OPNsense® Firewall/Router/VPN/IDPS
OPNsense | OPNsense 25.1Linux/Unix, FreeBSD OPNsense® 25.1 - 64-bit Amazon Machine Image (AMI)
External reviews
20 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Offers seamless deployment and feature-rich experience with deep packet inspection
What is our primary use case?
I am a Sales Engineer working for a consulting company. I use OPNsense to take my lab environment on the road for demos. Initially, I built it to bring my demos from my own lab. Although the company has a lab, putting an OPNsense firewall in there worked better because it was a colo. I run it both bare metal and virtualized, and in some cases, I do both.
What is most valuable?
The main features I find valuable are ease of use, code stability, and the ability to add features such as Zenarmor, which provides fourth-generation firewall capabilities with deep packet inspection. Additionally, integrating solutions like Tailscale for VPN is very valuable for my uses.
What needs improvement?
They are trying to augment reporting with Grafana dashboards. Some of those integrations could be improved to work better with Grafana.
For how long have I used the solution?
I have used the solution for about four years.
What do I think about the stability of the solution?
The solution is extremely stable. At the latest code level, I haven't experienced any crashes. Initially, there were some performance issues with earlier versions, but it is very stable now.
What do I think about the scalability of the solution?
So far, scalability has been good. I use Zenarmor, pinning it to one core for packet inspection, and the CPU performance seems very good. My use cases don’t drive a ton of bandwidth, but I’m looking at some AI applications that may increase that dramatically, and that's where we will test scalability.
How are customer service and support?
The support is good. I mainly rely on community support since the solution is open source. I haven't had to open many tickets, just one or two under the Pro license.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup was very straightforward. It took about an hour the first time, but I could probably do it in five minutes now.
What was our ROI?
There are dramatic operational impacts compared to Check Point and FortiNet.
What's my experience with pricing, setup cost, and licensing?
The pricing is competitive when compared to vendors like Palo and FortiNet.
Which other solutions did I evaluate?
I have experience with FortiNet and Palo Alto network solutions.
What other advice do I have?
Overall, I would rate OPNsense as nine out of ten. The ability to deploy easily and leverage fourth-generation features adds significant value, especially with Zenarmor.
Which deployment model are you using for this solution?
On-premises
Enhancing network security with reliable firewall functionality and GeoIP features
What is our primary use case?
I use OPNsense primarily for network security. It involves basic firewall operations and GeoIP location functionalities. I've got multiple versions running, some on hardware purchased and some on VPSs.
What is most valuable?
The most valuable features include the basic firewall functionality and the GeoIP location services. OPNsense is very stable, easy to upgrade, and maintain. I can work efficiently, knowing it does what it needs to do.
What needs improvement?
OPNsense should improve its performance in handling large volumes of voice traffic. It needs more support for Vigoroute and extensive VPN technologies. Enhancing its performance for significant amounts of data traffic would make it closer to a perfect solution.
For how long have I used the solution?
I've been working with OPNsense for about five years.
What do I think about the stability of the solution?
I rate OPNsense's stability as very high. I would give it a nine out of ten. The only challenge faced was its inadequacy to manage large voice traffic effectively, even with dedicated hardware. It couldn't keep up with the packet per second for voice load, requiring a revert in our setup.
What do I think about the scalability of the solution?
OPNsense struggles to handle large volumes of voice traffic, indicating scalability issues in that specific use case.
How are customer service and support?
I haven't used technical support. I rely on forums and manage the setup independently.
Which solution did I use previously and why did I switch?
The only other similar product I can compare is FortiGate. Overall, I find OPNsense more user-friendly.
What's my experience with pricing, setup cost, and licensing?
I consider the pricing of OPNsense to be high when compared with other market products. However, as a free firewall product, it is one of the best available currently.
Which other solutions did I evaluate?
I only evaluated FortiGate alongside OPNsense, as they are the two offerings from my company.
What other advice do I have?
For small to medium businesses, I recommend OPNsense. I'd rate it eight point five out of ten.
Mon expérience avec OPNSense
Qu'aimez-vous le plus à propos de the product?
la chose que j'ai aimée en utilisant OPNsense, c'est qu'il a un très bon filtrage de contenu et d'après mes supérieurs, j'ai entendu dire qu'il est très rentable pour notre entreprise. également, dans mon utilisation personnelle, j'ai constaté qu'il a une bonne authentification, mais en premier lieu, il a une interface conviviale. aussi, il a une bonne performance, le temps de réponse est très bon. également, je l'utilise comme tous les jours.
Que n’aimez-vous pas à propos de the product?
il n'y a pas beaucoup de choses à ne pas aimer ici, mais une chose que je veux souligner est que la configuration initiale est assez difficile si vous n'êtes pas très au courant de la technologie. aussi, pour un usage personnel, je parcourais la documentation, mais elle n'était pas très utile.
Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?
il a une bonne sécurité réseau sans se connecter à cela je ne peux pas accéder au contenu de mon entreprise ce qui est une très bonne idée donc si quelqu'un a mon ordinateur portable sans se connecter à OPNsense il ne peut pas accéder au contenu aussi comme je l'ai mentionné plus tôt c'est rentable il a un bon filtrage web comme mon organisation ne nous permet pas d'ouvrir notre gmail personnel sur l'ordinateur portable de l'entreprise donc nous ne pouvons pas accéder à tout grâce à OPNsense
notre réseau
Qu'aimez-vous le plus à propos de the product?
OPNsense a une interface web conviviale, ce qui le rend facile à utiliser même pour les personnes qui ne sont pas très techniquement compétentes. La plateforme reçoit des mises à jour régulières, garantissant que les problèmes de sécurité sont corrigés rapidement et que de nouvelles fonctionnalités sont ajoutées. Le support client est bon et toujours disponible pour assistance.
Que n’aimez-vous pas à propos de the product?
Actuellement, nous ne faisons face à aucun défi. Tout va bien.
Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?
Auparavant, nous faisions face à un défi de sécurité, tel que l'ouverture de sites web inconnus. Après avoir mis en place ce pare-feu, nous pouvons bloquer les sites web inconnus (sites HTTP) et également autoriser ou bloquer des sites web selon nos besoins.
Provides good network intrusion detection and prevention
What is most valuable?
I mostly rely on the solution's network intrusion detection and prevention system, along with other systems, CMs, and log management. We are currently satisfied with the solution's threat intelligence. It's a pretty much in-house developed solution because it's in a Wazuh server. We have several scripts around it, allowing us to improve our posture on threats.
What needs improvement?
SD-WAN (software-defined wide area network) is integrated into some restricted service providers for OPNSense.
I pretty much like the solution's APIs, but it's somehow limited. I would like the APIs to be more mature and more developed and have more options to automate threat hunting. Also, I would like to see more drill-down possibilities.
We have to rely on specific hardware for the in-depth analysis of NetFlow. Although we have an interface on OPNsense, it's not as easy to use on the security side as other solutions.
For how long have I used the solution?
I have been using OPNsense since 2016.
What do I think about the stability of the solution?
I rate the solution ten out of ten for stability.
What do I think about the scalability of the solution?
OPNsense is an extremely scalable solution. I played on one network with CARP, and I was pretty happy with what I achieved there.
Which solution did I use previously and why did I switch?
Before OPNsense, we worked with the Cisco ASA 5505 product for three years. Although it included the FirePOWER part, it was quite a poor experience.
What was our ROI?
OPNsense has helped reduce the speed of threat detection and containment from 50 minutes to 15 minutes.
Which other solutions did I evaluate?
I have quite a background in Berkeley Software Distribution (BSD) systems. I was looking into BSD, especially for the packet filter side. While evaluating, OPNsense was the most solid solution. I was also considering pfSense as my first option, but it is not so strong on the file system side.
What other advice do I have?
OPNsense is a strong and solid solution that is easy to interact with. I don't see much on the new generation of firewalls, and only a few solutions are available for OPNsense. OPNsense handles network traffic much faster during peak loads because it's on dedicated hardware. I would recommend OPNsense when no specific topic prevents me from recommending OpenSense.
Overall, I rate the solution an eight out of ten.
Revue G2
Qu'aimez-vous le plus à propos de the product?
Bon pour la croissance de carrière. Il a une grande communauté.
Que n’aimez-vous pas à propos de the product?
Il devrait être plus proactif. Travailler sur plus d'options pour la communauté.
Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?
Interface facile à utiliser et mises à jour fréquentes.
Logiciel incroyable avec de nombreuses fonctionnalités.
Qu'aimez-vous le plus à propos de the product?
Logiciel incroyable avec de nombreuses fonctionnalités...
Facilité d'utilisation
Facile à intégrer avec d'autres systèmes.
Facilité d'utilisation
Facile à intégrer avec d'autres systèmes.
Que n’aimez-vous pas à propos de the product?
rien de tel. Le produit est vraiment bon.
Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?
La focalisation d'OPNsense sur la sécurité apporte des fonctionnalités uniques telles que l'authentification par mot de passe à usage unique facile à utiliser pour divers composants. Le mécanisme de mise à jour robuste et fiable donne à OPNsense la capacité de fournir des mises à jour de sécurité importantes en temps opportun.
A FreeBSD system that has a nice library of add-ons
What is most valuable?
The tool's integration is more like a button press.
What needs improvement?
pfSense has better performance and quicker updates.
For how long have I used the solution?
I have been working with the product for six months.
What do I think about the stability of the solution?
The tool is more stable than pfSense because it has the drivers for my network card, Realtek. I didn't know at the time because manufacturers sometimes don't advertise what network cards they come with. I bought a computer with Realtek, and pfSense says immediately, out of the box, that it doesn't work with Realtek cards. OPNsense is the same, but it does have a way of installing the Realtek drivers, which gives you a lot more stability overall on the system.
How are customer service and support?
I didn't contact the tool's technical team yet.
How was the initial setup?
The tool's deployment is easy. Apart from Cisco firewalls and Fortinet, if we talk about Untangle, pfSense, OPNsense, and so on, they are fairly quick to set up. It's not something you spend too much time on. It's a firewall, so you can spend months tweaking the system. If you know what you're doing, you can spend forever on logs, checking and tweaking the system because there's always a new update or feature coming up. Then you start playing with them, tweaking settings, checking logs, blocking or unblocking different things.
You can stay in that loop forever. But for a startup, the initial configuration is fairly easy and quick. It can be completed in 30 minutes.
What's my experience with pricing, setup cost, and licensing?
I've used the free version. My computer with two network cards at home allows me to try as many different software options as I want. I did pay for the license, but it was for the Zenarmor license, which is the packet inspection tool. They use AI for packet inspection, which integrates with OPNsense and pfSense.
What other advice do I have?
I'm not using OPNsense at the moment. I work with many different technologies and keep testing various setups. Currently, I've gone fully customized. I'm using a Linux server configured as my router and firewall, and I'm using Zenarmor for packet inspection.
This setup allowed me to easily configure SSL VPN and port forwarding for specific ports, which isn't as straightforward with other systems. I've tried several, including Untangle, pfSense, and OPNsense, but found them somewhat restrictive.
OpenSense is quite good. I like it. It has many services and is somewhat similar to the WatchGuard system. I honestly have no complaints; it was a very good experience. It's easy to set up, especially if you know what you're doing. It also offers a nice library of add-ons.
However, if you have appliances with Intel network cards, I would probably go for pfSense instead. Firmware updates and other updates come a bit faster, making it a more reliable service than OPNsense.
Everything that comes up on OPNsense appears first on pfSense. Some features are not yet available on OPNsense, and they haven't announced a release date. However, I'm confident they will eventually release these features, as they have previously done.
Ultimately, choosing between pfSense and OPNsense is more of a personal preference since they are very similar. Both are FreeBSD systems, operating in similar situations and offering comparable functionality.
Now, I'm just using a Linux server. I can monitor the system, reboot the card, install Apache, and redirect web servers within my home directly to the firewall. This eliminates the need for third-party boxes or other connected computers, allowing me to do everything in the same box. It gives me a lot more freedom.
That's the main reason I stopped using the other systems. I used OPNsense for about six months, which shows I've tried various solutions to find the best one. Despite all the good things I'm saying about OPNsense, I did stay with it longer than pfSense.
I traveled to China, so I used my home as my VPN instead of paying for one. They block VPN services in China, so I was using OpenVPN at home. OpenVPN is a known service, but it gets blocked there. The only way to do it was through SSL VPN, which worked fine. But, talking about OPNsense, everything was working fine. I had no problems. I just had to move away because I needed to use port 443 for something else on my web server, and I can't have a web server together with other stuff. It's a bit more complicated to configure because I use Nginx and Apache, too. You can install these tools on OPNsense, but I found it more complicated than just going onto the command line and doing it.
If you want to use something like OPNsense for FreeBSD, use pfSense instead. Unless, obviously, like me, the person in question has some hardware incompatibility with pfSense. Only then would I go for OPNsense. Because, I mean, they're the same systems, but pfSense is a bit better in terms of overall performance, and security updates come quicker and more often.
I rate the overall product an eight out of ten.
Has an excellent dashboard and provides good security
What is our primary use case?
I use OPNsense for network security.
What is most valuable?
What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control. It also provides good security.
What needs improvement?
In terms of improvement, the performance could be enhanced.
For how long have I used the solution?
I have been using OPNsense for a year.
What other advice do I have?
Overall, I would rate OPNsense as a ten out of ten. I would recommend it to others.
Easy to manage, free and good for small offices
What is our primary use case?
I use it for network traffic and routing for management. It improves the overall management and the traffic.
How has it helped my organization?
It helps to improve network security. It does its job.
What is most valuable?
It is easy to maintain. It is free. So, it is for small offices. It is a very good solution.
I like the dashboard. I can see what is going on and manage it as I like it.
What needs improvement?
If I require many site-to-site connections or prioritize advanced features, I might look at the other products.
For how long have I used the solution?
I have been using it for half a year.
What do I think about the scalability of the solution?
There was no need for scaling in our case.
Our customers are mostly small-sized businesses.
How are customer service and support?
I found everything I needed online.
Which solution did I use previously and why did I switch?
I have experience with Check Point and other products like Fortinet. They're different types of tools for different purposes.
My experience is that OPNsense is great for installing and setting up, and then I almost forget about it. It is a good tool for everyday use.
If I require many site-to-site connections or prioritize advanced features, I might look at the other products.
What's my experience with pricing, setup cost, and licensing?
It is free.
What other advice do I have?
If you're new to firewalls, I might recommend using this solution. It's very user-friendly, especially for the first-time users.
Overall, I would rate the solution a nine out of ten.
showing 1 - 10