We use pfSense as our router and firewall on several sites.

We implemented the pfSense open platform because we wanted to move away from SonicWall.

We use the community edition of the software and purchase the Netgate router separately. I used white boxes initially, but now I'm also using the Netgate hardware. It's a great product.

The pfSense offers exceptional flexibility, far surpassing SonicaWall's capabilities. Its intuitive interface, complete with a better layout of management screens, makes it a breeze to use. While Cisco routers may be overkill for many applications, pfSense performs well.

Using pfSense is easy. It has intuitive management screens. And if I ever run into a blockade, I pay for the technician annually. I am confident in sticking with that platform. It's always worked for me. It's tried and true.

I hired a seasoned professional with extensive experience using pfSense on white boxes for years, specifically the community edition. His mastery of configuration was evident, and I was impressed by his expertise. After he walked me through several scenarios, I was convinced of the benefits of the Netgate product and began replacing my aging SonicWall devices with it, drawn to the ease of use that Netgate offered.

Netgate pfSense provides a single-pane-of-glass to manage all our firewall needs.

It's relatively straightforward for a novice to deploy pfSense, likely easier than SonicWall. However, I've used SonicWall extensively and am gradually phasing them out. While SonicWall is a solid product, pfSense is remarkably easy to set up.

The intuitiveness and ease of use are the most valuable features of pfSense.

One thing that has always bothered me is that when I buy an appliance, there are two tiers of support: email-only and a premium tier, like TAC, that allows me to speak to someone on the phone. If I'm purchasing their hardware, I should have phone support for a certain period, even at the lower price point. My only complaint is that I need phone support, not just email, because if there's a support issue, I don't have time to wait for an email response. I need to speak to someone immediately. Therefore, I think I should receive TAC support for the Netgate pfSense for at least the first year after purchasing the hardware.

I have been using Netgate pfSense for six years.

I have never experienced any stability issues with pfSense.

To scale we need to add a unit.

I had email support for about a week before calling Netgate to request telephone support. I explained that if I'm calling for assistance, I'm likely experiencing an urgent issue and need immediate help. I decided to pay $699 or so for annual telephone support, which has been excellent. The support is prompt and effective, making it well worth the investment.

I previously used SonicWall but migrated to pfSense because it is a more intuitive router and firewall.

Compared to Cisco, Netgate is definitively the product that is better for my use case. I know there's a want in the industry for Cisco devices. However, in the hotel vertical, I just don't need it, nor do I need to pay for the expertise in configuration of that platform.

The first time I deployed a pfSense, a seasoned professional guided me through the process, making it incredibly easy to complete.

Netgate pfSense is fairly priced. It's probably the most powerful router firewall I've come across.

The total cost of ownership of pfSense is reasonable, considering the value it provides. I appreciate the VPN, router, and firewall functionality it offers, which is essential for my business operations. In fact, the ongoing costs associated with pfSense do not significantly exceed the initial purchase price.

I would rate Netgate pfSense nine out of ten.

Other than firmware updates, pfSense requires minimal maintenance. I update the firmware every two to three months for routine maintenance or immediately if a security vulnerability is discovered.

For a new user, I would recommend TAC support. I've spoken with others in my industry who have had positive experiences with TAC, particularly compared to email support. They've reported being up and running within five minutes of contacting TAC. Additionally, problem resolution is also swift and effective. So, I highly recommend new users invest in TAC support. It's well worth the money.

I use pfSense as a home firewall and router. I don't use it for anything professional. When I first deployed pfSense, I was using my ISP-provided gateway, and there were a few things that I felt a little frustrated about. I didn't have control over the networks in my home and lacked some features, such as dynamic DNS, the ability to split different VLANs, multiple gateways, etc. There are a lot of features I use now, such as DNS or GeoIP blocking, that I knew about but couldn't take advantage of.

The gateway failover helps prevent downtime. The ZFS Boot Mirror would also help prevent downtime in the event of a disk failure. The dynamic DNS is nice because when my IP changes, my web services won't be affected because it automatically caches my new IP.

PfSense has features that drive data-driven decisions. I was using pfSense years ago on a capped internet connection. It was a Comcast connection with a set amount of data I could use monthly. One useful thing was that it had the traffic totals as a package, so I could track the amount of data I was using and the clients that were using it broken down by client and network. I can determine how much data I use to ensure I don't exceed that limit. That's something I couldn't find in any other similar product.

From a performance perspective, it can help in terms of bandwidth and things like that because I know that the machine I'm using has enough processing power to establish all of my routes, DNS blocking, IDS, IPS, etc. I can utilize the full spectrum of my connection and a custom 10-gig NIC. If I had a smaller off-the-shelf product or an ISP-provided gateway, it wouldn't have the performance I need.

I'm using pfSense Plus, which has several features I like, such as the ZFS boot environment. I support Netgate because they're one of the biggest contributors to FreeBSD, so I'm happy to contribute. The most valuable feature to me is the gateway failover. The area where I live has a lot of natural disasters and times when my Internet connection will go down. I work from home sometimes, and my wife works from home all the time, so it's essential to have a reliable connection. I like that it can automatically pick the connection based on packet loss.

The flexibility seems to be excellent. It has a large set of features to choose from that are built into the UI, so I can do 99 percent of it through the interface. It's also nice that I can run it on my own hardware. I don't necessarily need to buy a Netgate appliance, even though they make good products. It's nice that I can run it just about on any x86 PC with a dual NIC.

If we're adding a plug-in to the pfSense platform, that can be difficult, but I don't mind because Netgate vets the plugins before they make them available. That said, I found FreeBSD easy to deploy, and adding custom packages to it is simple.

It doesn't prevent data loss in other machines, but pfSense has ZFS built in and can mirror it in two disks in different boot environments. If I have a corrupt OS, a bad update, or something else that goes wrong so that I can't connect to my Netgate, that's something built in so I don't have data loss on my firewall.

The dashboard is extremely easy to use. I like that I can go to one page and see the status of my hardware, packages, gateways, interfaces, disks, RAM, thermal sensors, and traffic graphs. It's a one-stop to look at each item and see everything operating properly. I can see them in different menus in the UI, but having one page where I can view them together is nice.

I would like them to have more security platforms. The pfBlocker is nice, but they don't have anything native for CrowdSec or Fail2Ban. I'm running CrowdSec on a web server instance on my server instead, but I'd like to move more of these services to the edge and put them in pfSense. I think that's something that's coming. I don't know if Failed2BAN is, but I'm sure CrowdSec is a popular platform, so it would be nice to have a package that's native to the platform.

I've used pfSense for about five years.

I rate pfSense 10 out of 10 for stability. I've never seen it crash, and I have deployed two of them without any problems.

I think the scalability should be pretty good. I can put two of them into high availability. If I add more clients and start to deploy a lot of these for a small business, it would be able to handle that. I don't have experience doing that personally, so I can't speak to that, but I have seen evidence of it being used in a more scaled environment.

I rate Netgate support nine out of 10. I only needed help from the support team to transfer a license because I bought new hardware. They could answer my questions pretty easily.

I've tried UniFi gateways. The feature set was lacking, and it ran on substandard products. Unlike pfSense, I could not run it on my equipment. I've run OPNsense, which was a fork of pfSense at one point. I didn't like the UI or their documentation, but it seems like a fine product. I've also tried OpenWRT back in the day.

Deploying pfSense is easy. I'm not a network administrator, but I'm familiar with computers. I can install it on a USB and set it up like any other operating system. The documentation is excellent. I can configure it based on that, and many YouTubers cover it.

The only people who would have any problems installing it would be people who don't know how to use a computer beyond basic functions. Anyone who's installed Windows can easily install pfSense, and anyone who has used an off-the-shelf consumer router would know how to use it. If you don't change anything, it doesn't require any maintenance besides updating packages twice or thrice annually.

The price of pfSense seems reasonable. I pay around a hundred dollars a year for pfSense Plus, which is inexpensive for such a complex product. It's also good that they can still release a community edition. If it started to get extremely expensive to the point where it was more of an enterprise-only product that costs thousands of dollars a year or something like that, I might consider stepping down to the community edition or looking elsewhere.

The total cost of ownership seems pretty low because you have the cost of the OS and VPN. If I'm paying for a VPN that's probably five to 10 dollars a month, and the firewall is already included.

I rate Netgate pfSense nine out of 10. It's an excellent product. I advise new users that you don't need a Netgate product if you're deploying it at home. It's one way to go, but pfSense works on any old mini PC or PC you have lying around. You can get something off eBay and throw a 20-dollar network interface card into it and you're off to the races. It's not as expensive as you think to get started. The basic routing and firewall rules aren't too complicated. Don't be intimidated, and it's not expensive.

I work in IT at a German insurance company, and I studied computer science. I also work in the network sector, so I know a lot about network solutions. I work with VPN solutions, Fortinet, and other products. For me, pfSense is a private home solution for my family. It's not the solution in my company.

I use pfSense as a firewall appliance, and the function is very good. But I think it's for users with more experience. It's not a solution for beginners.

If you are a professional, it's not difficult to add features to pfSense and configure them. But it is difficult if you are not.

I utilize the core features. I have pfBlockerNG, SquidGuard, OpenSSL, and WireGuard. So, these are the core features I need.

The core benefits are that I can virtualize it with platforms like Proxmox or VMware, and I can buy third-party appliances. And Netgate offers a lot of hardware possibilities.

pfSense offers a lot of things that help to prevent data loss and intrusion, protect telemetry information, and so on.

pfSense gives a single pane of glass management. But for me, it's not a problem because I have one appliance, but I think if you manage a lot of appliances, it could be better. It's important to be able to centralize management if I have 10 or 20 appliances.

I use pfSense Plus, it's called the "Zero-to-Ping" license [TAC Lite]. It's a very good solution, but it's a bit too expensive for private use. pfSense Plus is very good, but, for example, if I want to add another pfSense appliance for a cluster, it requires two licenses. For private use, if I want two licenses, it's very expensive.

pfSense Plus provides features to minimize downtime. One of the key features is ZFS. It's the file system. ZFS is very important for backups. I can make snapshots, and that is very good to make backups.

I am satisfied with the visibility that is provided by pfSense Plus. It is very good and optimizes performance because the hardware acceleration is very good for IPsec, SSL VPN, OpenSSL, and so on. This is very good support from pfSense.

The best feature is a function called pfBlockerNG. In pfSense, you can whitelist and blacklists for IP addresses or dangerous DNS sites. The top feature is the VPN. It's a very good SD-WAN solution and a very good VPN engine. It supports a lot of VPN techniques; it supports IPsec, SSL VPN, and WireGuard. It's the core feature of pfSense.

The flexibility is very good; we have a lot of possibilities. You can connect it with different WAN connections, whether you have a cable provider or fiber.

The feature list is good. For me, it's more important that we have fewer patches and better stability compared to OPNsense. I think OPNsense is too big. They support a lot of things, but pfSense is better. I think pfSense is better for stability.

The only thing that could be better is the hardware compatibility for LTE devices. This is a bit tricky for me; I wish the hardware compatibility were better for LTE devices.

I wish the FQ_CODEL limiters were improved. They're very good, but the FQ_PIE limiters don't work well. FQ_PIE limiters are important for cable modem connections. In Germany, we have a lot of cable providers for these interfaces, and the FQ_PIE limiters don't work well in pfSense.

I have been using it for eight to ten years. It has been a very long time. pfSense is very popular in Germany.

I use the latest pfSense Plus version.

The stability is very good.

I use it for my family, for maybe 20 or 30 devices. It's not a big environment.

I utilize the pfSense forum and the community forum, and it's okay for me.

My preference in comparison with OPNsense is pfSense. I think it is better; it is stable.

The difference is that OPNsense has more features, but also has more bugs.

For me, pfSense is stable. It's better for my use case.

The deployment process is very good. For example, I can set up a new appliance and boot directly from a config file. This is very good.

It's very simple. I download new images, and during the boot process, if you make an image, you have a directory. In the directory, you make the config file, and then you can directly boot with the setup. You can boot a finished version. It's a good thing.

I use it on-premises. The on-prem version is very good. The software is good.

Maintenance depends on the features you use. If you have a proxy server with SSL introspection, sometimes it creates a small firewall size. If you have an easy firewall setup, then it's not so complicated. It depends on your environment and feature settings.

I did the deployment myself without the help of third parties or anything like that. It's very simple. I have enough skills because I studied computer science and work in the network sector. It's not a problem for me.

It took me ten minutes to deploy it.

The ROI is good. pfSense is a very good solution, not only for home use, but also for middle-sized or larger companies.

In comparison with pfSense CE (Community Edition), pfSense Plus is a little bit too expensive. The pricing is a little bit high for private users.

With the inclusion of the firewall, VPN, and router functionalities, the total cost of ownership of the pfSense Plus solution is very good because pfSense Plus has a lot of features. For the VPN features, it is good for the total cost of ownership.

I can recommend it if you are a professional or if you know what a firewall is.

It is a very good solution for the home sector, for companies, and for larger companies. I would recommend it to a lot of companies.

Overall, I would rate it an eight out of ten.

I have two installations at schools as firewalls. The biggest drivers for using pfSense were cost-effectiveness and functionality. It offers higher functionality for its cost.

The benefits are fairly obvious at the beginning. There's no specific time frame required. The flexibility and consistency of the product are what draw me to it, regardless of the size or capacity of the operation. It's easy to deploy.

Arguably, the use of products like Suricata for intrusion prevention could help prevent data loss.

It gives a single pane of glass for each individual device, but not across multiple devices. pfSense could catch up with other market providers by offering a view across multiple devices, but the current interface is fine. It is just we have to individually manage each one.

There are two versions of pfSense, the paid "Plus" version and the free "Community Edition." I use the "Plus" paid version.

The way pfSense handles system updates is pretty good. The updates are virtually transparent to any downtime. I've had pfSense boxes running for 200 to 300 days with no downtime. From a software standpoint, pfSense is about as bulletproof as it comes.

pfSense provides visibility that enables us to make data-driven decisions. Its reporting is effective. The data is effective in making decisions based on traffic. It is not just one feature, it is how we manage data traffic. It provides adequate information to make decisions based on traffic.

I have used pfSense in virtualized environments, just not on AWS.

It allows me flexibility in hardware size and capabilities while maintaining the exact same interfaces and controls.

I also like the fact that based on its operating system, it has applications that can be added, such as IDS/IPS and filtering.

I would like to see a single pane of glass for multiple devices.

From a service provider standpoint, it is a bulletproof operation to deploy. Aside from being able to manage and monitor multiple devices from a single pane of glass, that would be the only thing I would change.

I've used pfSense, probably for the last two or three years off and on.

It's one of the most bulletproof solutions out there. I can't recall a problem where the system locked up or had any issue that required intervention to get it started back up again.

Aside from possibly a hardware failure, I haven't had any problems. And that's not the software.

Scalability is one of the reasons why it's a good product. You can utilize it in a budget-friendly way as well as a full-on enterprise. pfSense is almost infinitely scalable. Obviously, hardware is the dictating factor.

I have never had a reason to contact customer service and support.

I've used Unifi products, DrayTek products, and Meraki products.

From a capability standpoint, I would put pfSense at the top of functionality. DrayTek comes close; however, it lacks the add-on applications. So, I would put pfSense at the top.

I build the machines myself. Their hardware is not overly special, and I think it's overpriced, so, I build my own.

It's easy to deploy them, but then I've worked with them for a while. If I reflect back at the very beginning, there is a bit of a learning curve, but I don't think it's that steep. Overall, it's fairly easy.

It's fairly easy to add and configure features in pfSense, though it depends on the application. So, it is moderately easy. Some are simple, while others require a lot of preplanning and time to configure.

One person can deploy it, but the deployment time varies because it depends on the network design. It can be up and running in ten or fifteen minutes, but configuring it for the network design may take longer.

Not much maintenance is required from the end user. Netgate pfSense do a very good job of keeping the application and operating system up to date by itself. Occasionally, applications require updates that need manual intervention, but for the most part, updates can almost be automated.

pfSense's pricing or licensing model is very affordable. Netgate hardware is a bit overpriced, but the software itself is arguably underpriced.

I have not come across a more effective product. Unifi products are inexpensive but not feature-rich by any stretch of the imagination. From a pure feature standpoint, hands down, I would argue that Meraki is as capable and comparable in features, but the cost is prohibitive for most small businesses.

From a pure feature-function standpoint, pfSense has the best total cost of ownership, once it's installed, I don't have any problems with it. If taking into account the software licensing, the hardware, and the amount of time it takes to manage, I'm not sure there's a better TCO on the market.

Overall, I would rate it a nine out of ten.

I use pfSense to provide IT services for small businesses. They typically have a broadband or fiber connection through a router to the ISP, so they're looking for some additional security. We can get a Netgate appliance with pfSense for a few hundred dollars.

We saw the benefits immediately. I live in Edmonton, and one of my clients is a machine shop in Montreal. We configured the firewall and sent it to the shop with instructions on how to set it up. They set it up, and once it was running, I could remote in and start providing IT services to my client two time zones away.

It can help you prevent data exfiltration from the outside, but you'll always have a problem with employees who want to do bad things. It isn't a completely zero-trust approach. It has logs that will tell you if something seems odd. That requires the owner or IT professional to stay on top of it.

The stability of the Netgate hardware and pfSense software helps to prevent downtime. At the machine shop in Montreal, we had an older Netgate model running for almost seven years, which we replaced last Christmas. It wasn't failing, but we upgraded it to ensure uptime. We spent about $200 on that device or about a few months of coffee for the office. You can deploy pfSense on your own device, but it gives the client comfort to see an actual device instead of something I cobbled together.

I don't know if there's a particular dashboard other than the volume of data you are passing through the firewall that we check to ensure it is as expected. All of the businesses we handle are small, so we don't need some of the advanced features, such as VLANs, and I'm not going into them to fiddle with them constantly. If the power is somewhat dodgy, as it is in Montreal, they come back online in the proper configuration.

One of the main benefits of our use case is pfSense's inclusion of OpenVPN. We can set up a server-client configuration so employees can access the office outside business hours. This enables us to provide secure remote access to their workstations and other devices inside their worksite. OpenVPN is included, so I don't need to purchase an expensive VPN solution with its own client.

I also value the community on the pfSense website and other forums. If you're trying to set something up, there's invariably someone else who has done it before. It's open source, so the community is massive.

PfSense is quite flexible. You can tune it to meet your needs. If my client has something provisioned to their clients, we can run that through the firewall. We can also set it up so that everything is locked down and all traffic moves through the VPN. Like any other firewall, you can set up rules. I haven't encountered anything that I wanted to do that I couldn't.

Setting up the VPN is always tricky, but adding features isn't hard overall. OpenVPN is easier to use than any other open-source VPN solution. It does all of the DHCP and DNS forwarding and other firewall tasks out of the box.

In most of our use cases, the pfSense interface acts like a single pane of glass for me to log in, monitor, and configure. You can use the command line interface, but I use the web interface. I would only use the CLI to review logs because everything is on a text interface rather than a browser window, so it's easier. However, for a business user, the web interface is easier if they don't have any complex needs.

Our customer's IT operations are optimized to go through the pfSense firewall and OpenVPN. It enables us to get work done without constant callouts from the clients. When we upgrade to a new unit, we give them configuration files to install on their workstations.

They could improve the VPN wizard to make the configuration easier. I don't know what happened last time, but it was a little fiddly. Adding users isn't difficult, but it's a step that's in a different panel from the configuration of the VPN client itself. You need to create the user on the firewall and then associate that with the VPN. They should make it easier to link the firewall configuration with the VPN client.

I have used pfSense for between five to seven years.

PfSense has always been stable, even in an inhospitable environment. A machine shop is bad for devices because of all the dirt and oil, and I had one that continued running for five years without any complaints.

I always pick a Netgate device that has sufficient hardware for each of my clients, but if I had to expand suddenly, I know Netgate has a range of devices that would work. However, I do think they focus on small and medium-sized enterprises.

I deploy pfSense on Netgate appliances. It's easy for a typical network engineer with no experience with pfSense. If you know about networking, it's an easy device to set up. Coming from a Cisco background, I found it dead simple to install. I have deployed boxes in under an hour. One person is enough to do it. The maintenance and updates are easy. I've never had an issue with updating and fixing bugs. You can do it all remotely.

I rate Netgate pfSense nine out of 10. Having a basic understanding of networking concepts, like firewalls, routing, and VPN will help you navigate the pfSense interface.

I am using pfSense for its firewall, gateway, and intrusion detection. I used the Community Edition for years and then switched to the pfSense Plus free-from-home edition. There was a bit of turmoil when IXSystems announced that they would no longer offer the free-from-home edition

We immediately realized the power when we deployed it a few years ago. It exceeded our expectations. As time went on, I discovered more features in the different packages they provide and whether they fit my needs. Over time, it's been a learning process, and I've been greatly impressed with almost every aspect of this product. It has all the things I wanted but found lacking in other products.

All of the features work together to prevent data loss or any compromise of your data. It all boils down to the rule set. I have mine configured so that all the data goes out depending on my Netgate device. Some machines go through a particular VPN connection. If that connection goes down, I've got the rule set configured like a dead man's switch. It's cut off from the outside world, and I get an alarm, and it allows no more attempts to let traffic pass through that connection.

It helps to prevent downtime. Whenever there is an issue, it's the first place I look because I can check the statuses of various interfaces to check whether they're up and then zoom further out to see if it's something in my internet provider, like a faulty cable. It enables me to reduce downtime by quickly determining where the problem might be.

PfSense provides the visibility I need to make data-driven decisions. For example, if I have a spike in bandwidth usage, it shows me which devices on my network are suddenly eating more bandwidth. I can see what's causing that. It also greatly reduces the time spent maintaining my network, so there's a productivity boost.

PfSense has a learning curve, but once you've mastered that, it isn't that difficult. It's very flexible, and you can do almost anything necessary to secure a home network. It has packages that expand its capabilities. For example, you can install Snort if you want intrusion detection. If that's unimportant to you, you can use it to check the bandwidth of all the machines in your network.

Adding features is simple. You go into the menu to check which ones are available and click on the ones you want to install. If you've done your research on the packages you want and the settings you'd like to use, it's a matter of walking through the configuration in the menu. When removing the package, it will revert the settings 99 percent of the time.

I like the interface. You can arrange the windows to see the important information and put them in the order you want. You can see the various interfaces you have at a glance in a single pane of glass. I have certain bits of information I want to see first, and there are secondary or tertiary pieces of information. If you are using VPN connections, you can see their statuses. You can see hacking attempts, which are logged.

It's powerful. You can get quite granular in setting up a highly topical application of pfSense, but if you want just basic protection, you can do that easily. It depends on your needs and how brave you are. You can go deep into the system and do some cool things with it or set up the bare protection you would get from any firewall.

I'm trying to set up a gaming server for multiplayer games like 7 Days to Die. I spent three or four days trying to publish a private IP address through pfSense to the outside world. Some commercial and consumer-grade routers can do this, specifically gaming routers, but pfSense is not intended for this usage.

That's a feature I'd like to see added, where you can go into a submenu, turn it on, and specify which machine or IP address you want to publish. It's not a must-have, but it would be nice to have. I spent a long time trying to figure that out. Ultimately, I was successful, but it was not intuitive.

I have used pfSense since 2016.

I rate Netgate support 10 out of 10. You must have a license for pfSense Plus, and I called them about an unexpected hardware issue that caused me to switch machines. I emailed explaining the situation and got a response the same day. I provided all the information on the new box, and they gave me a license. It was a pleasant, non-stressful experience.

I have used Smoothwall and a few other things that have been abandoned. I liked the look and performance of Smoothwall's interface. It had many of the same features as pfSense, but its capabilities weren't deep enough. I've also used basic Linux distros set up as firewalls, but pfSense is oriented toward an enterprise-level deployment, and I find myself between hobby and enterprise. I also like the added features pfSense provides.

I am not using a Netgate appliance. I deployed pfSense on a very small machine that has plenty of RAM for the overhead, logs, and speeds I want for my network.

When I first installed pfSense, there was a bit of a learning curve. I had to sit down with the documentation and figure out what to do. It wasn't difficult— just time-consuming. That information has carried forward with me. Other people look at me like I'm some kind of expert but I'm really a few pages ahead of them in the manual.

PfSense isn't something you can turn on and forget about. You need to configure the solution and test it. Then you can turn it on and let it run. From time to time, you have to come back periodically to make sure everything is still fine. The initial deployment takes about 30 minutes. It was a one-person job.

I would like to see the price of pfSense lowered by about $50, or maybe they could create a category for home lab users like me with one device. I'm not running a business or profiting from it. I realize that people need to get paid for the work that they do, so I can't complain. They decided that they needed to change their model after providing the product for free for many years.

Before they changed and started to charge for pfSense, the total cost of ownership was phenomenal. It still offers tremendous value, but that was an adjustment. You can choose to go back to the community edition or just pony up the money.

I rate Netgate pfSense nine out of 10. I only give it a nine due to that recent issue setting up the game server. I eventually figured it out and published my solution to the forums. Otherwise, it would be a perfect 10.

I do some consulting work for a couple of organizations on the side, and I have a few personal home lab builds of pfSense, so I use it in both a professional and personal home lab environment. I'm using the community edition and pfSense Plus.

I began seeing the benefits of pfSense immediately. The use cases for pfSense were creating remote VPN servers and satellite offices where remote employees connect. I've been using it for so long now that I have some baseline configurations. When I bring a new site online, I load that default configuration and ship it out to where it's needed. They plug it in, and the system comes online. It's fantastic from that from that perspective.

PfSense gives you much control and visibility into your boundary that helps you identify nefarious actors and things that could lead to eventual data loss.

It helps minimize downtime from a boundary perspective. They have some features. I have used Plus in boot environments quite regularly to test out some things before going live into production, which has been nice because I've made some configuration changes that I regretted.

The boot environments help you get back into kind of what you had. Both the community and Plus editions have a fantastic configuration export. Your boundary device is relatively static once you can configure it how you need it. You can export those configs relatively easily so that when something goes catastrophically wrong, the hardware fails, or something along those lines, you can reload the configuration onto that device or the replacement device and go about your day.

One thing I can say about pfSense specifically and the Netgate hardware is that it is not something I worry about from a security or a resiliency perspective. It's stable. It works. I have the ability to forget about it. As an IT professional, I have so many things to worry about daily, and it's incredible to minimize those things. I think pfSense has done a great job in that area.

There's a lot of logging that produces a ton of data I can pull into a data analytics platform and make data-driven decisions about bandwidth increases or changes to firewall rules, intrusion detection rules, or employee access.

It also enables us to optimize performance, one of the biggest things you do when you get a new Internet service provider or a modem replacement or something along those lines. There are tons of tools built into pfSense that let you look at how that's working, and even some tools online that allow you to tailor that experience based on your real-world use case.

In the time that I've used pfSense, I'm continuously blown away by the quality of the product, its attention to security, and all of the features it has. It's easy to use. The web-based interface is great. The tutorials on the website are fantastic. I wouldn't say it's necessarily one feature. It's the full offering of all of the features that make it for me. I use firewalling, intrusion detection, and two of the VPN features: WireGuard and OpenVPN.

The flexibility is great. PfSense will run on homebrew hardware and Netgate. The interface is excellent on the web and through the console. There's a lot of flexibility through the console. It lets you get into a low bandwidth environment to do the things that you need to do when you're remotely administering some of these things.

I enjoy the fact that the web interface is customizable. A seldom-used feature is the ability to change to one of several built-in themes. I use those themes to tell which system I'm administering because they're all remote to me, and the interfaces all look the same. I don't have those little tells about changing the colors of certain things.

Sometimes, it takes some back and forth to figure out which one I'm on. I never thought the themes would be a feature I would use. I use it all the time. The user interface is fantastic and responsive. The tooltips are in the right areas and help you build out your firewall and boundary device.

The ease of deploying and configuring features depends on the feature. Most of their features are designed to be implemented with some basic knowledge level, but some are super-advanced, and you need that knowledge level. They have excellent guides for just about every feature on their website or that's inside pfSense. They're great. They explain all the different things about adding new features and each package's function. I don't think that there has been a feature that I wanted that someone didn't already have a package built for.

I would like to see a better plugin for data analytics. They have some things that you can do, but it's not purpose-built to get data out super easily. That's kind of an advanced feature, and you do have to do some configurations that are a little more advanced than some people might be comfortable with.

I would also like some type of fleet management, like a dashboard where I can see multiple pfSense and their statuses. I'd also like that to be self-hosted. I don't necessarily want a cloud version of it. I'd like to host that at a parent site and have the satellite offices push their status there.

I have to manage each of the devices individually. There is no interface where I can manage multiple devices. I wouldn't call it single pane of glass management. It does give me a single pane of glass for everything related to the boundary, including VPN intrusion detection, DNS, DHCP, VPN, and firewall rules. But it doesn't have that fleet management piece. I would love to see something like that.

The last thing that I would like is not a feature. It's Netgate as an organization. I would like more transparency from them when they make some decisions that sometimes appear to be made in a vacuum. Most recently, the change in licensing and some of those things did not go over well in the community in general. I think some transparency from their organization would be valuable to the community at large.

I've been using pfSense for around 15 years.

I rate pfSense 10 out of 10. I have never had a system fail in more than 15 years. I've never had one fail on-site. They are incredibly stable and resilient

PfSense is highly scalable depending on the hardware you buy. Their hardware is well-documented. If you buy a device designed to scale with your business needs, I don't think there would be any issues with that.

I rate Netgate support 10 out of 10. I have never had a bad interaction with any of their folks. They respond quickly, and their answers are always extremely thorough.

I used the old m0n0wall, which I migrated away from. I have also used SonicWall and OPNsense in a lab environment and various Cisco and HP devices throughout my career.

PfSense offers the best bang for your buck from a feature and cost perspective. Many other systems have some cool features that either aren't necessary or are significantly more costly than pfSense.

The initial deployment is easy, and it's even easier once you've spent some time with it. If you buy devices from Netgate, they provide you with "zero to ping."

Even if you have some kind of odd setup or something weird you can't figure out, you can call their technical support, and they will help you get online. They'll even remote into the device to help you get online or solve a problem, which is incredible.

Now, I have a standard image that I use from a configuration perspective, so it takes me about half an hour. It is typically a one-person job. The only reason why I put a caveat on that is I am fully remote from all the services that I support, so I do need a person on-site to at least plug the thing in, but the rest of the setup is a one-person job. After deployment, it doesn't require any maintenance aside from standard firmware updates.

I don't like subscription models, and unfortunately, the latestpfSense license, pfSense Plus, went to a yearly subscription model. I think yearly is probably the best of the worst because at least I can pay it once, and be done with it for the year. I would rather see either a one-time cost or something along those lines that would be at that price point. I think the costs for their hardware are reasonable. I wouldn't call them cheap, but I also wouldn't call them expensive. I think the hardware costs are reasonable.

I personally run a couple of black box or white box servers that are custom built using pfSense Plus that I've licensed, but all of the other deployments that I support are devices purchased from Netgate.

I rate Netgate pfSense eight out of 10. I recommend that new pfSense users join the community. PfSense has an active community on Reddit and a community forum. You can also get a copy of the community edition and deploy it to a virtual machine to learn it before you put it into production. You won't be disappointed.

We use pfSense in our clients' offices to provide secure network access. For remote workers requiring private network connectivity, we deploy a Netgate pfSense router in both the office and the user's home office, establishing a robust IPsec connection between the two. This configuration offers superior security compared to alternatives like OpenVPN, as remote users simply need to connect their LAN cable to the home pfSense for immediate and secure office network access. We primarily serve small organizations with 10 to 200 employees, deploying a pfSense router in each main office and providing OpenVPN or IPsec connectivity. Additionally, we offer optional pfBlocker-NG integration for advanced threat protection, enabling the blocking of traffic from specific geographic regions or known malware sources.

We have several sites with multiple or backup-wide area networks. We use pfSense to manage these networks, configuring them for load balancing or backup as needed. To authenticate OpenVPN logins, we leverage Active Directory on our Windows Server, simplifying user management. Office managers can easily disable both Windows and OpenVPN access for users without needing to access pfSense directly. This centralized approach requires only a single robust passphrase for users to access both the VPN and the Windows domain.

I am accustomed to the interface and find it quick to use. However, I think a new user might need some time to adjust. That said, I've been using it for over 15 years.

As a network administrator, I fully understand the benefits of pfSense before deployment. While end users may not immediately recognize its advantages, I appreciate its value in eliminating the need for costly licenses associated with other firewalls like Barracuda and Checkpoint. PfSense offers a comprehensive suite of features, including VPN, user management, and advanced DNS, without requiring additional fees. This cost-saving aspect is a significant selling point for me when replacing older firewalls with Netgate pfSense. Not only do we improve network security, but we also reduce ongoing expenses, a benefit that becomes apparent to clients over time.

Adding features in the packages section of the interface is quite rapid, especially when limiting options to available packages. However, configuring unfamiliar or infrequently used packages requires research and time, ideally by someone with networking and firewall experience. While pfSense is not entirely plug-and-play, the basic setup is straightforward; adding features demands more technical knowledge. So, feature addition is easy, but configuration can be moderately complex.

pfSense can help prevent data loss by making it difficult for hackers to breach networks. However, most data loss incidents we see result from end-users clicking on malicious links or email attachments. When data loss or ransomware occurs, the issue typically lies with user error rather than pfSense. I believe that the networks I configure using pfBlocker, which restrict communication primarily to the continental US and other approved countries, may help block ransomware. Still, I cannot quantify the frequency of such occurrences.

Approximately ten percent of pfSense routers experience critical issues requiring a factory reset. Previously, this process involved contacting tech support and providing detailed information. However, pfSense has simplified this by offering self-service image downloads. This improvement significantly speeds up customer recovery time. Additionally, Netgate's pfSense Plus hardware comes with a Zero-to-Ping warranty, enabling easy setup and troubleshooting for end users. While not entirely plug-and-play, most users can easily install these routers, and Netgate's warranty provides additional support if needed. I've successfully utilized the Zero-to-Ping warranty several times and believe it is a valuable resource for both technicians and end users.

pfSense has helped enable data-driven decisions. It allows me to communicate the need for faster WAN lines to client management by providing concrete evidence of network performance. Additionally, pfSense offers detailed insights into OpenVPN user activity and IPsec traffic, facilitating targeted problem-solving. For instance, I can readily identify slow IPsec connections for remote users, such as user X, and advocate for necessary improvements based on these data-driven findings.

OpenVPN, IPsec, DHCP, and DNS are the most valuable features. I will also include pfBlocker-NG later in the list, but only a couple of sites use this feature.

pfSense does offer a convenient single-pane dashboard, but I believe it could be improved with additional features. For instance, an administrator log for team members to record notes, such as adding a nameserver, removing user accounts, or other relevant information, would be beneficial. This simple log within the main status page could enhance communication and collaboration among the admin team. While the current status screen provides most of the necessary information, this extra feature would be a valuable addition.

It would be beneficial if Netgate provided a table outlining the recommended maximum WAN port speeds for their various models.

The documentation doesn't align with what I'm seeing on the console. This is frustrating because the online documentation doesn't match the dashboard, leaving me unsure of the correct steps to take.

I have been using Netgate pfSense for 16 years.

I would rate pfSense's stability a perfect ten. When I replace consumer routers with pfSense for small businesses with two or three employees, they are often amazed to discover the router can run for a year without a reboot. This starkly contrasts their previous experience with consumer routers that required weekly or bi-weekly unplugging.

I have been pleased with pfSense's scalability. While I haven't explored all its features, I have successfully backed up an old system and restored it to a new pfSense device, which I consider an upgrade. I know additional capabilities like load balancing and backup device management but haven't implemented them due to a lack of current need. PfSense offers much more potential than I've utilized.

The quality of the support is high. While the speed used to be somewhat slow, I've noticed a significant improvement in recent calls, connecting with a representative quickly within the past year.

We've used multiple firewall solutions over the years. Twenty years ago, we implemented Monowall. Subsequently, we switched to Barracuda, which proved highly problematic and required frequent technical support intervention. Our next choice, SonicWall, was an improvement over Barracuda but still presented challenges. Specifically, SonicWall's licensing model is burdensome, as it necessitates constant management on my part, a task end-users are unwilling or unable to perform. Though less frequent than with Barracuda, technical support interactions are still necessary.

Initial deployment is straightforward, taking approximately half an hour for each unit. While pfSense is not the issue, challenges often arise due to clients' limited understanding of their network configurations. A single person can effectively handle the deployment process.

I appreciate that pfSense eliminates the need for extra payments, license management, or feature limitations. This cost-effectiveness and its reliable Zero-to-Ping guarantee is its most compelling aspect.

The pricing seems fair overall, but I think they need more reasonably priced options for very small offices. They currently offer a few affordable units at the lower end, but then there’s a significant price jump to the next level. I remember they used to have a model around the 2100 range that was a good middle ground. I believe they should offer more choices between the lowest tier and the next one in terms of hardware. Additionally, I'd like to see a per-incident support option, which I don't think they currently provide. I haven’t checked their support options in a while, so I could be mistaken. However, in the past, they only offered annual plans. If I encounter a specific issue, I would prefer the ability to pay a one-time fee for complete support on that particular problem.

The total cost of ownership is great. pfSense is our most recommended appliance for router, firewall, and VPN functionality.

I would rate Netgate pfSense nine out of ten.

Users don't need to do anything to maintain the system, but I like to check all pfSense instances every few months, install updates, and look for any irregularities. I try to check every single pfSense system if possible. pfSense needs to be manually updated.

I use Netgate pfSense as my office firewall.

I implemented pfSense as a firewall, VPN, and content filtering solution using pfBlocker and configured it to verify HAProxy certificates.

Most of our pfSense deployments are on existing machines with a small amount in the cloud.

pfSense offers excellent flexibility and works well with both physical appliances and virtual machines.

The ease of adding features to pfSense and configuring them depends mainly on the user's experience. I find it extremely easy.

Firewalls and Network Address Translation offer immediate benefits once configured, as they are foundational security measures. Other features, however, require more extensive configuration and testing before their advantages become apparent.

Compared to other firewall solutions, pfSense's interface is user-friendly and straightforward.

pfSense allows us to configure multiple internet connections and firewall rules to minimize downtime.

It provides visibility into our network by capturing and delivering log data, such as Syslog, firewall logs, and other relevant information. This enables us to make informed decisions based on data analysis.

pfSense can help optimize network performance. When using appliances, we can install more than ten gigabit network interface cards and add more as needed, depending on the hardware capabilities. Typically, new appliances come equipped with ten-gigabit network adapters or ports. We can significantly enhance network and server communication speeds by fully utilizing these ten-gigabit connections.

The most valuable features of pfSense are the pfBlocker, HAProxy, NAT, and VPN.

I am unsure if it's feasible, but I have previously utilized a web VPN interface with Cisco Firewalls that allows VPN connections through a website, eliminating the installation of VPN software. Such a feature would be a valuable addition to pfSense. Additionally, an easy method to monitor pfSense within other monitoring software would be beneficial.

I have been using Netgate pfSense for ten years.

We have encountered only minor and infrequent stability issues.

Netgate pfSense is highly scalable.

The quality of the technical support is good, but if we cause an issue, we have to pay for the support hours.

I have previously used WatchGuard Firebox and OPNsense, but I prefer pfSense for its excellent usability within my company. Other firewalls like WatchGuard and OPNsense are often retained due to customer preference or specific requirements, but most of my deployments utilize Netgate's pfSense.

Deploying a single pfSense box is relatively straightforward. However, the process can become more complex if outdated hardware is used and network cables must be reconfigured. Deployments using Netgate appliances tend to be more straightforward.

We can have the Web GUI up and running in under 30 minutes, and a complete deployment can last up to four hours. One person is required for each deployment.

The pricing is reasonable.

Netgate pfSense offers effective total cost of ownership by combining firewall, VPN, and router functionalities into a single solution.

I would rate Netgate pfSense nine out of ten.

pfSense does not have any built-in features specifically designed to prevent data loss. Instead, we must configure various functions to indirectly protect against data loss, primarily as a preventative measure against unauthorized access to our servers and equipment.

I use both the paid and community versions of pfSense. Most of my appliances use the paid version. In the cloud, some virtual machines come with the free community version.

Maintenance is required to open ports and create VPN users.

I use the solution in my home network as the main firewall before all data heads out to the internet. I use it for DNS resolution as well.

I noticed the benefits of pfSense immediately after deployment. I was able to take complete control of my security to my house, and it gave me all the things that I needed in order to secure my home network.

The GUI and the user interface have been very clean, understandable, and feature-rich across the board.

The flexibility of pfSense is great.

It is very easy to add features.

There are features that help to prevent data loss. The rules engine of pfSense, a traditional firewall rule structure, has always been the same.

There's definitely a single pane of glass. There's definitely a lot there in front of you.

pfSense provides visibility that enables users to make data-driven decisions. I'd rate the capabilities seven out of ten.

Sometimes it's a bit of a challenge to know how to do something when you want to do something, for instance, setting up a point to point VPN.

Configuration is sometimes a challenge just due to a lack of knowledge on my side. I find that if I don't set up the rules correctly, and this goes to lack of knowledge of being an expert in the firewall space, it's a bit of a challenge sometimes in setting that up.

I would ask them to update it to a more modern interface, as it does look a little tired compared to GUIs today. However, the features are there. A redesign would be greatly appreciated, just from a human engineering aspect.

It might be easier if they separated things out a little bit more instead of putting all the aspects of what pfSense can do for you in a single menu. For instance, they have services, and they have all the services that you could have on your system. It's a lot.

Sometimes I find it difficult to find the data visibility that I would need in the interface to then go make a data-driven decision.

pfSense helps optimize performance. From a performance standpoint, setting up firewall rules does a great job of laying out exactly what those rules are. The layout of the firewall rules makes it easy to create a secure environment on my home network, albeit not very big. However, all the features are within the firewall, and I can create individual rules and organize the rules.

I've used the solution for six years.

I have never experienced downtime from my pfSense device. I'd rate stability ten out of ten.

The scalability is very good. I'd rate it a ten out of ten.

I contacted technical support when there was a major upgrade a few years back, and I needed some assistance.

The quality was perfect. They were fast and very helpful. Even though I wasn't a paying customer for support, they still gave me great guidance and helped me focus on the issues at hand.

I've always had my service provider, Verizon, with their main router, and that router usually has a firewall built into it. I've never used anybody else besides pfSense outside of that.

The initial setup is straightforward. I've done it for my son at college in a matter of two hours, from unboxing to operation. It's easy to deploy a box. I can deploy it by myself.

It does not require any maintenance.

The ROI and the TCO are significant. You get a lot of features under one product. However, I don't use it as a router. I only use it for firewall and VPN capabilities and DNS.

The pricing and licensing are spot on. It's well below the industry average.

I did not look into other options. I knew of pfSense as being a leader in the industry, and that it is utilized by major corporations in large environments. To that end, I assumed it wouldn't hurt for me to have familiarity with the product and use it at home.

I'm an end-user.

I use the Plus version of pfSense. However, I do not pay for support.

I would rate the solution eight out of ten.