We use our Netgate appliance in our office and resell Netgate appliances and services.

We realized the benefits of pfSense immediately. For example, we needed to connect two ISP connections to use them simultaneously in the office without separating the network. We immediately saw the benefit upon installation. Otherwise, we would have two different connection lines and need to separate the users between the two networks. With pfSense, we could get that benefit instantly. 

Some applications also deliver benefits over time in addition to the immediate benefit on the routing side of an installation. Eventually, you will see other benefits in creating certain policies that apply to users, such as the firewall's filtering capabilities.

In terms of data loss, the ability to create policies that would be a step toward intrusion prevention or malware blocking would be a secondary benefit. As I understand, pfSense per se is Netgate and we have a data loss feature in itself. As a layer of protection, then that creates a layer of protection against data loss.

PfSense offers single-pane-of-glass management. When you log into the system, you immediately see this dashboard, which shows the resources and utilization of the pfSense device. The most important information is in that dashboard. In our case, we have a standby monitor where IT support would look at it. If something is created there, that gives them an idea of how that something is set up. 

The pfSense Plus edition has features that prevent downtime, such as load balancing. We can automatically route traffic to another ISP should the primary or the secondary be down. It's the most important feature for some of our clients. It prevents downtime because it will automatically route to the active connection. 

We have to go through a step that gives you visibility into certain alarms that indicate a possible security issue. That feature provides visibility into potential network security issues. We run servers with applications that are critical to office operations. When monitoring the network, the server is the priority.  Having clear protection ensures productivity because sometimes issues inside the application impact the use inside the office and those outside the office. PfSense is able to add a layer of protection to these application servers.

The most valuable feature is the routing capability. We're primarily using the appliance as a router to provide DNS and multi-WAN routing. Flexibility is also critical. The solution provides flexibility in terms of creating firewall rules. It's extensive, which means you can create several rules with different elements involving firewall policies.

It's easy to add features to pfSense. When I started, I didn't have a networking background, but I was able to follow the materials and learn through hands-on practice. The interface is easy to navigate and understandable.

The intrusion protection system is provided by a third-party provider that's verified by pfSense. It would be best to have an option for IPS because when you deploy pfSense to a SOC, you have to subscribe to another IPS provider.  The IPS should be a default feature. On the other hand, that's also the benefit of pfSense because you can also acquire another IPS solution. 

We started using Netgate in 2016, so we have used it for almost nine years.

I can only think of one instance where stability would be a problem, and that's the power supply. We have tested the hardware for a single power supply, so if it was deployed in a location where the power supply is unstable and without the proper UPS, then it will cause problems. That is not due to pfSense per se. It requires a redundant power supply on the end user side to provide sufficient UPS or some sort of backup. On the software side, I don't recall a major incident where the software got corrupted.

Sometimes, it could get corrupted in the course of maintenance. For example, if the logs are not cleared, and the storage becomes full over time. 

The hardware is not scalable. Normally, we ask clients to project where they will be in two or three years and advise them to buy a model that fits their requirements. If you already have fixed hardware but you haven't factored in the number of users, you will hit a wall. PfSense has some scalability, but it depends on your hardware. 

I rate Netgate support 10 out of 10. When you acquire Netgate hardware, you gain access to online support. We've had some issues that couldn't be resolved, so we had to raise a ticket to online support. The feedback was quick, and we didn't have any major issues left unresolved because the online support was effective.

Positive

We deployed certain prescribed network equipment, like the Fortinet firewall. We started using pfSense Community Edition because it's free and highly available, but we saw the benefit of the commercial version, which is more stable, so we decided to upgrade to that. 

When we started, we were already using the community version. It took some time because we have some IT personnel. Sometimes, when we have just hired an IT staff member, and we introduce them to pfSense, I see that they can easily adapt or understand the features and how to manage the firewall. They can install the community version and play with it. The installation is easy and staff can learn it hands-on.

We deployed it in-house, but when we hire some IT support, we require them to have some exposure to pfSense. The pfSense community edition is pretty popular, so we don't have much use for consultants. We provide the service because we understand pfSense.

PfSense is easy to maintain. You only need to modify the configuration when there are additions to the network or you need to change the firewall rules. Other than that, the features and systems don't require much maintenance. 

In the Philippines, most users are small or medium-sized enterprises. Small businesses also need a level of protection, so sometimes, what they need is basic protection. For example, they must protect their ports so they cannot be scanned from outside and layered protection and filtering. They would like something without a recurring cost, which pfSense can provide for basic features. 

PfSense offers solid value for small and medium enterprises, so it's highly applicable. It serves our purpose even in our use case. We have certain critical applications that must be protected, and the pricing is good for us. The good thing about pfSense is that it supports layer three or IPSec VPN at no additional cost. That in itself is a good feature for small and medium enterprises, and we can deploy VPN at no additional cost. We can deploy other applications, adding a layer of VPN without much expense.

I rate Netgate pfSense eight out of 10. 

We use pfSense for IT security and load balancing the internet traffic across our three lines. We also use a package available in pfSense called pfBlocker that blocks some DNS records. For example, it doesn't allow ads to appear on the website. We have a site-to-site VPN with our different sites. 

The benefits from pfSense were immediate. We tested pfSense on a third-party machine, and soon after, we purchased a Netgate machine. PfSense prevents data loss by blocking malicious sites or apps with pfBlocker and the Suricata package, which acts as an IPS. 

PfSense has multiple WAN ports, helping to reduce downtime. We can set multiple Internet lines. If one line has an issue, we can still access the Internet from the other or communicate with the other sites. We also have a high availability feature with pfSense. For example, if we have two or three pfSense devices, we can have high availability. If one goes down, we can still work with the other one.

The visibility that pfSense has enables us to make data-driven decisions. From the logs, we can see blocked or allowed traffic. We generally see what goes into the firewall and change the rules or configuration. 

From the dashboard, we can see the utilization and how our lines behave during working hours. We can see if we need a higher-performance device, a line upgrade, or a feature.

I like pfBlocker and the ability to install more packages from the pfSense console. It's easy to add features, but you can check the user communities and videos if you encounter any difficulties. You have the flexibility to choose VPNs with WireGuard or OpenVPN and make firewall rules. It's easy to create a group with multiple IPs, hostnames, or areas and create a rule for that group.

You can make your own configurations on every module and create custom packages, which makes it more flexible. The dashboard is customizable, so you can create your dashboard based on what you would like to see and have all the data there on the dashboard. You can start and stop everything on the dashboard. 

PfSense could better utilize the interface and dashboard and include some packages in the built-in solution. For example, pfSense is sharing some other packages. You have to download and configure them within the package manager of pfSense. Some of those important ones, like the IPS and the monitor, could be installed on the solution's image and configured.

I have used pfSense for four years in business and at home.

I didn't notice any performance issues. 

pfSense is scalable.

I rate Netgate support nine out of 10. I have contacted them twice in the last six months, and they responded and resolved my issue quickly. 

Positive

We used UniFi UDM, Hillstone, and OPNsense, which is similar to pfSense.

Deploying pfSense is straightforward. It took about an hour to install and configure. After deployment, the only maintenance required is periodically checking for new updates or security fixes. 

pfSense's price is excellent and similar to its competitors. It has a low total cost of ownership for all these features. 

I rate Netgate pfSense eight out of 10. 

I use pfSense as a firewall for a university client with 10,000 to 12,000 users. I'm a consultant to the client, and they haven't introduced the product to their IT team. They are only starting to train themselves and use it to secure their environment from end to end. 

One of the biggest benefits is cost savings. It has reduced operating costs compared to Sophos by more than 50 percent. PfSense Plus helped us minimize downtime. I can configure it for high availability, and the machines are simple and reliable. The Netgear devices work well. They stay up. I built a cluster, and they work seamlessly. 

I like how affordable and flexible pfSense is. I can achieve the protection I need in a flexible manner. I enjoy using pfSense. It's effective and solid.

Two key areas need improvement: the traffic profile and better centralized management. It would be great if we could have a single pane of glass for managing multiple appliances running in different locations. Sophos has much better centralized management, but you're paying an arm and a leg for it.

The management is good, but it's quite basic. If I have multiple instances deployed, I can't manage the information like I would when I use something like Sophos Central to manage multiple devices in different locations. 

The portal is still not well-tuned. There are still issues regarding implementation and its effectiveness. But besides that, everything else is great, from the purchase to implementation, setup, etc. Only the portal needs a lot of work.

I rate pfSense 10 out of 10 for stability.

I rate pfSense 10 out of 10 for scalability. It's highly scalable. 

I have not contacted Netgate support yet, but I've heard that the technical support is excellent. I can't afford it.

We were using Sophos but switched due to the price. I was looking for a more affordable firewall solution, which brought me to pfSense. I sought something to replace our existing device. We needed something to do the same thing I was doing, including firewall, IPS, etc., but that wouldn't cost me as much as Sophos did.

PfSense isn't very easy, but if you know what you're doing and know what you're looking for, you can get it done. It's technical compared to Sophos. It's not difficult. It's just more technical.

PfSense was straightforward. The infrastructure is complex, but the implementation was straightforward for me. Maybe that's because I've had years of experience in IT infrastructure deployment. 

The deployment time depends on the features you want to implement. It took me about a week. The initial setup took less than two hours, but it took me about a week to finish the tune-up. I mostly deployed it by myself. I just looked up online videos from experts and understood what to do next. After deployment, it requires the occasional firmware update. That's it.

I rate pfSense 10 out of 10 for affordability. The company did the price review of Sophos and just took it out of the wall. Most of our clients have recommended Netgate. The total cost of ownership is excellent. It makes a lot of sense for SMEs. I pay a little bit on top. The Netgate infrastructure is much easier to approach. 

I rate Netgate pfSense eight out of 10. I recommend it to others. It's affordable and not that difficult to set up or manage. You need to be certified to use Sophos, but we don't need any specific certifications to own or manage pfSense.

I have three firewalls running my entire county and 11 smaller versions of the firewalls doing OpenVPN tunnels to my remote sites through StarLink. 

PfSense has been highly flexible, and it's worked out great for us for the most part. The Plus version has support, which we will pay for since it is our edge firewall. I have not had an issue with adding features.

We're doing a lot of OpenVPN tunnels, and some of the fields in the OpenVPN setup on the server side do not lend themselves to multiple sites. It's kind of ugly. It's a big list of allowed IP addresses. I'd much rather see that via the table individually. 

The individual firewalls have a single pane of glass view, but we have so many of them. You need to log into each to manage them.

 I'm officially about two years into using pfSense and one year in production.

I have not had any crashes happen. 

Overall, I've been happy with these firewalls.

I rate Netgate support eight out of 10. They were highly responsive. It was strictly email support. I didn't buy phone support.

We were running a Sophos firewall as the edge router of everything we did, and it wasn't meeting our expectations. I've used Cisco firewalls for most of my career. The Sophos firewall was underpowered and overburdened. It was constantly causing issues, such as filling up the logs and crashing the firewall in the middle of the day. I have not had that issue with the pfSense.

It was harder to order them than it was to deploy them. As a county government, we ran into purchasing issues, but we ultimately managed to make it happen. It took us about three months to deploy all of them. After deployment, you need to update the firewall codes and back it up. That's pretty typical.

PfSense was quite a bit less expensive than some other alternatives, and it's worked as well as we could hope. We have three 1500s and 11 of the 4100s. The total cost of ownership has been pretty beneficial.

We looked at some other options. I'm a Cisco guy, but pfSense firewalls provide more bang for your buck. 

I rate Netgate pfSense eight out of 10. 

We use pfSense as the primary firewall for our data center. 

We have a high availability setup, so we have had no downtime. PfSense gives us metrics about how the firewalls perform in terms of CPU, memory, etc., but I don't think it tells us how to address it. If we have an issue, we can always open a support ticket.

I find pfSense easy to use and configure. We have a high-availability pair, so if one has issues, it will failover to the other automatically. Overall, it's been pretty easy to build VPN tunnels and functions like that.

I don't think pfSense is as good about monitoring as it could be. There are logs, but they're kind of hard to get to. You need to send it to a log monitoring system. It's good about monitoring and learning this. You'll get an alert if there's an issue with the firewall itself, but it's not detecting security attacks. 

PfSense has the bare necessities essentially, but it isn't an advanced firewall that protects against layer 7 attacks or DDoS. It's not on the same level as Palo Alto, for instance. You can add some higher-level security features, but it doesn't do that out of the box. Maybe there's another functoin we can add to it, but it feels like it's not catching more advanced attacks.

We've used pfSense for around five years.

The stability has been great. We've rarely had any issues that have caused a failover. When we do, the failover has made it. I don't think we've experienced any real impact from it that caused any product issues. 

While we've added more IP addresses and traffic, there are some limits to its scalability. We've run into this before with graphical issues. We opened a ticket about that, and they said they found a bug that they were looking into. 

I think we're going to get close to reaching a limit with the mid-to-lower-end models at some point. The scalability is good but probably not great.

Their response has been excellent. Sometimes we've opened a ticket, and we've gotten a response back right, other times it took an hour or so. They're responsive now. 

In terms of the quality of their answers, they have been good to great. 

Positive

At previous companies,  I have worked with Cisco and Palo Alto firewalls. Palo Alto is probably a better firewall because it does more blocking. It's also quite a bit more expensive. For what you get, a Netgate pfSense solution is a highly cost-effective firewall.

It was in place when I joined the company, so I wasn't involved in the deployment. It requires some maintenance, like adding new firewall rules or VPN connections. We also upgrade it once or twice a year. 

Including the support costs and the hardware, I think pfSense is reasonably priced. It's very affordable. The total cost of ownership is favorable. We've had a hardware device that lasted over five years, and they're still doing well. We're able to buy at least software support for them.

I rate Netgate pfSense seven out of 10. If you have an enterprise environment, I recommend having two for high availability. Make sure you purchase and keep up with the software support in case there are any issues. Those are the two biggest things that helped us out. 

I use it for my firewall at home and when virtualizing labs to do routing between different network segments. I use it in the business that I am currently with at our main office and our other site. I worked at an MSP before that, and it was the firewall that we recommended to clients who wanted to go beyond what you'd buy at Best Buy, like the random Linksys or Netgear. I haven't touched the enterprise level, like the expensive ones where you might have 20 different Netgate segments with failover.

We deploy it either on bare metal or virtualized on our own virtualization platform. We have not deployed it on any cloud. The primary cloud services we use are software as a service, so our firewall doesn't apply to that. If we ran our own set of servers in the cloud somewhere, we'd probably consider pfSense for routing between them, but we don't have that use case.

When I started using it back in the day, someone told me that there's this firewall you can install on an old PC to get all these features that are normally only available on expensive enterprise firewalls. 

I realized the benefits immediately. When I installed it, I had access to features like multi-WAN, which is more common now. You can get small home office routers with multi-WAN these days, but when I started a decade ago, it cost thousands of dollars and required enterprise equipment. It was mind-blowing that I installed it and could hook up two Internet connections for no extra money.

It doesn't directly prevent data loss because pfSense doesn't have a DLP function, but the security aspects, like the pfBlocker, ClamAV plugin, and proxy, are all great. The security components help prevent data loss by securing the network. As far as I know, pfSense doesn't have a data loss prevention function that scans for somebody trying to exfiltrate data. 

The failover or load-balancing WAN helps reduce downtime. It also supports high availability between two firewalls, although I've never set that up. Those would minimize downtime of the firewall individually and the company as a whole.

We don't use it that way, but it has extensive logging. If you were to dump all those logs into something like Graylog, Elasticsearch, etc., you could analyze and decide based on that data. We don't use it like that, but I know that with the extensive logging that it has, it could be used that way.

PfSense has an excellent ability to optimize performance, especially with the plugins. It helps me determine where my bandwidth is going and get reports on latency, jitter, etc. I use all of these features regularly. If the internet is slow, I can go see who's hogging it by downloading giant files, or I can identify where there's a lot of latency on a particular gateway.

I like that there's a community edition that I can install on my own virtual machines or hardware. I can test things without messing with them in production, which is incredibly useful. If you have a Juniper or Cisco, you can typically only afford one. 

You're forced to make changes in production and hope they don't break anything because there's no easy way to have a testing environment. The free version of pfSense offers load balancing or failover WAN, which is also helpful. Most commercial firewalls don't have that in the cheapest iteration of the hardware. 

The community edition makes it easy to learn because you can try it before buying it and putting it in production. There's no equivalent if you want to buy FortiGate, WatchGuard, or any of those and fiddle with them on your hardware before putting it in production.

Many plugins for pfSense are easy to install off the store, and they work. The basic function that you want to do are pretty easy. However, it is more complicated than your average home office router, but that's to be expected. The fact that it is an open-source project that's trying to be all things to all people does mean that sometimes things can get a little bit complex, sometimes unnecessarily. For example, the IPSec VPN setup has five hundred options, probably more than anyone needs, but it works. Their documentation is excellent. In instances where you might not figure it out on your own or the interface might not be super clear on how to do something, the documentation is usually good 99 percent of the time. 

I appreciate pfSense's flexibility. I can buy supported hardware from Netgate with it already on there, buy support for my own hardware, or run the community edition on my own hardware or a virtual machine and get all of the same functionality. 

Snort or Suricata don't block things they should out of the box. It's always been a pain point of pfSense. If you turn on Snort or Suricata for IPS or IDS, no setting is effectively set and forget. Turning any commercial firewall to the lowest setting will provide you with a decent amount of security with almost zero false positives, but pfSense is not that way. You've got a babysit Snort and Suricata to the point where sometimes you turn it off.  

I know one of their rising competitors, OPNsense, has the ETS rules. I forget who provides it, but you turn on a rule set, and they just work. They have a built-in set of rules for Snort and Suricata that you turn on and it provides a reasonable amount of security. That has always been a pain in the neck with pfSense. It's the single biggest thing that they could do to improve it. Honestly, they're losing business OPNsense for that one reason. 

I have used pfSense for at least 10 years.

As long as you don't use bad hardware, it's fine. PfSense has issues with some Realtek network chips. If you use bad hardware and get bad results, it's your own fault. I usually have as much uptime as there is between patches. It's highly solid after reboot other than installing the most recent patch.

I've never used pfSense at the high-end enterprise scale, but it can scale nearly infinitely as far as I can tell. There's a higher-level pfSense that's carrier grade that can handle hundreds of gigabit routing. We've got a Netgate plan and never had any problems. 

We see solid performance no matter what we're running on it. The fact is that it can run on a low-end, low-power fanless ARM CPU for a branch office. PfSense is usable in a lot of situations. It's also extremely scalable, which is also flexible in the sense that you can install it on some random old PC that you have at your house and use it for your home firewall. You can also use it in an enterprise with a multi-gigabit incoming connection and thousands of clients.

I rate Netgate support nine out of 10. I have contacted them a couple of times over the years. Each time I called them, they solved my problem or gave me a workaround within a reasonable time. It seemed like the people I talked to knew what they were doing. Sometimes, you call technical support and end up with first-level tech support who reads off a script. They don't listen to a word that you say and tell you to do all the things you've already done. 

I've been able to get people who ask pertinent questions and ask for logs. They remote into my machine or SSH into the firewall, so I'm happy with it. It was worth the money that we paid when we needed it.

Positive

I have used Smoothwall and OPNsense. Back then, I used to have a weird firewall that I can never remember. If you count OpenWRT, a replacement firmware for Linksys, as a firewall. However, you can't install it on any x86 OS that you want.

It depends on whether the user is familiar with general concepts like putting an ISO on a flash drive and booting off of it using some basic command line. It's very easy if they've installed operating systems before and understand how to boot off a flash drive. Flash the image to a flash drive and boot off it, then follow the prompts. If they don't have that basic experience, I wouldn't tell them to deploy it themselves. I'd tell them to buy a box from Netgate with support. 

That can be tricky if you've never done it or don't understand the concept of moving off of a flash drive and installing an OS. There's not anything Netgate can do about that because there are thousands of different pieces of hardware you can try deploying pfSense to, and pfSense can't give specific detailed instructions for every one of them. That's when you go buy Netgate. 

The first time, it took me days because I had no idea what I was doing. Now, I can set up a pfSense with good basic functionality in an hour. It doesn't take very long. I've probably done it hundreds of times now.

After deployment, you've got to install patches periodically. If you're using Snort or Suricata, you've got to pay attention to those. If you're using pfBlocker, you've got to install patches. If you're not using any of the plugins like Snort, Suricata, pfBlocker, Grid, or any of those sorts of things for advanced functionality, then there isn't any maintenance other than periodically installing your patches like anything else. 

The community edition provides all of the basic functions for free on your own hardware, and pfSense Plus comes with a Netgate appliance. It's a reasonable $200 bucks or so to buy pfSense for your hardware, and then it's $800 or $900 a year for commercial support, which is also reasonable for a firewall.

It's hard to gauge the total cost of ownership because there's a free, open-source version that, if you know a lot about pfSense already, it's almost zero cost. You can run it on any old hardware you've got. If you need support and multi-gigabit IPSec WAN speeds, you'll need to pay for that, but you will with anybody. 

I rate Netgate pfSense eight out of 10. They could polish up a few things, especially regarding IDS/IPS rules. A few interface things are a little more complicated than necessary. 

If you're moving to pfSense from a random Linksys or Netgate router, you need to realize it will be more difficult, and you'll need to learn more about networking concepts than you necessarily had to do with the random router that you've got. It's more complicated like that. 

That's to be expected because you're either a techie kind of person who thinks building your own firewall is fun, and they're willing to spend the time and effort to learn it. Or you want an alternative to FortiGate, Juniper, or whatever, and you want to buy a commercial Netgate product. This is going to be more complicated than the Linksys router I bought for $80 dollars from Best Buy.

I primarily use it for hybrid home/business power usage at a very small scale. It is both home and business because of working from home. pfSense is serving us as the main routing firewall and network configuration tool. It is the front-end brain for everything in our mixed environment.

pfSense allows me to manage both home needs and business needs and keep them relatively separate or at least appropriately separate. A key feature was to be able to use a small-scale device. I am using Netgate SG-1100, which is built to run pfSense on an RM platform. It has low power consumption, and it is economical. I did not need massive amounts of compute power, but I did need the feature set that typically, you can only get in enterprise-grade product lines such as Cisco.

pfSense is extremely flexible. The areas where I find it very flexible are the sheer number of configuration tools that are available and the extra packages that can be used to augment the core functionality. Even within the core functionality, it is capable of adapting to a massive number of different scenarios and network environments and needs. You can adapt to the needs of your network environment to the outside with ISP and internal needs. You can accomplish what you want to achieve internally with the product. It seems to have pretty much everything under the sun laid out.

It is pretty easy to add features to pfSense and configure them. If I am adding something for the first time, the web GUI is the most helpful tool because the layout is pretty logical in terms of how the forms are organized and fields are named and described. There are help callouts, and, of course, documentation. I have always found the official documentation to be helpful, but it is not uncommon to do some forum searching and read the discussions. Other people might be following a workflow that does not fit quite cleanly in there, but they made it match. Typically, it is pretty easy. Some of the things that I have done with pfSense are not inherently easy processes, but I feel that pfSense has made them much easier than they would be on different platforms.

I was able to realize its benefits immediately. I am an IT professional, but my use of pfSense is not as an IT professional. It is more like a solo entrepreneur for my wife and her business. When I look at the network administration that I am doing here, it says a homeowner and a business co-owner. IT and networking are not the kinds of things I want to dominate my time. It should not be dominating my time spent. From that standpoint, I was able to get the baseline configuration set up so quickly when I first set it up about seven years ago. I definitely felt a big value-add with the configuration backup and restore process. The first time I broke something on pfSense, I was able to revert my last configuration very quickly. That was a big win.

In terms of pfSense helping to prevent data loss, auto configuration backup is probably the number one feature. When I think about data loss in pfSense, I would mostly be concerned with losing the configuration itself. Having my own backups but also having Netgate backups available for me to pull down helps. I just have to make sure I keep the encryption password, and we are good to go. That is a big win.

I use pfSense Plus. I am pretty sure that auto configuration backup is a Plus feature. I am on my second generation of official Netgear appliance, so my experience with the Community Edition is limited. I am not sure if this feature is available to others, but for minimizing downtime, having the auto configuration backup is a big one. There is a restore option for quick reverts if a change did not go quite well. They are incremental, so reverting to whatever snapshot or revision version I need to revert to is very easy.

pfSense does not give a single pane of glass management, but I also would not expect that because it is doing so much and is capable of doing so much. In my environment, it is managing so many different aspects of the whole Netgate, but there is not a single pane. I use the logs a lot, but I have to look through individual logs. I am not aware of any log aggregation and analysis components that are already baked into pfSense. As I understand it, I need to ship my pfSense logs into another system to do a higher-level analysis and insight querying. An area that I am interested in working on is effective outbound traffic filtering. It is on our priority list because it is a tricky one. You do not want to let any outbound traffic go, but you also need to be careful how you are filtering outbound traffic so that you do not break things you are relying on for your functionality. A lot of people use a web proxy, but that only catches web traffic. With smart home devices and business stuff going on, you have to pay attention to it. I am very interested in being able to analyze the traffic logs that are being captured by pfSense with an IO, the outbound traffic, and the existing and potential firewall rules that I have in place for those. My current efforts have been focused on doing so with a different product because I do not believe that pfSense delivers that. I honestly did not expect that it would.

iperf helps with performance. We are able to do iperf bandwidth tests as both client and server to various endpoints and turn on a quick listener and see what is going on with who can get where fast. The diagnostic menu list is probably the longest one in there. That is a good sign because it just means that they have got a lot of tools available for me to use if something is not quite working right. If I want to improve performance, I have to take a measurement and take a look at what is going on currently and compare that to what I would expect to see. There is a wide variety of toolsets. I am not asking for this because it is not the kind of system that I would want to run, but there is no troubleshooting or performance improvement wizard that kind of walks you in a logical step. I know that there is one initial configuration wizard that is meant to get people going quickly for the first time and in a fairly simple setup, but even that was not a great value to me because I want to get quickly into more advanced configurations. It has what I expect for performance tuning.

Being able to configure VLANs on such a small device is one of the key unique features that made it attractive to me.

pfSense is very flexible, but my only drawback in terms of flexibility is that it is web GUI-driven. I know that there are some shell interfaces, but it is not a very heavily developed API when it comes to automation or configuration-as-code management. I would love to see that developed in the future so that I am able to manage my network configuration in YAML and TOML text format, have those changes applied in a source code environment, and have those changes read into an API that could then drive the configuration rather than have always having to use the web GUI just to make some layout changes. Web GUI has its advantages, but there are times when being pinned into that workflow is less efficient.

They should support the idea of configuration management as code from source code and provide a more robust API for managing the pfSense configuration. I know that with the web GUI, everything is dumped into an XML file. That is how it is backed up, and that is how it is imported. It is machine-readable and all that, but it is not necessarily a modern data format that would be used with API typically. They are maybe thinking of moving to REST API and SQLite backend. I do not know what they have in mind. I do not really care how they do it, but I would love to have the ability to interact with my configuration and make incremental changes via source code and utilize the API to implement those changes and roll them back with configuration as code as a strategy for managing my pfSense.

It has been about seven years.

The device is rock solid. I have not had any hardware concerns or issues. I do not have to reboot it. If I am having some kind of network issue, I do not have to restart my pfSense. Why I wanted the free BSP base is that I know that the core layer is rock solid. It is possible that something could happen where I would need to restart, but it almost never does.

It may have been with the older device for which I have worked with them twice. I opened a ticket to get the download link for recovery firmware on the SG-1000, and they gave it to me. That was very easy. That was fine. They responded quickly, no big deal. I appreciate it. I did not really need support. It was something that I could not get directly from the website myself.

I am not sure, but when I bought SG-1000, I might have had to send it back. They sent a replacement. It was less than a year since I had it. I still had a full warranty on the hardware. At some point, everything froze, and all functionality completely stopped. I tried the power cycle, and it would not even boot anymore. They did the serial console connection, and it literally was not even booting. They opened up a case and verified the same symptoms that I described. They replaced the board and sent it back to me, and it worked. It was solid from that point for five years that I continued to use it. After that, I upgraded it. Every once in a while you get bad hardware, but I was glad I could just send it back. The biggest fear I have, and probably the only reason I still have the old one lying around is that if something were to happen to this hardware and I had to send it back for support, I need to be able to keep my network running in the meantime. Even as a home and home business user, you start to creep into that space where you start to think that this is critical. How do you get by without the Internet? I know that I could get Internet back up, and I could plug in any off-the-shelf routers lying around and get basic Internet service back up, but the question is how much work would I have to put in to restore other services that pfSense is performing. I recognize that I did not invest in a high availability solution for my home and home business, so that is just a risk that I have to take.

I would rate their support a ten out of ten. There is nothing difficult about it.

Positive

Prior to my first pfSense appliance, back in 2017, I was running DD-WRT, which is not a commercial alternative. It is an open-source project that does not even have a paid or commercially supported version. It is meant to be flashed onto OEM hardware as a replacement for their firmware. pfSense can be used like that, but Netgate is doing something different with the commercial support and building the appliances and all that. In terms of the baseline functionality, DD-WRT is very similar.

In terms of comparison, pfSense is much more robust. It is a comprehensive solution for networking needs that bridges the gap between a shelf router and building a full enterprise stack, which would be overkill. Most small businesses and home users would not want to do that, make that kind of investment, and keep that kind of compute running all the time. pfSense lands right in that sweet spot. I know that OPNsense and a few other software products are out there. There are some Linux-based ones. I am definitely a fan of pfSense being built on free BSD. That gives me greater peace of mind with the networking stack and everything. I am a Linux guy too, but when it comes to core services, I prefer free BSD. If I have to, I might just go with the vanilla, free BSD system and build it out with automation from scratch, but pfSense does all that for me. I do not have to do all that initial work. They have got the configuration and tuning done already.

If you have general networking knowledge and understand the terminology, it is very easy. It depends on how detailed or how extensive is your configuration and what is the target use case. Are you using a VPN? One of the features I use is OpenVPN.

I go through the box. I have a single WAN connection. I have half a dozen VLANs configured. I have a VPN remote access interface configured. I have got DHCP servers. I also have IPv6 configured. I have extra configurations for each interface that need to be considered, including the VLAN interfaces. There are also firewall rules.

You can start with the baseline, and you can get the thing up and connected to the Internet easily within five to ten minutes. Once you start doing your internal configurations and firewall rules, it scales pretty quickly. With a couple of VLANs, like I have, you spend another half hour to get the VLAN to spec out. With OpenVPN, you have to work on certification generation and certificate matching and exporting. Configuring the client's side tends to be time-consuming. If you have four clients, it could take another hour to three, and then there are firewall rules. It depends on how you write them. If you write your rules well, you do not need to have so many of them. It also depends on how you configure your space. I have a lot of interfaces and a lot of rules. With a good, clear plan and no guessing and backpedaling, you could probably redeploy what I did in three to four hours, but it would actually take longer because of mistakes, troubleshooting, and all that.

In terms of maintenance, I certainly keep up with updates from upstream and make sure that I am aware of any software updates that I need to install. I like to stay updated with patches and all that. That was the main reason I finally upgraded from SG-1000. It was no longer getting the updates. There is always a bit of extra maintenance. It is not because pfSense demands maintenance. It is because the environment demands continual maintenance and monitoring. Paying attention to logs is a healthy practice.

I always make updates via pfSense whenever I am making updates in the environment for adding new DHCP reservations for various hosts in the environment and other things like that. I moved my local DNS services from pfSense because I had to go into the web GUI and clumsily add in new host entries. It was getting burdensome. I just wanted to be able to do this in a text file like I could on a Linux server. You just add your entry to the host file and you are done. I moved to DNS services on the Pi-hole software. Pi-hole is a partial competitor because it does not do everything pfSense does, but it can do some of the things. It focuses on ad blocking and filtering as well as providing local DNS resolution. A nice thing with Pi-hole is that you can literally open up a text file and add your entries there, and they just start working. You do not have to move from a terminal-based workflow to get that change made. Clicking through a web browser is not my favorite. It is a disruption to a workflow. So, maintenance is directed by requirements in the environment.

I buy the appliance and accept whatever comes with it, but I am not bought into paid support. When it comes to the pricing of the appliances, they are pretty competitive. The price is pretty competitive.

I just bought a Netgate SG-1100. Within the past year, I upgraded my Netgate SG-1000 from 2017 to Netgate SG-1100. I looked at some of the higher-spec products, but they started to get pricier. For example, Netgate 2100 was a consideration. The difference between the 1100 and 2100 is double. I looked at the specs of 2100 and what it could deliver. I did not need all the extra specs. I do not need to perform at that level although it might be nice to have some extra ports on my box. I then looked at 1100. I could get by with those specs. It was an improvement over the tiny SG-1000 that I was running, so it was a win, but the question always is whether there is something competitive and similar that I can build for less money and whether it would deliver the same value. You can get these Small Form Factor PCs. You can get ARM systems and x86 systems and similar form factors. You can get them with multiple NICs already installed. This is more or less your hardware with no support. You get a warranty on the hardware, but they are not selling you the software. You put whatever you want on it and build your system. You can install pfSense CE on that or build your own router on a device like that. Why I chose to buy it from Netgate was the peace of mind of the full stack support because it is probably the most critical portion of my entire home network. I decided to invest a little bit more and trust somebody else a little bit more to have my back. Peace of mind comes from having bought the official appliance. It has a very reasonable and competitive price model.

In terms of the total cost of ownership, you have the hardware price. You are combining the price of any hardware support contracts that you may or may not be paying for and somehow estimating the administrative time that is required to actually manage the system itself and billing somehow for that appropriately. That is a tough one because that is where there is a gray area of home business usage. Aside from that gray area, the investment rolls off very quickly. I can recoup this investment within a year.

I would rate pfSense a nine out of ten. It is delivering on my needs. There is little room for improvement. They can just close the gap. You always want to keep closing that gap when it comes to usability, inconvenience, and meeting the workflow, but it is definitely delivering to my expectations very well.

We use pfSense as the main office gateway for firewall router access and OpenVPN for remote access.

We wanted to move up to a much more modern integrated system. Before adopting pfSense, we had an old basic router firewall that was starting to get long in the tooth. PfSense gave us more capabilities to monitor and set firewall rules appropriately and have all of the remote login capabilities with two-factor authentication.

I'm much happier because I don't need to see as much stuff in the logs. PfSense is blocking so much of that, and I feel more secure about it. We needed two-factor authentication for node access, and that's been a massive improvement. Also, allowing the staff to access the network remotely and use those applications has certainly helped. It made us more confident in what the firewalls were doing and gave us better controls on remote access. It adds another layer of protection for us.

The solution gives us a single pane of glass management for probably 99 percent of it. I don't need additional network infrastructure to handle the required jobs. The ability to back up previous installations, snapshot them, and go back to them if I break something has helped eliminate downtime. That's handy in terms of getting things up again. 

PfSense Plus helps us optimize performance. We can identify pieces that aren't performing as they should and lock them down or reconfigure functions inside. Our ability to see what's going on with the network has improved quite a bit. 

Remote access with two-factor authentication was a big one for us. Pulling in things like Endpoint NG to monitor traffic has been quite helpful. The pfBlocker has been good. It helps us limit who's trying to bash away at access to the systems.

PfSense has been flexible for us. It's done everything we've asked for. Adding plugins is pretty easy. You go into the little application section and install what you want. The documentation that they have online is certainly helpful. Most things are open source, so you can usually find additional notes about problems. 

One or two of the plugins didn't do what I wanted them to do. Maybe that was a misunderstanding or it's not quite ready yet. Sometimes, it's hard to wrap my head around the way the firewall rules work. 

It has been about a year since we purchased pfSense.

I rate pfSense nine out of 10 for stability. I've only had it lose its brains on me once. That was probably me just configuring something, getting lost, and going around in circles.

I rate pfSense 10 out of 10 for scalability. It's got plenty of scalability, and we're not pushing it unusually hard. 

I rate Netgate support nine out of 10. I've used them a couple of times, and they're prompt in responding. If the issue is outside their purview, they can point you to where you can get the information. Most of my questions had to do with third-party plugins more than the core Netgate infrastructure, which has worked fine.

Positive

It's a bit of work to initially set up virtual networks inside the office, and we have to add several staff members to the various servers and create additional firewall rules. This is a little bit. It isn't simple for a business with lots and lots of internal stuff, but it wasn't hard, either. 

It took a couple of days to get it online, but we spent a week tweaking it until we were fully happy. We needed one and a half people to deploy it. Other people on the network had to help with the configuration.

We've seen a return in the form of time saved. I can rely on it, get the nice logs out of it, and see what's happening. It saves me about 5 percent.

PfSense is reasonable for a business but a little pricey for home use. With the time savings and reliability, it pays for itself. I've been more than happy with the unit we've gotten here for the capacity we need. However, it'd be nice to have nice to have some nice home units that aren't a thousand dollars.

I rate Netgate pfSense nine out of 10. I would recommend it for business use cases. It's not appropriate for someone in a home environment, but it's good for business. 

The tool is partly for home-based usage and partly for business usage. I am in the IT industry, taking care of the security and technology parts. I also run a private business in my spare time when I am not working. I use Netgate pfSense as my firewall to separate those two entities: my home and business. I also participate in providing server space for projects involving Azure Flex and Azure Core, which is kind of like an AWS situation but in a more centralized manner. I use Netgate pfSense to ensure that everything is separate. I use Suricata to weed out any malicious type of activity and to keep an eye on just to ensure that all the other functions, both personal and business-related, remains unaffected, intact, and devoid of any type of attacks or the other type of malicious kind of activity.

The product has helped improve my organization's environment and personal environment since before the use of Netgate pfSense, and I really didn't even have a hardened firewall. With the implementation of Netgate pfSense, I am able to monitor my various network streams, so I have my servers, VLAN, my home VLAN, EMC, my WAN, and the specific VLAN for IoT devices. I even segregate some of my outgoing intranets as well, and I see how Netgate pfSense has allowed me to have a full and high-end visibility of a lot of the traffic that comes and goes, which for me is important because part of the job that I do is crypto related. When dealing with crypto-related business, you need to be careful as far as what you allow in and out of your network.

I wouldn't say the simplicity of the tool is its best feature. In a way, there is a simplicity to it, but I like the expandability of the packages that could be used. I like the data and the information that I can collect while observing network traffic. The whole layout of the application is pretty decent. The tool is not super expensive. It is quite an affordable tool. There used to be the free Netgate pfSense Plus that was provided earlier at one point, and I understand now, of course, that it is based on the yearly licensing model, and I think that took a lot of people aback. There is not a lot of money to be paid for the tool, and you get more than what you paid for, especially if I think about its use and consider what it does.

If I assess the flexibility of Netgate pfSense, I would say that I can not just run a firewall, but I could use HAProxy and run a bunch of other kinds of server-based applications that normally would occupy a different server, so it amalgamates a few services into one package, which is nice single point of contact. I like not having to go to two or three servers to run the services needed, especially the ease of the firewall, as far as the creation of rules and the security aspect are concerned. The updates that come in are pretty decent, and though not too often, they are often enough to keep things secure. I like the tool's flexibility in the sense that you do not have to buy an appliance. You can put it on your own hardware, and it can be very simplistic hardware with simple configurations. There are a lot of abilities to be used in the product, and benefits can be gained from the tool without having to incur a huge upfront cost in purchasing hardware. If you have a computer lying around, you can easily install it, and you can go with it. With the tool's free version, you can use the tool for free. It is quite a friendly tool in the sense that it provides access not only to regular people but also to high-end corporates and business individuals.

Getting extra features or added packages in Netgate pfSense is very easy since the GUI and the menus basically take care of everything. When you go to do the installation, you see the log messages come up, and it's very clear when it is complete. It is a pretty simplistic process.

As per my assessment regarding Netgate pfSense's role in helping prevent data loss, I would say that as far as data loss is concerned, I think part of it is the firewall preventing access to my network shares aside from the typical kind of blocking ports and not allowing traffic. I think very much the segregation of the VLANs is possible, and my server VLAN will have all kinds of data, information, databases, and file repositories, and all of that is completely segregated from my DMZ. Any kind of the shared services that I offer or kind of crypto-based services that I do, the connections, both incoming and outgoing, can't gain access to my server VLAN at all, and such segregation really protects my data aside from some of the built-in, immutable type of services that the kind of network repositories that I have that do outside of Netgate pfSense. The key thing actually is just keeping things separate and being able to get alerts if something funky is happening.

Netgate pfSense gives a single pane of glass management view since the dashboard is always the first thing that I look at, and I have got to configure it in a way where I see my traffic graphs. I have the gateways and interfaces that I look at, along with the interface statistics, services, and a lot of other functions that I can quickly just glance at, including my Suricata alerts, the filtering, and other alerts. I can look at the UPS and the run time for the battery. I could take a quick glance and kinda see all the information I need without getting too deep, making the tool's dashboard a pretty cool feature. It really saves a lot of time.

I use Netgate pfSense Plus. I generally have experienced zero downtime with the tool. If there is some downtime, it is because of my own doings. As far as the benefits of Netgate pfSense are taken into consideration, I can see it has a lot of the extras that you get, and it worked. At a certain point in time, Netgate pfSense Plus was free to upgrade. I don't remember how much Netgate pfSense Plus and pfSense CE software differ from each other, but I know they differ quite a bit. The one thing I will say is the major difference that I have used is the boot environment. If I am doing an upgrade, I will basically take a snapshot of my current boot environment. Even though it does it automatically when you do an upgrade, I just take another backup. If I do something that is a very specific change that makes me a little nervous, I take a snapshot, and then I always have something that I could boot back into if things go horribly wrong, which is a big plus and one way of eliminating downtime since you can go back to a previous instance that is fully functioning.

Speaking of whether the tool provides visibility that enables our company to make data-driven decisions, I can check my graph, and through monitoring, I will be able to check my WAN and see the quality of the WAN to the point I was utilizing a router or modem provided by my service provider I was able to through the graph when there was a drop in the traffic and the quality of the connectivity, and that led me to basically scrap the modem and actually configure my own setup to get the internet into my home.

In terms of the total cost of ownership of Netgate pfSense, I think that for somebody like me who uses it in a cozy home corporate business environment, it is quite an affordable option. The tool is not expensive, and when it comes to the cost of ownership, if you have something lying around, like an old server that I repaired for Netgate pfSense. The benefit is that I am able to put it on an older server, so there are no hardware costs. The tool is not something that would go into a landfill. I think that the tool has been quite affordable and has paid itself over quite a few times. You could go cheap and use an ASUS router at home, which a lot of people do, but it may not have the stability, and it doesn't have the kind of horsepower on your engine speed or expandability of a polished product like Netgate pfSense.

The maintenance that is needed in the tool is just to make sure that the tool is up to date. It's not necessary to do the maintenance, and it's not just about updating Netgate pfSense but also updating the packages. It is great that you have a good product that can keep your environment safe. If you don't patch or have unknown vulnerabilities that surface, then you will end up wasting your money. I do have a patch process, so I check at least once a week for new installs or packages or if there is a version released and apply them shortly after. The total time to install the tool is probably a couple of hours in a month.

I

There are a lot of features I want to see simplified in the product. I want to see the licensing model part to be improved in the product. Those who need to do certain functions from their house would purchase Netgate pfSense Plus while configuring their machine, but if they have another network added to it, then it would basically change the ID of the device, and they have to go and request to get relicensed. Netgate pfSense will help you with the relicensing part for one time, but if you need to do it a second time, then you will have to pay for a new license, and that, to me, is not very fair. I think if you have paid for a year of service, it shouldn't matter how many times you need to request to rekey the license as long as it is not every other day. Two to three requests in a year shouldn't be an issue, and if I add another network card, why should I pay for a new license when there is not much of a difference.

The only thing that I would like to get some better utilization of is the ability to do free switching. If I need to go between different VLANs, I have VLAN 19.1 and VLAN 19.2, and I strictly use Netgate pfSense, but it doesn't route very efficiently and works quite slowly. I understand that it is not the router, but a lot of times, Netgate pfSense advertises it as a tool that is able to route traffic. I had to go in and purchase a separate router to manage my internal VLANs because Netgate pfSense was just choosing between the VLANs I had.

I have been using Netgate pfSense for a year and a half. I am just a customer of the tool.

Stability-wise, I rate the solution a nine out of ten.

I haven't had an instance where the tool has gone down, and if it has, then that wasn't my fault. The stability is there in the tool. I have had the tool p and running a few times, and the only time I have had to reboot it is when there was a new release.

The scalability is really dependent on your hardware. If I want to scale it up, I can throw in network adapters, more memory, more CPU, and scale it up. It is quite a scalable tool, and it is really just dependent on what you throw at it. Scalability-wise, I rate the solution an eight out of ten.

The solution's technical support is not bad, and they are pretty quick to respond. It is quite average as far as the technical part goes. There has been no bad experience with the support team. I rate the technical support a seven out of ten.

Neutral

I tried using OPNsense but I didn't like the whole approach, the menu system and the way it was configured. Netgate pfSense made more sense to me in a logical manner.

The product's initial setup phase is fairly straightforward. If you install an operating system, then you can install Netgate pfSense, so there is nothing to it.

The solution is deployed on an on-premises model.

The basic installation of the tool takes less than an hour. The configuration part is something that you figure out as you go ahead with the tool, which obviously takes a bit longer. The basic installation is quite quick and can be done in less than an hour.

For me, considering how much I put into the tool, right now, I would say that the ROI is around 25 percent.

When it comes to Netgate pfSense, I use the basic TAC Lite license, which comes for about 100 USD. I don't think Netgate pfSense is expensive at all. You could look at other services that offer similar types of configurations, and you can see it may cost in the thousands range. Even though I want something for free, I think it is quite a reasonable tool. The only qualm I have with the tool is that it is a little stingy on how many times they have to rekey a license.

I would recommend the tool to others since for me, it is simple, the low cost of ownership, expandability, just the way it looks, I like the numbers, and when the data is there, you throttle how much information you want to see or collect. For somebody who likes to tinker or likes to see the numbers or wants to harden their network or has a corporate business and wants to ensure things are operating smoothly, the tool is worth it.

I rate the tool an eight out of ten.

We are a reseller. We resell the product to our customers as we are an MSP. We use it for various different verticals, from manufacturing to schools to typical offices. That is mainly the use of this solution.

There are a lot of limitations with competitors like WatchGuard and SonicWall where there are a lot of costs for licenses to utilize their products. We felt that by going to pfSense, we have a little bit more freedom. We can use certain features without having to pay exorbitant costs for licensing. It is better for the small to medium-sized customers.

They are the most flexible, for sure. In my experience, it is quite easy to add features to pfSense and configure them. There is a lot of support from the local community. Because it is an open-community-built platform, there is a lot of support out there. Adding features and configuring them seems to be quite simple from my experience so far.

There is an overall performance increase. The hardware is much more performance-driven. The constant upgrades certainly make it easier to keep up with the evolving environment. The community-driven platform certainly helps to ensure that things are kept current.

pfSense gives us a single pane of glass management. There is a user interface and also the command line. The user interface is very friendly and easy to navigate. The single pane of glass management certainly increases productivity. The ability to look at one single pane of glass, add different widgets, and see things at a glance certainly helps to cut down the time of looking for certain statuses or things like that. It makes things more efficient.

We deal with pfSense Plus in a few cases. It can help minimize downtime. We have not experienced it in any sort of live environment, but I am confident that it would.

pfSense Plus provides visibility that enables us to make data-driven decisions.

It optimizes performance, and in most cases, it affects operations and makes things more efficient. Efficiency means money.

The ability to utilize the features instead of having to pay a license fee for every single thing that you want to use on a firewall is valuable. A lot of other companies give you a firewall out of the box that has very basic functionality, whereas pfSense gives you all the good features, and if you want to have more advanced features, you can pay a fee. You are able to use a lot of the features that you cannot use on other products. That is the best thing.

It is very good from a troubleshooting perspective. Things like logging are very good. We have been using these firewalls with filtering very successfully, and VPN has been very successful on them. We have not had any issues with that.

One thing that stuck out to me was the move to use plastic chassis on the Netgate devices or products. They are moving away from using metal chassis, and I find that the plastic seems to get hotter than the metal. Other than that, they are such great devices. They always seem to have all the cool things and bells and whistles.

One thing I would like to see Netgate do is to have a cloud-based management portal, similar to SonicWall, WatchGuard, Ubiquiti, etc. With all these platforms, you create an account, and you have a way to cloud-manage these products. Currently, one of the challenges that we face is not being able to manage those things from a centralized platform. It has always been one thing I have dreamt of for Netgate. That is the only place where it falls short. Apart from that, they are far superior in building, keeping up with the times, and keeping things current.

It has been probably eight or nine years.

A couple of times we have had some strange issues that have been unexplainable, but overall, it is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

They have been fantastic. I have never had an issue, and it has always been very good. They are a highly intelligent and very resourceful team. I would rate them a ten out of ten.

Positive

We have used everything, such as Cisco, SonicWall, and WatchGuard. You name the flavor. We have used them all, and Netgate is definitely a much better product than those. It also depends on the use cases. 

It has been very straightforward to very complex. We have set up entire data centers run by Netgate devices to small offices using a 2100. We have gone from the most complex to the least complex. We have seen everything in between.

Its deployment is a matter of hours. Our clients are small to medium size. We have about ten people working with pfSense.

It requires general maintenance. We have to keep up with firmware and updates. From a physical perspective, there is no maintenance.

It is very cost-effective. There is 100% ROI.

They are on the higher end, but you do not get stuck with spending thousands of dollars every year. You do not have recurring license costs to have people use a simple feature like VPN. That makes it more cost-effective in the long term. There is a very good price point. No one ever complained, and I have not ever thought that they were overpriced. That is for sure.

If you are looking to deploy a product that is reliable and high-performing and that is going to be cost-effective for yourself or your customer in the long term, you are doing the right thing by looking at Netgate.

I would rate Netgate pfSense a ten out of ten.