours. Our clients are small to medium size. We have about ten people working with pfSense.

It requires general maintenance. We have to keep up with firmware and updates. From a physical perspective, there is no maintenance.

It is very cost-effective. There is 100% ROI.

They are on the higher end, but you do not get stuck with spending thousands of dollars every year. You do not have recurring license costs to have people use a simple feature like VPN. That makes it more cost-effective in the long term. There is a very good price point. No one ever complained, and I have not ever thought that they were overpriced. That is for sure.

If you are looking to deploy a product that is reliable and high-performing and that is going to be cost-effective for yourself or your customer in the long term, you are doing the right thing by looking at Netgate.

I would rate Netgate pfSense a ten out of ten.

I am in IT. I use pfSense for my personal use. I use it to practice networking and understand how networks work. I apply all the networking-related things that I have learned to pfSense at home.

I also use it to isolate my IoT network from my regular network and from the devices I use for the cameras.

The main reason for implementing pfSense is that I like playing games. With pfSense, I can place quality control over the traffic traversing over the WAN connection or the Internet. I am able to prioritize and limit some devices to allow me to have a better connection to the Internet than some devices in our house.

pfSense is a flexible solution. It has features for setting devices into groups. I was able to group up the devices in our house to be able to set some restrictions on some devices and have full restrictions on other devices. It allowed me to control my kids' devices to limit access to the Internet to a certain time. It automatically stops on the Internet for those devices when that time comes.

pfSense gives a single pane of glass management in regard to the network. I was able to control everything in my network, which is good.

I use pfSense Plus. I got third-party hardware, not with pfSense, but I purchased the license to have a pfSense Plus version. That hardware went down a few days after I bought the license. I created a ticket, and the engineer allowed me to move it to another device because I had just recently purchased it. Thanks to them, I was able to have less downtime because I did not have extra money to purchase another license. I was able to bring it up as fast as possible. The backup and recovery of the configuration is very pretty easy. I just reuploaded the file and updated two lines of code, and that was it. Everything worked.

Everything works well. My streaming is working fine. My kids do not complain about any lags. I can play my games without having any issues. I do not experience any lags. When my wife is working, she does not have any problems downloading or uploading files back to her work. We are pretty happy with the performance.

For me, the firewall is most valuable because I can play around with the firewall. That is the best asset for me. I can limit what I want to limit, and I can open what I want to be open.

I like the versatility of pfSense. Compared to other products I have used for home and small businesses, this is the easiest to understand. It has enterprise features compared to, for example, Ubiquiti UniFi. Their router is limited to some features, whereas with pfSense I can do, for example, routing and dual WAN. I also have several VPN options. 

It has a lot of features, but I wish there were even more features. Some of the features I am looking for are still not there in pfSense, like, for example, content control. Because I have kids, I want to control the content or what they watch. There is a feature in pfSense called pfBlocker, but it is limited. If I set that up, it is blocked by an IP address. Sometimes my devices are borrowed by my kids. They are able to get a full connection to the Internet, but their devices are limited. If content blocking is added to pfSense, it would be great. If I can block content by a user, that will be a preferred solution.

The frequency of feature releases can be better. We have been waiting for some of the features for a while, but they have not been released. I know they prioritize what is used in the enterprise area, and then they provide some features for regular consumers like me. If they can balance that 50:50 and focus equally on the enterprise and consumer suggestions, it will be great.

The interface and support are perfect for me. I saw a post on their blog that they will be moving to the Linux operating system. Hopefully, they would have better wireless because the wireless for pfSense is horrible or horrendous. If they move to Linux, hopefully, they will improve it.

I have been using pfSense since 2020. It has been four years now.

It is very stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

We are a family of five. Five of us are connecting to the pfSense Internet.

They are great. They are perfect for me.

Positive

I have used TP-Link and Ubiquiti EdgeRouter. In regards to features, the two are on par. They are way behind pfSense. pfSense is way ahead of these two in terms of what it could offer. In terms of security, TP-Link is very bad, EdgeRouter is in the middle, and pfSense is way ahead. In terms of performance, TP-Link is worse, and EdgeRouter and pfSense are neck to neck. I prefer pfSense over others.

I installed it on third-party hardware. The longest period of initial configuration was when I deployed it for the first time. After that, it is very fast because I can back up my config and restore it if I break something.

It took an hour or two for all the installation and configuration.

In terms of maintenance, it requires regular updates. That is the only maintenance that it needs. I also need to monitor if any known or zero-day bugs are found in pfSense. I am watching that because pfSense is the device facing the Internet, so I need to be always alert about any zero-day bugs. I also need to be mindful of the configuration to not accidentally expose any ports. These are the three things required in terms of maintenance.

In four years of using it, that payment of 189 dollars per year has already paid off. Over these years, I only experienced it going down two or three times, which is less than 1% downtime per year.

It is cheap. If you are a technical person, it is a pretty cheap solution because first of all, the Community Edition (CE) is free. I am in Australia, and my pfSense license is about 200 dollars. It is not bad because it is per year and not per month. It is cheap compared to other solutions.

I am not using the hardware. I am using the software. It is very cheap. It does not cost me a lot. The only cost is just the one-year payment. If I need extra hardware, I need to purchase that from the third party whose hardware I am using.

I would recommend pfSense to others. I already recommended it to my boss, and he is using it now. He is loving it as well. It is easy to use, and there are a lot of resources available. If you have any problem, someone would have already encountered that problem and found a fix, so it is easy to fix based on that. It is very reliable. The downtime experience is very low. It is almost zero.

I would rate pfSense a ten out of ten.

We have a tiny business that uses pfSense to create a secure VPN between our two locations. 

It's a reliable platform. We also value pfSense's security features because we have to comply with PCI for credit card payments. We need to be confident that we'll have the security. PfSense offers that.

We realized the benefits of pfSense almost immediately. I read about a company using it and thought it would be the most secure thing. It's a bit daunting at first because you have to configure it. However, they create ISP versions, so you can leave those alone and not configure them. This does the whole thing in one box, whereas, with the ISP thing, you have to think about how many different appliances you'll need to make it work.

I like how easy it is to access VPNs and stuff like that. It's so simple to set up a site-to-site VPN. The solution is flexible enough to do just about anything.  It's super easy to configure the features as long as you have the details you need, or you can build out stuff if it lacks what you're after because it has a plugin architecture.

It depends on how you run it, but pfSense can help you prevent data loss. Still, it's more about preventing people from getting in and having the confidence that you won't be compromised. And if you need those extra features, you can always add them and all those things that can monitor what's happening in your website or organization.

The web interface allows you to see bandwidth, how things connect, and much more. PfSense Plus prevents downtime. It has a feature that records everything you do so that if a unit fails, you can swap it out and enter your details, and then it loads your configuration on a new device. PeerSpot Plus provides visibility that enables data-driven decisions. You can set it up to do that if you want it. 

They could always make pfSense slightly more user-friendly and modernize the interface a little. 

I have used pfSense since 2015, so it's been around nine years.

I've never seen pfSense crash.

It's at the scale that I need it, but you can certainly scale it up to the enterprise level if you want to have a better product. It depends on the hardware. 

I rate Netgate support 10 out of 10. I only contacted them once. It was very quick and efficient. I had a sensible solution within five minutes. I couldn't imagine having better support.

Positive

I used some Netgear hardware, but I don't remember the model because it was eight years ago. When I switched to pfSense, I stuck with it because it works reliably. 

Deploying pfSense was pretty easy. I'm an IT guy, so I did it myself. After deployment, you need to do some routine maintenance, like upgrading occasionally and checking your file logs. Apart from that, it does everything for you.

They have a free community version and a paid version. The free version works if you are a home user who needs a fixed cost, but that's not my use case. 

I rate Netgate pfSense 10 out of 10. I can't think of a way to make it better. Before deploying pfSense, prepare your area and your network. Understand your entire network and what you want to do before you start doing anything then follow the documentation. 

After successfully using pfSense at home to manage IoT devices and separate their traffic from my computers and gaming consoles, I'm now evaluating its suitability for our hospital system. As the IT manager, I'm impressed and considering replacing our current firewalls with Netgate pfSense appliances.

I implemented pfSense at home to proactively prevent security issues on my home devices.

Netgate pfSense is flexible allowing us to add plugins.

It has improved my home network's security, making it significantly harder for attackers to access my data.

Netgate pfSense works well to prevent data loss and helps optimize performance.

As a first-time NetGate pfSense user, I've been impressed by several features: easy integration for blocking traffic by country, straightforward creation and management of firewall rules, and the ability to extend functionality through plugins.

I'd love a centralized management system for multiple pfSense appliances. This is where Netgate could improve. Redesigning my network for seven pfSense units sounds like a daunting task, especially with the need for individual configuration. A single pane of glass for managing everything at once would be a game-changer, streamlining the process significantly.

I have been using Netgate pfSense for five years.

I would rate the stability of Netgate pfSense ten out of ten.

Based on what I have heard from other users and what I have read, Netgate pfSense can scale.

The deployment was easy, but I took a cautious, phased approach to avoid disrupting household internet access. Once complete, the upgrade from my previous Netgate appliance allowed me to take advantage of SFP+ ports, so I put ten gigabytes into it and continued fine-tuning the system.

The initial deployment for basic functionality was completed within a few hours, but achieving full functionality took approximately two weeks. 

Netgate pfSense stands out as a cost-effective option that delivers excellent value. While I haven't personally used their support at home, a vendor I spoke with praises it highly. Their reputation suggests phenomenal hospital-grade support might be worthwhile for a critical environment like ours.

Netgate's maintenance contracts are significantly more affordable compared to other vendors, demonstrating their competitive pricing and commitment to customer value.

I would rate Netgate pfSense ten out of ten.

Netgate pfSense is low maintenance.

Before committing to any network or security hardware, including Netgate pfSense, I recommend a Proof of Concept to ensure it meets your specific needs. Don't rely solely on others' suggestions. Thankfully, pfSense offers downloadable virtual images, allowing you to experiment with its features before purchasing physical equipment.

We use pfSense internally to protect our management networks and provide VPN access to our internal staff. We also use it for customers needing a more sophisticated firewall than your home or small business WiFi router firewall package.

We deployed it at work when I got hired because we needed to replace the existing hardware solution. I've used pfSense for over 10 years, so I drew upon the experience from the experimentation I do in my home lab.

We're an ISP that provides managed services. We deploy pfSense as part of a larger solution, usually a contract for managed services. We provide their Internet circuit and a managed firewall so that they don't have to do that themselves. They pay part of the hardware cost—maybe 50%—upfront, and then the rest of it is applied against a contract, after which they will then own the hardware.

We use pfSense as a hybrid within our data centers, with some virtualized instances running pfSense community edition and some as Netgate hardware running pfSense Plus (the higher-end ones because we need a firewall that can handle 10 gigs of throughput). We've got multiple different models of the official hardware deployed for ourselves and some managed customers. They range from small businesses to a professional sports venue.

We use pfSense for work because I was already aware of its flexibility for our needs. The solution provides a great base level of network protection. PfSense is not a next-generation firewall, so it doesn't do in-line virus scanning or offer out-of-the-box IPS/IDS, but that can be covered by a manged antivirus suite and following good security practices. In terms of how secure pfSense is and how secure it keeps your network, it does that very well.

The biggest benefit of pfSense is its ease of setup, especially for VPN — both the end-user VPN and site-to-site VPN. It's easy to add features to pfSense via the package management system. We can just turn things on. They have made it much easier to deploy things like free radius, where we want to have enterprise authentication for WiFi. It's by far the most flexible firewall I have ever worked with. There are also packages for ACME for Let's Encypt SSL certificates, and HA proxy.

The pfSense Plus package has given us peace of mind, but we haven't had to open many trouble tickets with NetGate. Aside from the maintenance and support contract, the only feature we use from pfSense Plus is the wizard for building site-to-site VPNs from our locations to AWS VPCs. Building site-to-site IPSEC tunnels to AWS is a fairly complicated task, so having that wizard made it easier.

I would like a management console to manage and monitor multiple pfSense installs. We have several pfSense hardware devices installed and as far as I know, there is no single, unified pane of glass that I can use to manage all of them at once. That's the one thing I wish I had, just having a good single unified configuration interface for each install. 

I have used pfSense at my current company for at least four years now, but I've used it personally for over 10 years. 

I have to really dig deep to come up with any shortcomings. If you are using VLAN tagging, and making adjustments, restart the DHCP and DNS services manually, just in case.

As far as I know, there isn't a single console from which I can manage multiple installs. That is the only thing impacting their scalability. They max out at 10 gigabits per second, but anything above 10 gigs is such a niche market. To be honest, I doubt that's their target.

I rate Netgate support 10 out of 10. They turn around tickets quickly and their staff is fairly well educated. When I provide detailed information about the problem, they've been able to reply quickly with a solution or go research the problem and get back to us quickly with a fix. It's been pretty top-notch.

Positive

I've used OPNSense, a fork of the pfSense project, as well as Cisco ASA, PIX, Palo Alto, Ubiquiti's Unified Gateway, SonicWall, and FortiGate. Some bigger Ubiquiti firewall products are comparable to pfSense, and Cisco ASA has name recognition. SonicWall and FortiGate offer some enhanced features, like better threat management you get as part of a subscription, some block lists, and some more next-generation firewall features.

Overall, our chosen solution is pfSense, as it balances features and cost. It isn't the best at everything, but it's more than enough for almost everything you can throw at it, and it isn't ridiculously expensive like some solutions. It is massively flexible. Although it is missing some of the more esoteric features, you don't need those features 99% of the time. If you have the budget for it and need to do something more advanced than just the basic firewall, it remains the go-to solution we use every time. It's why I keep a couple in stock on the shelf so that I don't have to order them if we need one for an immediate customer install.

It's incredibly easy to deploy pfSense and takes no more than 30 minutes in a typical small office setup. A typical out-of-the-box setup for a small business can be running in five minutes flat. We usually have a two-person team with someone from our network engineering team responsible for the configuration and a field tech installing equipment on-site.

Regarding maintenance, you need to go back in occasionally and install the most current version of the software. We check for updates every couple of months, and that's it. That's it for maintenance. Once it's installed, we fire it and forget. It's there, and it works.

In-house

Priceless

I would say pfSense is competitively priced. It isn't the cheapest hardware, but I've never had a problem with it. It is far cheaper than big brand names like FortiGate and Cisco while delivering a feature set that's nearly the same across the entire list. The only places it falls short are esoteric features that almost nobody needs.

The support plan is reasonable. The pfSense Plus license with the warranty is either 400 or 800, depending on the level you want. For a commercial customer, that's more than reasonable and a lot cheaper than many solutions. We haven't had any sort of issues with the firewall hardware itself, so it's doing extraordinarily well on the total cost of ownership.

We did side by side comparisons of the feature sets and prices, and drew upon our experience with multiple vendors, including the equipment we had at the time.

I rate Netgate's pfSense 10 out of 10. I recommend turning on the built-in automatic configuration backup so that if you mess something up, you can easily restore the configuration from a backup and get it back up quickly. I also suggest downloading the community edition on a spare computer to play with and break because it's free.