We are solution providers and this is one of the products that we deploy for our customers. We replaced old Cisco ASA with pfSense and it proves as a good choice.
Netgate pfSense Plus Firewall/VPN/Router
Netgate | 24.11.0Linux/Unix, FreeBSD 14 - 64-bit Amazon Machine Image (AMI)
External reviews
416 reviews
from
and
External reviews are not included in the AWS star rating for the product.
L2TP vpn stop flowing traffic after http request
Hi there,
I am trying to configure L2tp with Linux fedora as client, I am able to ping any remote host however once I hit any Http destin from client, l2tp vpn stop working vpn stayed connected however no traffic flow even ping stop working
Open source firewall and content filter UTM.
What do you like best about the product?
Its open-source and give the same functionality as other paid UTM can provide. IT can be installed at a virtual machine and required minimum resources to operate.
What do you dislike about the product?
When there is any bug identified, users need to wait till the next update to get a solution for that bug. Sometimes proxy services stop themselves i need to do restart manually.
What problems is the product solving and how is that benefiting you?
I can restrict my user from surfing websites, download software, create VPN for remote users, get logs of internet surfing. It can be installed as a virtual and physical PC also.
The Must Have Home Router Solution
What do you like best about the product?
This is the best user interface I've ever used for the complex task of network management. The defaults are excellent, and optimizing settings is easy thanks to great documentation.
What do you dislike about the product?
I've had quite a bit of trouble using the built in upgrading feature. It always breaks the router and you *must* install pfSense fresh and recover your previous configuration.
What problems is the product solving and how is that benefiting you?
I'm taking control of my own network. I'm controlling bandwidth access, external access, and optimizing my own traffic.
Recommendations to others considering the product:
Take the time to learn what pfSense can do and how to do it and your life will be so much better. Controlling your own network gives you a lot of peace of mind since network connectivity is so important in today's world.
Feature-rich, well documented, and there is good support available online
What is our primary use case?
How has it helped my organization?
PfSense gives tools to protect the network. If you configured things properly then you'll be protected to the distant level. PFsense gives a solid set of functionalities that work perfectly. VPN services are stable and easy to deploy.
What is most valuable?
The classic features such as content inspection, content protection, and the application-level firewall, and VPN Are most common. This is a feature-rich product and the documentation is good.
What needs improvement?
Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually. It would be more user-friendly if things were set automatically.
The drop in performance can be drastic when you use more advanced techniques. There is some trade-off between having a certain level of security and maintaining acceptable performance.
For how long have I used the solution?
We have more than ten years of experience with pfSense.
What do I think about the stability of the solution?
The stability of pfSense is standard. It is rated as one of the good solutions in this area.
What do I think about the scalability of the solution?
This product is scalable to some point, although we have never used it for large companies. We use it for small to medium-sized organizations. For big companies, we more often implement Palo Alto.
In our company, we have a data center and some of our clients are hooked to it. This is something that we have on-premises for our customers.
We have plans to increase our usage with pfSense because we have had good feedback from our customers. In fact, with the good experience we have had, our sales have been slightly increasing. Our sales are shifting from Sophos to pfSense.
How are customer service and support?
The technical support is organized well. We do most of the technical support for our customers in-house but there is a second level of outside support available. It is okay.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We currently resell products from both pfSense, Sophos and Cisco. In some areas, pfSense is better than Sophos. I have been a bit disappointed with Sophos because I know their history, and I don't think that they have advanced as well as they should have in that time. Also, they have two different products, XG and UTM. This is another reason that I prefer pfSense, at least a little bit, over Sophos.
How was the initial setup?
The initial setup is complex. If you have a straightforward setup then you will have straightforward, basic protection and nothing else.
It takes a few months to adjust where you start by setting it up, and then you have to monitor it and see what's happening. It's ongoing work because, after this, you have to keep monitoring and adjusting to the situation. This is part of the service that we perform for our customers.
What about the implementation team?
We are the integrators for our customers and deploy with our in-house team. We have people in the company who are specialized in this area.
What was our ROI?
The return on investment depends on the predicted cost of failures of the system, or intrusion of the system, which is hard to give a straight answer on. In part, this is because different companies put a different value on their data.
For example, with medicine, if somebody were to steal the data related to the latest CORONA vaccine then the cost would be tremendous. On the other hand, if there is a company that is making chairs, stealing the design of the chair probably wouldn't be as high when compared to an application in medicine. So, there is not a straight answer for that.
Return on investment, in any case, I think for every company, this is a must. Put in a straightforward way, they can count just the possibilities of having an attack on their system with a cryptovirus. If they can save their data from attackers then it would save them at least two days of not working plus the cost of recovery, which would be much more than the cost of the system and maintenance.
What's my experience with pricing, setup cost, and licensing?
The price of the licensing depends on the size of the deployment. pfSense is open-source, but the support is something that the customer pays for. We charge them for the first line of support and if they want, they can purchase the second line of support. Typically, they take the first-line option.
The term of licensing also depends on the contract. The firewall doesn't always have a contract but rather, there is a contract in place for the network, which includes UTM.
In addition to the licensing fees, there are costs for hardware, installation, and maintenance. We use HPE servers, and the cost depends on how large the installation is. The price of setup is approximately €500 to €800, which also includes the initial monitoring.
The maintenance cost isn't really included in the network fees.
For smaller companies, we charge them a few hours a month for monitoring. It takes longer if the client is bigger.
Which other solutions did I evaluate?
Palo Alto, Fortinet, Sophos, Cisco
What other advice do I have?
It is important to remember that you can't just leave the device to do everything. You still have to know what you're doing.
I recommend the product. It's well-balanced and one with a long history, so it doesn't have child's diseases. There is a lot of online support available online, which they can consult themselves. But, in the case that they need support, they can hire a professional support line and that is highly recommended.
I say this because usually, people look at the UTM as something that should be put in the system, set up, and left alone. But, this is not the case with this type of solution. Therefore, I strongly suggest making an outside agreement with a specialized company that will take care of their security from that point on.
The biggest lesson that I have learned from using this kind of product is that you can't assume that the internet is a big place and nobody will find you. There is always a good possibility that robots will search your system for holes, and they are probably doing so this instant. This means that users should be aware and have decent protection.
In summary, this is a good product but there is always room for improvement.
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Great Openvpn Fireewall Router
As usual pfsense is one of the top freebsd based router/firewall/ids systems available,ahrd to fault and the interface doesnt lack anything.
This AMI image provided by netgate and amazon ec2 is up and running for multiple users within an hour if you are familiar with openvpn and pfsense,with the amazon ec2 interface making ease of the process.
Throughput , lack of loss and scalability even on the t2nano ec2 is superb and certainly exceeded our expectations considering other testing on bare metal configurations with more ids and other applications.When looking at the this machine vs the required bare metal to to normally achieve this hypervisors performance its great value.
Looking forward to the arm version of this and other additions.
Filter you ssh channel in the ec2 console for your address or dont enable the ssh console on pfsense until or when needed.
One of the best Firewall Appliances in the Market
Best value for money. pfsense has never failed me to date. It's powerful and in par with industry leaders. Matter of fact, there are many instances where industry leaders are behind in some technologies that pfsense support. Keep up the good work guys
Pare-feu de routeur intelligent entièrement équipé
Qu'aimez-vous le plus à propos de the product?
pfsense transforme votre ancien PC en un routeur pare-feu intelligent entièrement équipé avec l'ajout de quelques cartes réseau. Le meilleur, c'est que vous pouvez le faire vous-même et qu'il y a beaucoup de support disponible gratuitement sur Internet.
Que n’aimez-vous pas à propos de the product?
Étant un produit open-source, la possibilité de bugs et d'erreurs peut être plus élevée que pour les produits à source fermée. Pour tolérer cela, des mises à jour et de nouvelles versions sont fréquemment publiées.
Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?
pfsense offre à ses utilisateurs de très bonnes capacités de reporting. Les rapports en temps réel, tels que la bande passante réseau, peuvent être très utiles pour contrôler l'utilisation des ressources réseau. Divers packages de reporting peuvent également être ajoutés à l'installation de pfsense selon vos besoins.
Recommandations à d’autres personnes envisageant the product:
Pfsense peut être proposé comme une solution complète qui satisfait aux exigences de routage et de pare-feu dans l'administration réseau.
Meilleur pare-feu réseau basé sur logiciel
Qu'aimez-vous le plus à propos de the product?
pfSense est un pare-feu réseau basé sur un logiciel, dont le code source est librement disponible. Par conséquent, ils ont donné la liberté de modifier le code source et de le personnaliser selon nos besoins.
Que n’aimez-vous pas à propos de the product?
pfSense ne fournit que le logiciel pour le pare-feu et ne spécifie que le matériel requis. Cela peut donc soulever la question de savoir s'ils seraient en mesure de fournir un support complet en cas de problème matériel entraînant une erreur logicielle.
Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?
De nombreux services basés sur le réseau peuvent être trouvés regroupés dans pfsense. C'est la principale raison de sa popularité dans la communauté réseau. Même si vous ne trouvez pas certains services dans la version par défaut, ils peuvent être téléchargés et installés ultérieurement.
Recommandations à d’autres personnes envisageant the product:
Ceci est fortement recommandé pour les administrateurs réseau pour une gestion efficace des ressources réseau.
PfSense: a great firewall and VPN system
What do you like best about the product?
PfSense lets us to set network rules up simply using the internet browser, so VPN configurations can be easily installed and clients can be easily connected while using the VPN. Traffic visuals are beautiful too. A large number of add-ons enable the manager to increase the functionality to satisfy the organization's needs and requirements. PfSense is a such a superb firewall system that all traffic is recorded and packages can be installed to snort heavy traffic.
What do you dislike about the product?
The modem's features can not be integrated into a pFSense box. This may limit the auto-deployment of something in conditions where firewall rules are required or HAProxy settings modified. So, I have to reach for other measures, such as SSDs, so that any technical failures should be prevented.
What problems is the product solving and how is that benefiting you?
We mainly use PfSense as a firewall and VPN system throughout the business. The software helps us to get a routing protocol conversion and to protect our subnetwork, so intruders can not access our databases on an attack. Before PfSense, we wanted anything easy to develop and maintain that did not involve excessive payments or ongoing expenses to limit our financial risks.
Recommendations to others considering the product:
I think PfSense would be a great tool for any IT department that needs a decent high-end firewall alternative but doesn't want to purchase a lot of equipment or licenses, although hardware could also be bought to make pfSense an all-in-one alternative for even the highest applications, but it is not mandatory.
Connectez-vous à Internet en tant que pare-feu central edge
Qu'aimez-vous le plus à propos de the product?
PfSense offre une sécurité solide car il est centré sur FreeBSD. Le serveur de base de données me permet de fournir la capacité à l'IP que je veux à la demande de l'utilisateur avec plus d'énergie et moins de puissance aux clients avec moins de demande. Cela rend la configuration du pare-feu et du NAT très facile et utilisable. pfSense est un puissant équilibrage de charge de trafic car le clustering fonctionne assez bien. Toute amélioration apportée à la base de données est également fournie avec un produit interactif.
Que n’aimez-vous pas à propos de the product?
Lorsqu'une interruption du Web se produit, pfSense commence à fonctionner très lentement, je suppose parce qu'il crée des charges pour tous les utilisateurs autorisés à accéder au réseau. De plus, si le miroir de disque ajoute un supplément aux faders de canal, cela empêcherait un temps d'arrêt imprévu en raison de défaillances du disque dur.
Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?
Dans le département informatique, nous utilisons PfSense pour nous connecter à Internet en tant que pare-feu central. Nous utilisons également pfSense pour gérer les charges ou ne pas respecter les spécifications des applications entrantes ou de l'hébergement réseau. L'interface VPN est également accessible pour nous permettre de lier et de tester si nos produits sont sur la plateforme, depuis presque n'importe où. En termes d'utilisabilité, pfSense a dépassé les attentes.
Recommandations à d’autres personnes envisageant the product:
PfSense est un outil idéal à utiliser comme pare-feu principal ou serveur VPN avec de nombreux paramètres, car il vous aide à surveiller le trafic efficacement avec des transferts VPN moins contraignants et des prix de licence réduits. Je recommanderais pfSense pour les petites ou moyennes entreprises qui nécessitent une gestion de charge.
showing 401 - 410