I primarily use it for hybrid home/business power usage at a very small scale. It is both home and business because of working from home. pfSense is serving us as the main routing firewall and network configuration tool. It is the front-end brain for everything in our mixed environment.

pfSense allows me to manage both home needs and business needs and keep them relatively separate or at least appropriately separate. A key feature was to be able to use a small-scale device. I am using Netgate SG-1100, which is built to run pfSense on an RM platform. It has low power consumption, and it is economical. I did not need massive amounts of compute power, but I did need the feature set that typically, you can only get in enterprise-grade product lines such as Cisco.

pfSense is extremely flexible. The areas where I find it very flexible are the sheer number of configuration tools that are available and the extra packages that can be used to augment the core functionality. Even within the core functionality, it is capable of adapting to a massive number of different scenarios and network environments and needs. You can adapt to the needs of your network environment to the outside with ISP and internal needs. You can accomplish what you want to achieve internally with the product. It seems to have pretty much everything under the sun laid out.

It is pretty easy to add features to pfSense and configure them. If I am adding something for the first time, the web GUI is the most helpful tool because the layout is pretty logical in terms of how the forms are organized and fields are named and described. There are help callouts, and, of course, documentation. I have always found the official documentation to be helpful, but it is not uncommon to do some forum searching and read the discussions. Other people might be following a workflow that does not fit quite cleanly in there, but they made it match. Typically, it is pretty easy. Some of the things that I have done with pfSense are not inherently easy processes, but I feel that pfSense has made them much easier than they would be on different platforms.

I was able to realize its benefits immediately. I am an IT professional, but my use of pfSense is not as an IT professional. It is more like a solo entrepreneur for my wife and her business. When I look at the network administration that I am doing here, it says a homeowner and a business co-owner. IT and networking are not the kinds of things I want to dominate my time. It should not be dominating my time spent. From that standpoint, I was able to get the baseline configuration set up so quickly when I first set it up about seven years ago. I definitely felt a big value-add with the configuration backup and restore process. The first time I broke something on pfSense, I was able to revert my last configuration very quickly. That was a big win.

In terms of pfSense helping to prevent data loss, auto configuration backup is probably the number one feature. When I think about data loss in pfSense, I would mostly be concerned with losing the configuration itself. Having my own backups but also having Netgate backups available for me to pull down helps. I just have to make sure I keep the encryption password, and we are good to go. That is a big win.

I use pfSense Plus. I am pretty sure that auto configuration backup is a Plus feature. I am on my second generation of official Netgear appliance, so my experience with the Community Edition is limited. I am not sure if this feature is available to others, but for minimizing downtime, having the auto configuration backup is a big one. There is a restore option for quick reverts if a change did not go quite well. They are incremental, so reverting to whatever snapshot or revision version I need to revert to is very easy.

pfSense does not give a single pane of glass management, but I also would not expect that because it is doing so much and is capable of doing so much. In my environment, it is managing so many different aspects of the whole Netgate, but there is not a single pane. I use the logs a lot, but I have to look through individual logs. I am not aware of any log aggregation and analysis components that are already baked into pfSense. As I understand it, I need to ship my pfSense logs into another system to do a higher-level analysis and insight querying. An area that I am interested in working on is effective outbound traffic filtering. It is on our priority list because it is a tricky one. You do not want to let any outbound traffic go, but you also need to be careful how you are filtering outbound traffic so that you do not break things you are relying on for your functionality. A lot of people use a web proxy, but that only catches web traffic. With smart home devices and business stuff going on, you have to pay attention to it. I am very interested in being able to analyze the traffic logs that are being captured by pfSense with an IO, the outbound traffic, and the existing and potential firewall rules that I have in place for those. My current efforts have been focused on doing so with a different product because I do not believe that pfSense delivers that. I honestly did not expect that it would.

iperf helps with performance. We are able to do iperf bandwidth tests as both client and server to various endpoints and turn on a quick listener and see what is going on with who can get where fast. The diagnostic menu list is probably the longest one in there. That is a good sign because it just means that they have got a lot of tools available for me to use if something is not quite working right. If I want to improve performance, I have to take a measurement and take a look at what is going on currently and compare that to what I would expect to see. There is a wide variety of toolsets. I am not asking for this because it is not the kind of system that I would want to run, but there is no troubleshooting or performance improvement wizard that kind of walks you in a logical step. I know that there is one initial configuration wizard that is meant to get people going quickly for the first time and in a fairly simple setup, but even that was not a great value to me because I want to get quickly into more advanced configurations. It has what I expect for performance tuning.

Being able to configure VLANs on such a small device is one of the key unique features that made it attractive to me.

pfSense is very flexible, but my only drawback in terms of flexibility is that it is web GUI-driven. I know that there are some shell interfaces, but it is not a very heavily developed API when it comes to automation or configuration-as-code management. I would love to see that developed in the future so that I am able to manage my network configuration in YAML and TOML text format, have those changes applied in a source code environment, and have those changes read into an API that could then drive the configuration rather than have always having to use the web GUI just to make some layout changes. Web GUI has its advantages, but there are times when being pinned into that workflow is less efficient.

They should support the idea of configuration management as code from source code and provide a more robust API for managing the pfSense configuration. I know that with the web GUI, everything is dumped into an XML file. That is how it is backed up, and that is how it is imported. It is machine-readable and all that, but it is not necessarily a modern data format that would be used with API typically. They are maybe thinking of moving to REST API and SQLite backend. I do not know what they have in mind. I do not really care how they do it, but I would love to have the ability to interact with my configuration and make incremental changes via source code and utilize the API to implement those changes and roll them back with configuration as code as a strategy for managing my pfSense.

It has been about seven years.

The device is rock solid. I have not had any hardware concerns or issues. I do not have to reboot it. If I am having some kind of network issue, I do not have to restart my pfSense. Why I wanted the free BSP base is that I know that the core layer is rock solid. It is possible that something could happen where I would need to restart, but it almost never does.

It may have been with the older device for which I have worked with them twice. I opened a ticket to get the download link for recovery firmware on the SG-1000, and they gave it to me. That was very easy. That was fine. They responded quickly, no big deal. I appreciate it. I did not really need support. It was something that I could not get directly from the website myself.

I am not sure, but when I bought SG-1000, I might have had to send it back. They sent a replacement. It was less than a year since I had it. I still had a full warranty on the hardware. At some point, everything froze, and all functionality completely stopped. I tried the power cycle, and it would not even boot anymore. They did the serial console connection, and it literally was not even booting. They opened up a case and verified the same symptoms that I described. They replaced the board and sent it back to me, and it worked. It was solid from that point for five years that I continued to use it. After that, I upgraded it. Every once in a while you get bad hardware, but I was glad I could just send it back. The biggest fear I have, and probably the only reason I still have the old one lying around is that if something were to happen to this hardware and I had to send it back for support, I need to be able to keep my network running in the meantime. Even as a home and home business user, you start to creep into that space where you start to think that this is critical. How do you get by without the Internet? I know that I could get Internet back up, and I could plug in any off-the-shelf routers lying around and get basic Internet service back up, but the question is how much work would I have to put in to restore other services that pfSense is performing. I recognize that I did not invest in a high availability solution for my home and home business, so that is just a risk that I have to take.

I would rate their support a ten out of ten. There is nothing difficult about it.

Prior to my first pfSense appliance, back in 2017, I was running DD-WRT, which is not a commercial alternative. It is an open-source project that does not even have a paid or commercially supported version. It is meant to be flashed onto OEM hardware as a replacement for their firmware. pfSense can be used like that, but Netgate is doing something different with the commercial support and building the appliances and all that. In terms of the baseline functionality, DD-WRT is very similar.

In terms of comparison, pfSense is much more robust. It is a comprehensive solution for networking needs that bridges the gap between a shelf router and building a full enterprise stack, which would be overkill. Most small businesses and home users would not want to do that, make that kind of investment, and keep that kind of compute running all the time. pfSense lands right in that sweet spot. I know that OPNsense and a few other software products are out there. There are some Linux-based ones. I am definitely a fan of pfSense being built on free BSD. That gives me greater peace of mind with the networking stack and everything. I am a Linux guy too, but when it comes to core services, I prefer free BSD. If I have to, I might just go with the vanilla, free BSD system and build it out with automation from scratch, but pfSense does all that for me. I do not have to do all that initial work. They have got the configuration and tuning done already.

If you have general networking knowledge and understand the terminology, it is very easy. It depends on how detailed or how extensive is your configuration and what is the target use case. Are you using a VPN? One of the features I use is OpenVPN.

I go through the box. I have a single WAN connection. I have half a dozen VLANs configured. I have a VPN remote access interface configured. I have got DHCP servers. I also have IPv6 configured. I have extra configurations for each interface that need to be considered, including the VLAN interfaces. There are also firewall rules.

You can start with the baseline, and you can get the thing up and connected to the Internet easily within five to ten minutes. Once you start doing your internal configurations and firewall rules, it scales pretty quickly. With a couple of VLANs, like I have, you spend another half hour to get the VLAN to spec out. With OpenVPN, you have to work on certification generation and certificate matching and exporting. Configuring the client's side tends to be time-consuming. If you have four clients, it could take another hour to three, and then there are firewall rules. It depends on how you write them. If you write your rules well, you do not need to have so many of them. It also depends on how you configure your space. I have a lot of interfaces and a lot of rules. With a good, clear plan and no guessing and backpedaling, you could probably redeploy what I did in three to four hours, but it would actually take longer because of mistakes, troubleshooting, and all that.

In terms of maintenance, I certainly keep up with updates from upstream and make sure that I am aware of any software updates that I need to install. I like to stay updated with patches and all that. That was the main reason I finally upgraded from SG-1000. It was no longer getting the updates. There is always a bit of extra maintenance. It is not because pfSense demands maintenance. It is because the environment demands continual maintenance and monitoring. Paying attention to logs is a healthy practice.

I always make updates via pfSense whenever I am making updates in the environment for adding new DHCP reservations for various hosts in the environment and other things like that. I moved my local DNS services from pfSense because I had to go into the web GUI and clumsily add in new host entries. It was getting burdensome. I just wanted to be able to do this in a text file like I could on a Linux server. You just add your entry to the host file and you are done. I moved to DNS services on the Pi-hole software. Pi-hole is a partial competitor because it does not do everything pfSense does, but it can do some of the things. It focuses on ad blocking and filtering as well as providing local DNS resolution. A nice thing with Pi-hole is that you can literally open up a text file and add your entries there, and they just start working. You do not have to move from a terminal-based workflow to get that change made. Clicking through a web browser is not my favorite. It is a disruption to a workflow. So, maintenance is directed by requirements in the environment.

I buy the appliance and accept whatever comes with it, but I am not bought into paid support. When it comes to the pricing of the appliances, they are pretty competitive. The price is pretty competitive.

I just bought a Netgate SG-1100. Within the past year, I upgraded my Netgate SG-1000 from 2017 to Netgate SG-1100. I looked at some of the higher-spec products, but they started to get pricier. For example, Netgate 2100 was a consideration. The difference between the 1100 and 2100 is double. I looked at the specs of 2100 and what it could deliver. I did not need all the extra specs. I do not need to perform at that level although it might be nice to have some extra ports on my box. I then looked at 1100. I could get by with those specs. It was an improvement over the tiny SG-1000 that I was running, so it was a win, but the question always is whether there is something competitive and similar that I can build for less money and whether it would deliver the same value. You can get these Small Form Factor PCs. You can get ARM systems and x86 systems and similar form factors. You can get them with multiple NICs already installed. This is more or less your hardware with no support. You get a warranty on the hardware, but they are not selling you the software. You put whatever you want on it and build your system. You can install pfSense CE on that or build your own router on a device like that. Why I chose to buy it from Netgate was the peace of mind of the full stack support because it is probably the most critical portion of my entire home network. I decided to invest a little bit more and trust somebody else a little bit more to have my back. Peace of mind comes from having bought the official appliance. It has a very reasonable and competitive price model.

In terms of the total cost of ownership, you have the hardware price. You are combining the price of any hardware support contracts that you may or may not be paying for and somehow estimating the administrative time that is required to actually manage the system itself and billing somehow for that appropriately. That is a tough one because that is where there is a gray area of home business usage. Aside from that gray area, the investment rolls off very quickly. I can recoup this investment within a year.

I would rate pfSense a nine out of ten. It is delivering on my needs. There is little room for improvement. They can just close the gap. You always want to keep closing that gap when it comes to usability, inconvenience, and meeting the workflow, but it is definitely delivering to my expectations very well.

We use pfSense as the main office gateway for firewall router access and OpenVPN for remote access.

We wanted to move up to a much more modern integrated system. Before adopting pfSense, we had an old basic router firewall that was starting to get long in the tooth. PfSense gave us more capabilities to monitor and set firewall rules appropriately and have all of the remote login capabilities with two-factor authentication.

I'm much happier because I don't need to see as much stuff in the logs. PfSense is blocking so much of that, and I feel more secure about it. We needed two-factor authentication for node access, and that's been a massive improvement. Also, allowing the staff to access the network remotely and use those applications has certainly helped. It made us more confident in what the firewalls were doing and gave us better controls on remote access. It adds another layer of protection for us.

The solution gives us a single pane of glass management for probably 99 percent of it. I don't need additional network infrastructure to handle the required jobs. The ability to back up previous installations, snapshot them, and go back to them if I break something has helped eliminate downtime. That's handy in terms of getting things up again.

PfSense Plus helps us optimize performance. We can identify pieces that aren't performing as they should and lock them down or reconfigure functions inside. Our ability to see what's going on with the network has improved quite a bit.

Remote access with two-factor authentication was a big one for us. Pulling in things like Endpoint NG to monitor traffic has been quite helpful. The pfBlocker has been good. It helps us limit who's trying to bash away at access to the systems.

PfSense has been flexible for us. It's done everything we've asked for. Adding plugins is pretty easy. You go into the little application section and install what you want. The documentation that they have online is certainly helpful. Most things are open source, so you can usually find additional notes about problems.

One or two of the plugins didn't do what I wanted them to do. Maybe that was a misunderstanding or it's not quite ready yet. Sometimes, it's hard to wrap my head around the way the firewall rules work.

It has been about a year since we purchased pfSense.

I rate pfSense nine out of 10 for stability. I've only had it lose its brains on me once. That was probably me just configuring something, getting lost, and going around in circles.

I rate pfSense 10 out of 10 for scalability. It's got plenty of scalability, and we're not pushing it unusually hard.

I rate Netgate support nine out of 10. I've used them a couple of times, and they're prompt in responding. If the issue is outside their purview, they can point you to where you can get the information. Most of my questions had to do with third-party plugins more than the core Netgate infrastructure, which has worked fine.

It's a bit of work to initially set up virtual networks inside the office, and we have to add several staff members to the various servers and create additional firewall rules. This is a little bit. It isn't simple for a business with lots and lots of internal stuff, but it wasn't hard, either.

It took a couple of days to get it online, but we spent a week tweaking it until we were fully happy. We needed one and a half people to deploy it. Other people on the network had to help with the configuration.

We've seen a return in the form of time saved. I can rely on it, get the nice logs out of it, and see what's happening. It saves me about 5 percent.

PfSense is reasonable for a business but a little pricey for home use. With the time savings and reliability, it pays for itself. I've been more than happy with the unit we've gotten here for the capacity we need. However, it'd be nice to have nice to have some nice home units that aren't a thousand dollars.

I rate Netgate pfSense nine out of 10. I would recommend it for business use cases. It's not appropriate for someone in a home environment, but it's good for business.

The tool is partly for home-based usage and partly for business usage. I am in the IT industry, taking care of the security and technology parts. I also run a private business in my spare time when I am not working. I use Netgate pfSense as my firewall to separate those two entities: my home and business. I also participate in providing server space for projects involving Azure Flex and Azure Core, which is kind of like an AWS situation but in a more centralized manner. I use Netgate pfSense to ensure that everything is separate. I use Suricata to weed out any malicious type of activity and to keep an eye on just to ensure that all the other functions, both personal and business-related, remains unaffected, intact, and devoid of any type of attacks or the other type of malicious kind of activity.

The product has helped improve my organization's environment and personal environment since before the use of Netgate pfSense, and I really didn't even have a hardened firewall. With the implementation of Netgate pfSense, I am able to monitor my various network streams, so I have my servers, VLAN, my home VLAN, EMC, my WAN, and the specific VLAN for IoT devices. I even segregate some of my outgoing intranets as well, and I see how Netgate pfSense has allowed me to have a full and high-end visibility of a lot of the traffic that comes and goes, which for me is important because part of the job that I do is crypto related. When dealing with crypto-related business, you need to be careful as far as what you allow in and out of your network.

I wouldn't say the simplicity of the tool is its best feature. In a way, there is a simplicity to it, but I like the expandability of the packages that could be used. I like the data and the information that I can collect while observing network traffic. The whole layout of the application is pretty decent. The tool is not super expensive. It is quite an affordable tool. There used to be the free Netgate pfSense Plus that was provided earlier at one point, and I understand now, of course, that it is based on the yearly licensing model, and I think that took a lot of people aback. There is not a lot of money to be paid for the tool, and you get more than what you paid for, especially if I think about its use and consider what it does.

If I assess the flexibility of Netgate pfSense, I would say that I can not just run a firewall, but I could use HAProxy and run a bunch of other kinds of server-based applications that normally would occupy a different server, so it amalgamates a few services into one package, which is nice single point of contact. I like not having to go to two or three servers to run the services needed, especially the ease of the firewall, as far as the creation of rules and the security aspect are concerned. The updates that come in are pretty decent, and though not too often, they are often enough to keep things secure. I like the tool's flexibility in the sense that you do not have to buy an appliance. You can put it on your own hardware, and it can be very simplistic hardware with simple configurations. There are a lot of abilities to be used in the product, and benefits can be gained from the tool without having to incur a huge upfront cost in purchasing hardware. If you have a computer lying around, you can easily install it, and you can go with it. With the tool's free version, you can use the tool for free. It is quite a friendly tool in the sense that it provides access not only to regular people but also to high-end corporates and business individuals.

Getting extra features or added packages in Netgate pfSense is very easy since the GUI and the menus basically take care of everything. When you go to do the installation, you see the log messages come up, and it's very clear when it is complete. It is a pretty simplistic process.

As per my assessment regarding Netgate pfSense's role in helping prevent data loss, I would say that as far as data loss is concerned, I think part of it is the firewall preventing access to my network shares aside from the typical kind of blocking ports and not allowing traffic. I think very much the segregation of the VLANs is possible, and my server VLAN will have all kinds of data, information, databases, and file repositories, and all of that is completely segregated from my DMZ. Any kind of the shared services that I offer or kind of crypto-based services that I do, the connections, both incoming and outgoing, can't gain access to my server VLAN at all, and such segregation really protects my data aside from some of the built-in, immutable type of services that the kind of network repositories that I have that do outside of Netgate pfSense. The key thing actually is just keeping things separate and being able to get alerts if something funky is happening.

Netgate pfSense gives a single pane of glass management view since the dashboard is always the first thing that I look at, and I have got to configure it in a way where I see my traffic graphs. I have the gateways and interfaces that I look at, along with the interface statistics, services, and a lot of other functions that I can quickly just glance at, including my Suricata alerts, the filtering, and other alerts. I can look at the UPS and the run time for the battery. I could take a quick glance and kinda see all the information I need without getting too deep, making the tool's dashboard a pretty cool feature. It really saves a lot of time.

I use Netgate pfSense Plus. I generally have experienced zero downtime with the tool. If there is some downtime, it is because of my own doings. As far as the benefits of Netgate pfSense are taken into consideration, I can see it has a lot of the extras that you get, and it worked. At a certain point in time, Netgate pfSense Plus was free to upgrade. I don't remember how much Netgate pfSense Plus and pfSense CE software differ from each other, but I know they differ quite a bit. The one thing I will say is the major difference that I have used is the boot environment. If I am doing an upgrade, I will basically take a snapshot of my current boot environment. Even though it does it automatically when you do an upgrade, I just take another backup. If I do something that is a very specific change that makes me a little nervous, I take a snapshot, and then I always have something that I could boot back into if things go horribly wrong, which is a big plus and one way of eliminating downtime since you can go back to a previous instance that is fully functioning.

Speaking of whether the tool provides visibility that enables our company to make data-driven decisions, I can check my graph, and through monitoring, I will be able to check my WAN and see the quality of the WAN to the point I was utilizing a router or modem provided by my service provider I was able to through the graph when there was a drop in the traffic and the quality of the connectivity, and that led me to basically scrap the modem and actually configure my own setup to get the internet into my home.

In terms of the total cost of ownership of Netgate pfSense, I think that for somebody like me who uses it in a cozy home corporate business environment, it is quite an affordable option. The tool is not expensive, and when it comes to the cost of ownership, if you have something lying around, like an old server that I repaired for Netgate pfSense. The benefit is that I am able to put it on an older server, so there are no hardware costs. The tool is not something that would go into a landfill. I think that the tool has been quite affordable and has paid itself over quite a few times. You could go cheap and use an ASUS router at home, which a lot of people do, but it may not have the stability, and it doesn't have the kind of horsepower on your engine speed or expandability of a polished product like Netgate pfSense.

The maintenance that is needed in the tool is just to make sure that the tool is up to date. It's not necessary to do the maintenance, and it's not just about updating Netgate pfSense but also updating the packages. It is great that you have a good product that can keep your environment safe. If you don't patch or have unknown vulnerabilities that surface, then you will end up wasting your money. I do have a patch process, so I check at least once a week for new installs or packages or if there is a version released and apply them shortly after. The total time to install the tool is probably a couple of hours in a month.

I

There are a lot of features I want to see simplified in the product. I want to see the licensing model part to be improved in the product. Those who need to do certain functions from their house would purchase Netgate pfSense Plus while configuring their machine, but if they have another network added to it, then it would basically change the ID of the device, and they have to go and request to get relicensed. Netgate pfSense will help you with the relicensing part for one time, but if you need to do it a second time, then you will have to pay for a new license, and that, to me, is not very fair. I think if you have paid for a year of service, it shouldn't matter how many times you need to request to rekey the license as long as it is not every other day. Two to three requests in a year shouldn't be an issue, and if I add another network card, why should I pay for a new license when there is not much of a difference.

The only thing that I would like to get some better utilization of is the ability to do free switching. If I need to go between different VLANs, I have VLAN 19.1 and VLAN 19.2, and I strictly use Netgate pfSense, but it doesn't route very efficiently and works quite slowly. I understand that it is not the router, but a lot of times, Netgate pfSense advertises it as a tool that is able to route traffic. I had to go in and purchase a separate router to manage my internal VLANs because Netgate pfSense was just choosing between the VLANs I had.

I have been using Netgate pfSense for a year and a half. I am just a customer of the tool.

Stability-wise, I rate the solution a nine out of ten.

I haven't had an instance where the tool has gone down, and if it has, then that wasn't my fault. The stability is there in the tool. I have had the tool p and running a few times, and the only time I have had to reboot it is when there was a new release.

The scalability is really dependent on your hardware. If I want to scale it up, I can throw in network adapters, more memory, more CPU, and scale it up. It is quite a scalable tool, and it is really just dependent on what you throw at it. Scalability-wise, I rate the solution an eight out of ten.

The solution's technical support is not bad, and they are pretty quick to respond. It is quite average as far as the technical part goes. There has been no bad experience with the support team. I rate the technical support a seven out of ten.

I tried using OPNsense but I didn't like the whole approach, the menu system and the way it was configured. Netgate pfSense made more sense to me in a logical manner.

The product's initial setup phase is fairly straightforward. If you install an operating system, then you can install Netgate pfSense, so there is nothing to it.

The solution is deployed on an on-premises model.

The basic installation of the tool takes less than an hour. The configuration part is something that you figure out as you go ahead with the tool, which obviously takes a bit longer. The basic installation is quite quick and can be done in less than an hour.

For me, considering how much I put into the tool, right now, I would say that the ROI is around 25 percent.

When it comes to Netgate pfSense, I use the basic TAC Lite license, which comes for about 100 USD. I don't think Netgate pfSense is expensive at all. You could look at other services that offer similar types of configurations, and you can see it may cost in the thousands range. Even though I want something for free, I think it is quite a reasonable tool. The only qualm I have with the tool is that it is a little stingy on how many times they have to rekey a license.

I would recommend the tool to others since for me, it is simple, the low cost of ownership, expandability, just the way it looks, I like the numbers, and when the data is there, you throttle how much information you want to see or collect. For somebody who likes to tinker or likes to see the numbers or wants to harden their network or has a corporate business and wants to ensure things are operating smoothly, the tool is worth it.

I rate the tool an eight out of ten.

We are a reseller. We resell the product to our customers as we are an MSP. We use it for various different verticals, from manufacturing to schools to typical offices. That is mainly the use of this solution.

There are a lot of limitations with competitors like WatchGuard and SonicWall where there are a lot of costs for licenses to utilize their products. We felt that by going to pfSense, we have a little bit more freedom. We can use certain features without having to pay exorbitant costs for licensing. It is better for the small to medium-sized customers.

They are the most flexible, for sure. In my experience, it is quite easy to add features to pfSense and configure them. There is a lot of support from the local community. Because it is an open-community-built platform, there is a lot of support out there. Adding features and configuring them seems to be quite simple from my experience so far.

There is an overall performance increase. The hardware is much more performance-driven. The constant upgrades certainly make it easier to keep up with the evolving environment. The community-driven platform certainly helps to ensure that things are kept current.

pfSense gives us a single pane of glass management. There is a user interface and also the command line. The user interface is very friendly and easy to navigate. The single pane of glass management certainly increases productivity. The ability to look at one single pane of glass, add different widgets, and see things at a glance certainly helps to cut down the time of looking for certain statuses or things like that. It makes things more efficient.

We deal with pfSense Plus in a few cases. It can help minimize downtime. We have not experienced it in any sort of live environment, but I am confident that it would.

pfSense Plus provides visibility that enables us to make data-driven decisions.

It optimizes performance, and in most cases, it affects operations and makes things more efficient. Efficiency means money.

The ability to utilize the features instead of having to pay a license fee for every single thing that you want to use on a firewall is valuable. A lot of other companies give you a firewall out of the box that has very basic functionality, whereas pfSense gives you all the good features, and if you want to have more advanced features, you can pay a fee. You are able to use a lot of the features that you cannot use on other products. That is the best thing.

It is very good from a troubleshooting perspective. Things like logging are very good. We have been using these firewalls with filtering very successfully, and VPN has been very successful on them. We have not had any issues with that.

One thing that stuck out to me was the move to use plastic chassis on the Netgate devices or products. They are moving away from using metal chassis, and I find that the plastic seems to get hotter than the metal. Other than that, they are such great devices. They always seem to have all the cool things and bells and whistles.

One thing I would like to see Netgate do is to have a cloud-based management portal, similar to SonicWall, WatchGuard, Ubiquiti, etc. With all these platforms, you create an account, and you have a way to cloud-manage these products. Currently, one of the challenges that we face is not being able to manage those things from a centralized platform. It has always been one thing I have dreamt of for Netgate. That is the only place where it falls short. Apart from that, they are far superior in building, keeping up with the times, and keeping things current.

It has been probably eight or nine years.

A couple of times we have had some strange issues that have been unexplainable, but overall, it is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

They have been fantastic. I have never had an issue, and it has always been very good. They are a highly intelligent and very resourceful team. I would rate them a ten out of ten.

We have used everything, such as Cisco, SonicWall, and WatchGuard. You name the flavor. We have used them all, and Netgate is definitely a much better product than those. It also depends on the use cases.

It has been very straightforward to very complex. We have set up entire data centers run by Netgate devices to small offices using a 2100. We have gone from the most complex to the least complex. We have seen everything in between.

Its deployment is a matter of hours. Our clients are small to medium size. We have about ten people working with pfSense.

It requires general maintenance. We have to keep up with firmware and updates. From a physical perspective, there is no maintenance.

It is very cost-effective. There is 100% ROI.

They are on the higher end, but you do not get stuck with spending thousands of dollars every year. You do not have recurring license costs to have people use a simple feature like VPN. That makes it more cost-effective in the long term. There is a very good price point. No one ever complained, and I have not ever thought that they were overpriced. That is for sure.

If you are looking to deploy a product that is reliable and high-performing and that is going to be cost-effective for yourself or your customer in the long term, you are doing the right thing by looking at Netgate.

I would rate Netgate pfSense a ten out of ten.

I use the solution in my company since we operate as a managed services provider that provides security solutions to our customers. I was looking for a device that had the required features my customer wanted, and that fit their budget, so Netgate pfSense is a product that clearly fits this space. Our company has started to deploy the tool for our customers.

In terms of the benefits of the tool for my organization, I am not an end user of the product. My customers use the tool, and what they have been able to achieve using Netgate pfSense is that they are better able to control their spending on internet services. Without Netgate pfSense, users can just take up the whole bandwidth from the network and make it difficult for other people to work, but with the bandwidth control feature, including the built-in functionalities in the solution, you can control what individual IP addresses on the network can do, thereby bringing in more control. My customers have even told their other MSPs how they need to increase their bandwidth, whereas what they needed to do was just control what they already had in Netgate pfSense. Controlling the bandwidth has brought savings to my customers, and it also helped them to have a better user experience with the internet services that they were purchasing.

The solution's most valuable feature is that it is a highly configurable tool. The tool has a lot of options, so there is literally nothing you cannot do with it, but you have to know your way around the product.

The problems my company's clients wanted to resolve by implementing Netgate pfSense were that they wanted a provision for enterprise network security, static control over load balancing, and failover. This area is typically the use case for our customers.

If I assess Netgate pfSense's flexibility, I would say that it is a highly configurable tool, which means there are many options. It has a lot of flexibility in terms of configuration. You can write different rule sets for different traffic types and scenarios. On the same firewall, you could have lots of variety in how you want to handle traffic.

If I want to add features to Netgate pfSense, I would say that because the structure is modular, there is an app store where you can download whatever feature sets you want but are not included by default in the tool. The tool also supports many third-party plug-ins. It is possible to add features to the tool.

Netgate pfSense provides a single pane of glass for management with a customizable dashboard. You can customize the dashboard. Any handy modules you want are possible on a dashboard with a single-view window where you can see what is going on, and it is customizable.

The single pane of glass management feature has an impact on operations since it simplifies management because, typically, my company is not on the customers' premises, so we need to have remote access to the firewall. The people who are doing the back-end monitoring have a single view, which makes operations easy because, with one single glance, you can tell if there is a challenge or not in the tool.

Netgate pfSense Plus is what came on the device that my customers purchased by default.

In terms of whether Netgate pfSense Plus helps minimize downtime, I would say that the main difference between Netgate pfSense and Netgate pfSense Plus is the availability of enterprise support. When I have issues or bugs, I have someone to go to and say that something is not working and ask what we can do about it, after which I can get a response. When it comes to Netgate pfSense and Netgate pfSense Plus, the software is almost the same. One of the versions comes with enterprise backing, so I have some support and OEM support instead of relying on the community. I have a proper company I could talk to about any challenges my customers and I may have. The support does help reduce the downtime. I haven't actually had any downtime with the tool on my customers' end. I haven't had any downtime using the tool.

In terms of whether Netgate pfSense provides visibility that enables my company's clients or me to make data-driven decisions if we don't speak of specific use cases, I would say that it is typically a next-generation firewall that does bandwidth control and provides IPS and IDS features. For instance, if my customers wanted to have an idea of how much internet traffic they are using, then Netgate pfSense would give you graphs that you can export and do further analysis. I don't think the tool's use cases are tied to data or data analysis.

I can’t get any area where improvements are needed in the tool off the top of my head. I haven't had any challenges I couldn't resolve between myself and the support. Maybe Netgate needs to see if a medium-level Netgate pfSense Plus can be created for smaller organizations.

Most of what I need is already in the tool. If there is any need associated with it, I will be sure to report it to the support team.

I have been using Netgate pfSense for two and a half years. My company serves as an MSP for Netgate pfSense.

The only area to consider is that sometimes when there is an upgrade, there may be some changes. But when you have uploaded a stable version of the firmware, the operating system, I think it is a very stable tool. I have not had any issues around stability. Stability-wise, I rate the solution a seven out of ten.

I deal with clients in areas such as residential, government organizations, and medium-scale businesses. I have one customer in each category, which includes small, medium, and large businesses.

Normally, when it comes to the size of hardware before you make a purchase, due diligence is required to see that the device would be able to handle the current requirements and have some room for growth. With the solution itself, I don't see the need to discuss questions related to its scalability because that would be a function of the hardware and the size of the network where you are deploying the tool. Typically, if you have a huge network, you need to make sure that you have the equipment that can handle that volume of traffic from the on-site. The scalability aspect is not really a good assessment criterion to use to measure the tool. If I put things into a certain context and say that we have a network that has around 100 people, then you don't put up a device that can manage 100 people. Instead, you need to get a device that can manage 150 to 200 people, and then you can create room for growth. If you don't follow these steps, you will have to change the device after some time.

The solution's technical support team is okay. They respond quickly. I have only had the need to place two support calls in all of my dealings so far, and they were able to figure out my issues and resolve them very quickly. I rate the technical support a seven to eight out of ten.

In our company, we typically deploy a mix of security products that we prefer. At our organization, we have Sophos, Fortinet, and Netgate pfSense. Sophos, Fortinet, and Netgate pfSense are pretty standard. Netgate pfSense has all of the features that Sophos and Fortinet have, but what is more, it can be used without having to have separate licensing. Netgate pfSense really beats the other tools hands down in terms of price because there are no individual license costs for the features that you want to use. In Sophos, certain features require separate licensing. Netgate pfSense's advantages over other tools in price make it a top choice over the others. In our company, we have some customers who are particular about products, and for such customers, we provide them with what they request. For those who don't mind trying something different, Netgate pfSense is our default choice.

The product's initial setup phase is straightforward. The complexities in the deployment are produced by customers who do not know exactly what they want. Some customers have requirements, and my company needs to sit with them and streamline certain areas. The integration and the configuration are not the challenges associated with the tool.

The solution is deployed on an on-premises model.

Typically, if all the configuration information is available, the tool can be deployed in a maximum of two to three days. One can have the standard installation done. The deployment procedure can be done assuming one day for the configuration and the second day for rack mounting. The process is quick when the customer has all of the information they want configured in hand. For some of them, the tool is typically deployed over a period of a few weeks because they don't know or have not decided how they want to implement a particular feature. Still, it would not be a delay from Netgate pfSense's end but rather a delay from the customer side.

I would not call it a cheap tool, but it is very cost-efficient. I don't see any product that gives you the same functionality within the same price brackets offered by Netgate pfSense. There is hardly any need to go to the open-source firewalls, especially with the ones that are coming back, and there are no enterprise security products in the price range that Netgate pfSense falls under.

If I assess the total cost of ownership of Netgate pfSense, I rate it as an eight or nine out of ten.

I don't use Netgate pfSense Plus on Amazon EC2 VMs, and I haven't had a customer who wanted to deploy the tool on the cloud. Most of them purchase and install their hardware directly from Netgate.

The maintenance of the tool's equipment is done once or twice a year just to blow out some dust and make sure it looks physically okay, which is nothing outside of what the regular network devices require. It doesn't require any special maintenance.

I would recommend Netgate pfSense because it is one of the products that my company markets to our customers.

As I have existing customers that use the solution, they serve as a reference point for my new customer. I tell others that I have deployed Netgate pfSense in a few official organizations, their use, and the problems that it has solved for them. I have case studies to speak about. If someone wants to go for a proof of concept, it is something that is doable.

I rate the tool an eight out of ten.

I am in IT. I use pfSense for my personal use. I use it to practice networking and understand how networks work. I apply all the networking-related things that I have learned to pfSense at home.

I also use it to isolate my IoT network from my regular network and from the devices I use for the cameras.

The main reason for implementing pfSense is that I like playing games. With pfSense, I can place quality control over the traffic traversing over the WAN connection or the Internet. I am able to prioritize and limit some devices to allow me to have a better connection to the Internet than some devices in our house.

pfSense is a flexible solution. It has features for setting devices into groups. I was able to group up the devices in our house to be able to set some restrictions on some devices and have full restrictions on other devices. It allowed me to control my kids' devices to limit access to the Internet to a certain time. It automatically stops on the Internet for those devices when that time comes.

pfSense gives a single pane of glass management in regard to the network. I was able to control everything in my network, which is good.

I use pfSense Plus. I got third-party hardware, not with pfSense, but I purchased the license to have a pfSense Plus version. That hardware went down a few days after I bought the license. I created a ticket, and the engineer allowed me to move it to another device because I had just recently purchased it. Thanks to them, I was able to have less downtime because I did not have extra money to purchase another license. I was able to bring it up as fast as possible. The backup and recovery of the configuration is very pretty easy. I just reuploaded the file and updated two lines of code, and that was it. Everything worked.

Everything works well. My streaming is working fine. My kids do not complain about any lags. I can play my games without having any issues. I do not experience any lags. When my wife is working, she does not have any problems downloading or uploading files back to her work. We are pretty happy with the performance.

For me, the firewall is most valuable because I can play around with the firewall. That is the best asset for me. I can limit what I want to limit, and I can open what I want to be open.

I like the versatility of pfSense. Compared to other products I have used for home and small businesses, this is the easiest to understand. It has enterprise features compared to, for example, Ubiquiti UniFi. Their router is limited to some features, whereas with pfSense I can do, for example, routing and dual WAN. I also have several VPN options.

It has a lot of features, but I wish there were even more features. Some of the features I am looking for are still not there in pfSense, like, for example, content control. Because I have kids, I want to control the content or what they watch. There is a feature in pfSense called pfBlocker, but it is limited. If I set that up, it is blocked by an IP address. Sometimes my devices are borrowed by my kids. They are able to get a full connection to the Internet, but their devices are limited. If content blocking is added to pfSense, it would be great. If I can block content by a user, that will be a preferred solution.

The frequency of feature releases can be better. We have been waiting for some of the features for a while, but they have not been released. I know they prioritize what is used in the enterprise area, and then they provide some features for regular consumers like me. If they can balance that 50:50 and focus equally on the enterprise and consumer suggestions, it will be great.

The interface and support are perfect for me. I saw a post on their blog that they will be moving to the Linux operating system. Hopefully, they would have better wireless because the wireless for pfSense is horrible or horrendous. If they move to Linux, hopefully, they will improve it.

I have been using pfSense since 2020. It has been four years now.

It is very stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

We are a family of five. Five of us are connecting to the pfSense Internet.

They are great. They are perfect for me.

I have used TP-Link and Ubiquiti EdgeRouter. In regards to features, the two are on par. They are way behind pfSense. pfSense is way ahead of these two in terms of what it could offer. In terms of security, TP-Link is very bad, EdgeRouter is in the middle, and pfSense is way ahead. In terms of performance, TP-Link is worse, and EdgeRouter and pfSense are neck to neck. I prefer pfSense over others.

I installed it on third-party hardware. The longest period of initial configuration was when I deployed it for the first time. After that, it is very fast because I can back up my config and restore it if I break something.

It took an hour or two for all the installation and configuration.

In terms of maintenance, it requires regular updates. That is the only maintenance that it needs. I also need to monitor if any known or zero-day bugs are found in pfSense. I am watching that because pfSense is the device facing the Internet, so I need to be always alert about any zero-day bugs. I also need to be mindful of the configuration to not accidentally expose any ports. These are the three things required in terms of maintenance.

In four years of using it, that payment of 189 dollars per year has already paid off. Over these years, I only experienced it going down two or three times, which is less than 1% downtime per year.

It is cheap. If you are a technical person, it is a pretty cheap solution because first of all, the Community Edition (CE) is free. I am in Australia, and my pfSense license is about 200 dollars. It is not bad because it is per year and not per month. It is cheap compared to other solutions.

I am not using the hardware. I am using the software. It is very cheap. It does not cost me a lot. The only cost is just the one-year payment. If I need extra hardware, I need to purchase that from the third party whose hardware I am using.

I would recommend pfSense to others. I already recommended it to my boss, and he is using it now. He is loving it as well. It is easy to use, and there are a lot of resources available. If you have any problem, someone would have already encountered that problem and found a fix, so it is easy to fix based on that. It is very reliable. The downtime experience is very low. It is almost zero.

I would rate pfSense a ten out of ten.

We use pfSense as a small business firewall and as a VPN gateway.

PfSense provides us with a cost-effective but reliable network appliance. We have a standard networking device that lower-end help desk people can use effectively. It's less complicated. We moved from another platform that although the hardware was reliable, the software wasn't particularly reliable, and it was difficult to use.

It helps our operations because it's a standard platform anyone on our help desk can use. Every site will be pretty much the same. Once cloud management comes out, it'll be even better.

PfSense is fairly simple to configure and has a good administration interface. It's built on pfSense, so I know it'll be reliable. It is quite flexible, and adding and configuring features is pretty easy. There's a lot of support for add-ons, and we can do a lot of stuff with it, so it suits our needs perfectly.

It secures against data loss pretty well. Plus only has a few additional features over the Community Edition. We mainly use Plus because it comes with the Netgate hardware.

The only feature I want to add is cloud management. I'll be an early adopter of that one. We're ready for that feature, and it's one of the few missing things, so that'll be excellent when it comes.

Another thing that's primarily an issue for us is that Netgate may soon stop production of the 1100. That's what we use for our telephony gateway. It doesn't need to be high performance, but it does need to be low cost. If they stop it and make the 2100 the lowest, that will be problematic for us. We will need to start using something else because it will become too expensive for our purposes.

Effectively, we are using it as just a VPN gateway, and 1100s are great for that. What's annoying is that we cannot buy the 1100s directly because we're not a partner, and it isn't approved for connection to Australia, so we need to buy it through a company that went out and got it approved. We lose a bit of margin doing it that way. We can buy 2100s and above directly, but we must go through a reseller to get 1100s.

I have used pfSense for two years.

I rate pfSense nine out of 10 for stability.

Netgate pfSense is scalable.

I rate Netgate support seven out of 10.

We have used some other hardware, but the software was a dog. It's pretty difficult. We've also used some UniFi solutions, which are good, but they haven't sorted out the VPN component, so we'll continue using Netgate. Once they work out the kinks in their software, they'll possibly have a compelling solution.

However, if Netgate stops selling the 1100, that could be quite problematic for us, and we'll probably go with Ubiquiti because it's too expensive to use 2100s for VPN appliances.

PfSense is straightforward to deploy once you know what to do. It's a one-person job and takes a couple of hours. After deployment, it requires upgrades, but that's it.

The total cost of ownership is good because you buy it upfront and don't need to pay a subscription fee. We've spent a bit more, but we pass that along to the customer. In the end, everyone wins because they get a reliable solution, and we get something much easier to manage.

I rate pfSense five out of five for pricing. It's fairly priced. We wouldn't buy it if it weren't. There are cheaper firewall options, but they aren't as reliable and easy to manage. Of course, there are also more expensive ones.

No ongoing subscription fee is nice because many of them are small businesses that don't want to pay for an ongoing subscription. It's always being updated, so that's good from a security perspective.

I rate Netgate pfSense seven out of 10. I would recommend it to others.

I use the solution in two ways. I deploy it commercially and I use it in my home lab as well.

It's very easy to deploy. It's nice when you've used something for a while. You get comfortable with all of the benefits. I know what I'm doing. I'm very familiar with the product.

The addition of packages makes it very customizable. The flexibility is very good. Not all firewalls out there have that. Typically, you are tied into three or four different plugins. pfSense, however, allows you to add more than the standard handful others offer.

It's easy to add features and configure them.

They do improve it consistently, which makes me want to return to it over and over as a solution.

It just introduced, with the latest revision, the ability to save your backups incrementally as well as go back and make changes. I can go back to a particular backup, and that's quite useful.

The solution does prevent data loss. You can pick up your configuration files consistently, whether you want to do it daily, monthly, hourly, et cetera.

Users can manage everything under one single pane of glass.

I also use pfSense Plus. It provides good features that help minimize downtime. The updates come quicker to Plus, which is helpful. It also helps optimize performance. Having the pane of glass offers consistency in terms of finding things. The UI is very intuitive.

Updating some of the packages can be a bit difficult. It's hard to stay on top of them all. There also might be a bit of a lag on updates.

If they could get to something like Meraki, where I could remotely log in and not have to deploy a package to do that, that would be nice to have.

It would be helpful if they had more documentation. Some online details seem out of date and you have to spend a lot of time going through forums to uncover what everyone else is doing.

I've been using the solution for probably ten years.

The stability is very good. I'd rate it nine out of ten.

Most of my clients who are users are under 50 users. I handle mostly SMBs. I'd rate scalability eight out of ten.

Technical support is awesome. I haven't dealt with them a ton, however, every time I do, via email, within an hour, they've responded.

I've used Cisco Meraki over the years. It's a bit different. There's also a cost factor.

I've also tried OPNsense. I didn't like the look of it after using pfSense for so long.

The initial deployment is straightforward. It's awesome. I always bench test it before deployment. I do it through my office, not on-site, to go through the various variables that could make things go sideways.

The implementation only takes about a day. I can manage the process by myself. I don't need a team.

A majority of my deployments are for home users.

There's not a lot of maintenance. You just want to keep packages updated when the time comes.

I have witnessed an ROI from a remote perspective. I'm able to remote in for some users and fix any problems that way.

The solution is fairly priced. The total cost of ownership is pretty good. They do offer appliances as well and those are quite cost effective.

I'm a consultant.

I'd advise new users to learn at home first and play with pfSense just to get used to it.

I'd rate the solution nine out of ten.

The solution is primarily used for anything to do with security. SMEs are using it to protect their businesses.

The companies we work with are fairly generic. What we see most is companies using the solution since it's affordable.

The price point is the most valuable aspect of the solution. Customers really value that.

Customers value the following features:

• It's highly configurable
• It's flexible.
• The features are easy to use.

The interface is somewhat challenging if you compare it to other commercial products. If you compare it to something like Sophos, where someone with decent firewall knowledge can get it up and running in a very short time, you need to be a fairly skilled security worker for this product.

Configuring the interface can be a bit hard.

We've found working with SAP networks challenging. The model that they have in terms of partner networks works very well in the US. However, it's very challenging in our part of the world. What works very well here (Kenya) is a distributor-reseller model, where you have the vendor appoint a distributor. Then the reseller can quickly serve the client. The partner support could be better here.

We've been selling the product for two or three years.

The solution is quite stable. I'd rate stability nine out of ten. I rarely have a failure.

We largely work with SMBs.

Support is excellent.

We have used other products as well in the past. For example, I do have knowledge of Sophos. We are a reseller. We've had it longer than pfSense. Sophos is a bit easier to set up. pfSense pricing is very good, however. It does need a more friendly UI.

The initial setup is a bit complex. There are other products that are easier to set up. The installation is not a problem, however, the complexity comes in with the configuration. The installation itself, which is basic, won't take long. The configuration process is longer since it can be from challenging to quite complex.

There is some maintenance required. There are updates every quarter. Previous to the last update, you couldn't do an update without breaking. It's easier now, however, there is still maintenance.

The solution is cost-effective, however, that does come at a cost to the client. They do have to buy the product in the US and ship it to Kenya. The total cost of ownership, including acquisition and support, can be quite competitive.

We are resellers.

I'd recommend the solution to other users.

I'd rate the product seven out of ten. There are a few challenges. However, it is stable and offers good support.

We use pfSense for firewall, ad-blocking, and IPS functions. We have two pfSense instances on Dell hardware, and one exclusively does IPS/IDS. I have the firewall features turned off on that. The other use case is for the firewall features, reporting, and VPN.

The first benefit is that pfSense offers an affordable firewall solution. It's open source and available on any platform. If you wanted to pull an old machine out of your garage, you could set up a pretty decent pfSense installation. Having learned a little more about pfSense and some of the additional packages that can be bolted onto pfSense, I've used it now for quite a few different things.

I haven't had any particular instances where I felt I was under attack or the firewall was somehow inadequate. I feel very comfortable that this will do everything to protect data. The initial deployment was positive, and we started seeing the benefits within a couple of hours.

The pfSense Plus has vetted rules and software releases from Netgate. Having that extra layer of accountability from Netgate with the Plus features is a positive.

I like the VPN features. We use WireGuard, which is part of the pfSense package. That was easy to set up, so I could connect to other customer sites seamlessly. Is there such a thing as being too flexible? It's a highly flexible platform, especially regarding support for third-party packages. It's almost like you're overfilling your grocery cart, and items are all falling on the floor. You can add too much to it.

The single pane of glass management could be better. For example, it relies on several additional packages to provide some of the features advertised as part of its capabilities, but those packages are not visible directly through the initial pfSense dashboard.

It is easy to add features, but configuring them takes a lot of knowledge. I would like to see an additional wizard added to pfSense when you add some of their other packages. You can add a package from pfSense to do a particular task, but you need to be a product expert or willing to spend time on the Internet for hours and hours to figure out how to configure some of those features correctly.

We have used pfSense for about one year.

We haven't experienced any crashes or performance issues. I have pfSense loaded up with third-party packages, and it's just rock solid.

We're a small shop, so I don't have much experience deploying it in bigger, better, faster scenarios.

I rate Netgate support nine out of 10. They were very responsive. It took some getting used to because I always used phone support. I love phone support. I like talking to people, but the support level that I paid for was email. They were on it fairly quickly. It was a licensing issue, and they told me exactly what the problem was within 24 hours.

I've used Cisco firewalls before and found them very complicated. You don't know what you're doing, and it's dedicated hardware. I've used some other common off-the-shelf products, such as Netgear and Linksys. I thought pfSense was the best fit.

The initial deployment of the pfSense firewall is easy. It took nearly four hours, including the additional configuration tweaks. We're a small environment, so it was pretty straightforward

After deployment, it doesn't require much maintenance. It's essentially fire and forget. I chose to do the updates manually, but you can set it to update automatically. I should note that I chose Dell platforms to run pfSense because there's a lot of industry knowledge regarding the combination of Dell and pfSense. Anyone deploying some no-name hardware from other companies will probably run into some trouble.

PfSense is affordable. I appreciate that it's based on a support requirement instead of bandwidth or users. We're pretty small, so we don't touch many of those levels that they might have.

Since I'm using my own hardware instead of a Netgate appliance, this is the most bang for your buck you can deploy. I pay for the Plus and feel the benefits behind the software and configurations. The average user might be fine with the community edition, but I wouldn't go that route for a production environment. I think this is a cost-effective solution. I can amend it to manipulate the various hardware configurations without much pushback from Netgate.

I rate Netgate pfSense nine out of 10. I highly recommend it. It isn't a perfect solution. It's a little difficult to configure. If you can afford it, I would pay for the phone support.