I use pfSense as our primary firewall and router. We use several functions of pfSense, including the OpenVPN capabilities for mobile VPN and pfBlocker for DNS blocklisting. We also use Snort for IPS capabilities. 

The solution helped us secure the perimeter against vulnerabilities. I'm confident in the team's ability to keep things updated and all the security holes patched. It also has security add-ons like IDS, IPS, etc. We realized the benefits immediately.

My favorite thing about pfSense is its overall stability of the product. It's rock solid and low maintenance. I like that aspect. It doesn't cost much, and it's feature-rich, including mobile VPN, pfBlocker, and IPS. You have the flexibility to deploy it as bare metal or VM. 

It's very easy to add features to pfSense and to configure them. The solution's management page offers a single pane of glass view. You can clearly see the various features on the main page, and it isn't difficult to drill down into the other sections for more details. 

I can't say which features Plus provides that the community edition doesn't. I only knew that the Plus edition was the path forward. I was previously on a community edition for many years, but I've been on the Plus edition for at least a couple of years now.

One area of improvement would be better communication. They kind of left a lot of people in the dark and misled them about the pfSense Plus Edition. I feel like they automatically switched people over and then followed that up with a required subscription model. That aggravated a lot of customers, including me, but I stuck with it regardless.

I have used pfSense for nearly a decade.

I rate pfSense 10 out of 10 for reliability. 

pfSense is highly scalable. The only limitation is the hardware you have behind it. As long as you can upgrade your hardware when you scale, pfSense will be able to support it. 

I rate pfSense support nine out of 10. I've typically gotten all the answers I sought when needed. They are highly responsive. I don't think I've ever had to wait more than an hour to get a reply. 

Positive

I wasn't involved in deploying pfSense. I maintain an existing one. For maintenance, you just need to periodically update to the latest version of pfSense Plus and maintain the different rulesets, such as firewall, IPS, and pfBlocker rules. 

The total cost of ownership of pfSense is rather low. After the recent subscription change, it doesn't cost us more than a couple hundred bucks a year. The only other thing I have to pay for is the business Snort license for the IDaaS IPS functionality. 

I rate pfSense nine out of 10. I recommend doing a white box deployment because it's easier on the hardware. I tried pfSense on a Netgate appliance and wasn't impressed with the performance compared to the white box I already had in place. I suggest starting with a spare server you have — Dell, HP, etc. 

I use pfSense for my home network firewall. I also manage two Cloud platforms that use it. 

Netgate pfSense is flexible allowing for modifications to meet our needs.

With my strong security background and experience managing pfSense, adding and configuring new features is a breeze. While some might encounter challenges, my expertise allows me to navigate them with ease.

pfSense impressed me with its ease of deployment and low maintenance. It excels in protection and firewall functionality and offers a wide range of add-ins to further customize my network. After considering alternatives like OPNsense and Untangle, pfSense emerged as the perfect fit for my needs.

The single pane of glass provided by pfSense makes it easier to determine issues related to attacks and what is being blocked. I can see live logging of the firewalls and what rules apply to what.

pfSense does a good job helping prevent data loss using Snort which identifies and blocks suspicious traffic before it enters our network.

pfSense Plus offers a visibility feature that helps me optimize network performance. The dashboard displays clear traffic graphs and device load information, and I can customize it to show exactly what I need.

The total cost of ownership is extremely reasonable. pfSense is a good option, especially for people conscious of recurring expenses.

The most valuable features of pfSense are the high availability that easily allows failover to a backup unit and the Snort integration with pfSense and WireGuard.

Netgate pfSense can improve by adding a different OS layer other than FreeBSD.

I have been using Netgate pfSense for ten years. 

Netgate pfSense has been stable.

pfSense's scalability is highly dependent on the hardware you choose, but despite this, it offers a strong ability to handle increased network demands overall.

In addition to pfSense, I have used OPNsense, WatchGuard, and Cisco. The WatchGuard rules were more straightforward than pfSense. New pfSense users might find deciding between floating and interface rules for specific scenarios confusing.

The installation is easy for those who are comfortable with command-line interfaces. It is quick and straightforward but they have to be careful when assigning the internal or external net because that can be challenging for some.

One person is enough to deploy.   

Netgate pfSense is competitively priced. The 4100 box is a good box for the price.

I would rate Netgate pfSense nine out of ten.

Before deploying pfSense in your lab, I recommend checking the pfSense forums to learn about any potential issues or considerations other users have encountered.

My company uses Netgate pfSense firewall routers for some clients, but I choose the device based on their needs. For locations like restaurants that require constant internet, I use a different device with cellular failover built-in. The cost-effective Netgate pfSense is a good option in simpler locations like doctors' offices. I can leverage Netgate's ability to handle multiple ISPs for clients with large internet demands. Ultimately, the choice depends on the client's budget and specific requirements.

In my role, I decide what our clients should implement for their network security. I want to create a secure environment by separating the business network from the Wi-Fi and phone networks. To achieve this separation, pfSense uses different subnets to effectively block any incoming traffic attempting unauthorized access to the network.

pfSense is highly configurable, offering flexibility to tailor its features and functionality to each client's network needs.

pfSense offers a wide range of plugins and add-ons, making initial configuration straightforward. However, since I primarily rely on endpoint security products installed on clients' workstations for their overall protection, my pfSense setup focuses on basic functionality. This includes configuring the firewall for my in-house network and leveraging its ability to handle multiple WAN connections. Ultimately, pfSense's affordability and ease of use make it a great choice for me as a secure and customizable router/firewall solution.

Network segmentation offers the biggest benefit for my clients. By creating separate Wi-Fi, phone systems, and business network segments, I can isolate any security breaches and prevent them from spreading throughout the entire network. As the decision-maker, I prioritize client security without needing them to understand the technical details. My focus is ensuring their networks are secure.

I have never had any downtime using pfSense Plus.

The most valuable features of pfSense are its ability to segment networks, create different subnets, create different VLANs, and use the VPN, as well as its affordability.  

pfSense lacks a centralized web dashboard for viewing all my clients' pfSense dashboards. A single pane of glass for both web access and management would be a game-changer. This missing interface is my biggest frustration with pfSense, and improvement is sorely needed. I have clients all over the United States and would deploy many more pfSense firewalls if it had a centralized web dashboard.

I started installing Netgate pfSense for clients almost three years ago.

I would rate the stability of Netgate pfSense ten out of ten.

I would rate the scalability of Netgate pfSense ten out of ten.

We've worked with almost every firewall: SonicWall, Cradlepoint, Ubiquiti, Fortinet, and UniFi devices. You get into the licensing of some of those with SonicWall and Fortinet, and it's just not the product that I like to sell to my clients. I'm always client-friendly. I want to find the most affordable product for them that does the best job. NetGate pfSense is the right one for some but not for others.

The deployment is simple. We preconfigure the device in the shop and then take it out and hook it up in less than one hour.

We have three people total who deploy the firewalls, including myself.

Netgate pfSense is a set-and-forget product other than deploying and periodically updating the firmware. pfSense has been solid for me.

Unlike many firewalls that require annual licensing fees, making them expensive for small businesses, pfSense is an affordable option.

I would rate Netgate pfSense seven out of ten. The only area of improvement is the web dashboard, which is currently lacking in pfSense.

I use other products to control data security. Most of my clients don't have an in-house server. I work with small businesses, and that's why the Netgate pfSense device works well. For my larger clients, we go to the cloud for data storage and data security with redundancy. So, I don't use pfSense for data security at all.

pfSense is a good value for some clients; it's client-specific. It depends upon other things we are deploying there, such as what kind of Wi-Fi network we use. If we are adding a VoIP phone system. It just depends on what the client's needs are, but It is the right device for the right client.

A lot of our clients are small businesses. I've got one fairly large business. It is a restaurant group nationwide with 700 employees, but its main office has maybe 30 to 50 employees. So, that's probably my largest deployment of the Netgate device.

The only maintenance required for the pfSense firewalls is applying the occasional firmware updates.

Some MSPs are more focused on making money. I'm not. I'm focused on the right fit for the client, and the money takes care of itself. pfSense is a great device. I'm not focused on what will make me money. I'm focused on what is best for the client. In many decisions, the Netgate pfSense is the right decision for that client.

I'm an independent IT consultant specializing in pfSense router deployments. I use pfSense not only in my home and my parents' homes but also at ten of my clients' locations.

The pfSense router can be deployed on-premises, in the cloud, or on a hybrid platform, but I only deploy it on-premise.

pfSense's flexibility overall is excellent. I can't think of a feature that it doesn't have.

Once I got the hang of it, pfSense became easy to use to add new features. However, there are occasional complexities, like configuring a RADIUS server, which initially seemed overly complicated. Thankfully, the documentation helped me navigate the process successfully.

I immediately saw the benefits of pfSense based on the cost savings alone. The routers are low-cost, to begin with, and there are no annual licensing fees like those required by Cisco routers and other brands. I have replaced many Cisco routers with pfSense because of the ridiculous licensing fees.

pfSense, as long as it is properly configured, is excellent at helping us prevent data loss.

Netgate hardware devices come pre-installed with pfSense Plus, which means all of our installations benefit from pfSense Plus because they run on Netgate hardware.

pfSense provides visibility that enables us to make data-driven decisions. The package manager lets us add a lot more visibility. I use the softflowd add-on package, and there are a few other add-ons if we need more visibility.

The visibility provided by pfSense helps optimize performance. The data flows across the different subnets, which is helpful if there is a performance issue.

pfSense stands out for its full features and adherence to industry standards. Unlike competitors introducing proprietary variations like UniFi or Omada, pfSense prioritizes compliance. This is crucial in manufacturing environments where diverse systems need to integrate seamlessly. In such multi-brand settings, standard compliance becomes a critical factor for successful system interaction.

pfSense doesn't offer a central management system for multiple sites, which wouldn't be a big deal for most of my customers, who typically manage just one site. However, for larger companies with many sites, logging into each pfSense router individually to manage them could become cumbersome.

Previously, we were able to download an offline installer for our firmware. For example, if our router crashes, we must reinstall the OS. We would have it on a USB stick that is available to reinstall. Now, with the current version of pfSense, they are no longer providing an offline installer. We have to be connected to the internet to download the OS in real time, which, in some cases, is not possible. Some routers need to be air-gapped for compliance controls. They are not supposed to have access to the internet. In other cases, we can't disconnect the company's internet to connect the replacement router because that would take down the company. So we don't have a way to install the OS. I went back and forth with Netgate's support, trying to get that through their heads, and eventually, a manager gave me the offline installer but told me this would be the last one and not to expect this ever again. They have provided offline installers for 15 years, so I don't understand why they would remove them now. They are not considering all of the use cases. If we have a large company and the router goes down, we could be losing thousands of dollars an hour, and we don't want to sit there trying to troubleshoot an internet connection when we could use a USB stick to reinstall it in two seconds and restore the config. This is an essential need for some organizations and an area where Netgate pfSense can improve.

I've been a Netgate pfSense user for nearly 15 years, practically since its launch.

Netgate pfSense has been excellent in terms of stability. I have never had an issue with any of the business-grade routers. Their lowest-end model runs on MMC storage instead of regular hard drive storage, and I have had some of those crash.

Netgate pfSense has different tiers, so the higher we scale, the more expensive it gets, but as long as we match it appropriately, it works great.

I have never paid for Netgate support, but when we purchase a new router, they allow us to send a config of the old router and provide one-time support for free. So, I have interacted with them a few times under these terms. The results have been mixed. Sometimes, I can tell I am speaking to a competent person, and others don't understand what I'm saying. In the past 15 years, I have been working with pfSense routers. I have contacted the support team 15 times, and the results have been 50/50.

Neutral

I have used Cisco routers, which were a real hassle to manage. I have also used Linksys and Apple AirPort routers.

The initial deployment for a new user is moderate. It all depends on their experience level. The documentation on their website is suitable for beginners. For a basic deployment, there are many articles from other people and YouTube videos on how to deploy.

Compared to other business routers, pfSense's pricing is reasonable. It also offers a free community version that can't be beaten.

With the inclusion of firewall, VPN, and router functionality, pfSense's total cost of ownership is low compared to other routers like SonicWall, which licenses the VPN feature. 

When I compare pfSense to other routers like TP-Link and Omada, I see that it has all the standard network features, whereas the others are missing a few. The challenge with pfSense is learning to use it because of all the features it includes. I have never felt like I needed to change brands because pfSense was missing a required feature.

I would rate Netgate pfSense eight out of ten. It is a great product.

I recommend new users do a test setup on their home network first to understand how it works before moving it into their business.

I recently started using pfSense to secure my home network. As an IT consultant working remotely, I needed better security than my router offered. I run servers in a lab environment to demo software for clients, and in my previous consulting role, I managed networks for companies of all sizes, some with hundreds of thousands of devices. Since we can't modify a client's environment directly, having a secure home lab for testing is crucial. pfSense allows me to segment my network and use a VPN for secure remote access, offering more functionality than my previous setup. While a free version exists, I opted for the convenience of a pre-configured appliance.

pfSense surprised me with its ease of use, even though it's powerful enough for corporate environments. Unlike my previous complicated Cisco firewall that now collects dust in the garage, pfSense offers the flexibility and functionality I need.

pfSense offers a default rule that allows all traffic initially. While I prefer to block everything by default and only allow specific traffic, this approach led me to accidentally lock myself out of the firewall during configuration. The device functioned as intended, following my overly restrictive rule. Resetting to factory settings was a learning experience, and now I understand how to avoid self-imposed lockouts. After diagnosing my initial setup issues, I successfully corrected them and implemented filters that boosted our internet speed. This experience made clear the benefit of pfSense for our network.

The firewall acts as my first line of defense against data loss by controlling incoming and outgoing traffic. Additionally, I keep my devices updated with security patches and utilize application whitelisting, which restricts programs to those from approved vendors with verified digital signatures. This helps prevent unknown malware from executing on my system. While demonstrating data loss prevention for a government agency, I encountered a connection hurdle between my devices on different subnets. Realizing a firewall was blocking communication, I opened the necessary ports to allow the connection. This highlights the firewall's role as a first line of defense. Even if one device is compromised, the firewall helps prevent the attack from spreading to other segments of the network. However, it's important to remember that the subnet itself remains at risk, which is why I also use local firewalls on individual devices for additional protection.

When it comes to the firewall functionality of pfSense, it does provide a single-pane-of-glass to manage everything.

The most valuable aspect of pfSense for me is its firewall functionality. It allows me to set up different networks, and VLANs, and control how subnets communicate with each other, all the way down to individual nodes. This granular control is very important for my network security. Additionally, pfSense offers a variety of alternatives like VPN that I haven't explored yet, but my top priorities are the firewall features that protect my network from external threats and allow me to segment internal traffic. I also use the filter feature to filter internet ads and adult content. The filter list depends on someone keeping it updated, but the community has been great for this and it makes my internet browsing much faster because all the junk ads are blocked. 

pfSense would be much more efficient if it allowed exporting the entire configuration of a device after it's been set up. This way, the configuration could be easily imported onto another device, saving time and effort.

I have been using Netgate pfSense for one year.

Netgate pfSense is stable with zero downtime related to the firewall.

Netgate pfSense can scale at an enterprise level.

Cisco's firewall device proved too complex for me, ending up unused in my garage. Thankfully, pfSense offered a much more user-friendly experience.

pfSense deployment was straightforward thanks to the available documentation and video tutorials, although I did lock myself out once due to user error. While IT professionals might not always consult the manual first, pfSense helpfully allows saving configurations without immediate application, a feature that would have prevented my mistake. Learning from this experience, I now know how to leverage the provided resources for a smoother pfSense deployment process.

I did the deployment myself but someone who is not an IT person will require the help of an integrator or consultant.

I deployed pfSense in two and a half days. It included setting up VLANs for different purposes like a DMZ, server LAN, user devices, guest network, and VMware management. I also configured a firewall with rules to isolate these networks and implemented an IPSec VPN to filter out ads and malicious sites.

The implementation was completed in-house.

pfSense offers a surprisingly affordable enterprise-grade solution for small businesses. While my own pfSense 6100 costs $700, the value it provides makes it a very cost-effective purchase.

I would rate Netgate pfSense nine out of ten.

Other than installing updates, pfSense has not required any maintenance.

Before configuring your network devices, plan out your network segmentation. This written plan will guide how you set up VLANs, servers, DHCP scopes, and DNS. Think of it as a blueprint for your network design. While implementing the plan on a Netgate device or pfSense might be straightforward, without a clear strategy, you'll be overwhelmed by the available features. 

After successfully using pfSense at home to manage IoT devices and separate their traffic from my computers and gaming consoles, I'm now evaluating its suitability for our hospital system. As the IT manager, I'm impressed and considering replacing our current firewalls with Netgate pfSense appliances.

I implemented pfSense at home to proactively prevent security issues on my home devices.

Netgate pfSense is flexible allowing us to add plugins.

It has improved my home network's security, making it significantly harder for attackers to access my data.

Netgate pfSense works well to prevent data loss and helps optimize performance.

As a first-time NetGate pfSense user, I've been impressed by several features: easy integration for blocking traffic by country, straightforward creation and management of firewall rules, and the ability to extend functionality through plugins.

I'd love a centralized management system for multiple pfSense appliances. This is where Netgate could improve. Redesigning my network for seven pfSense units sounds like a daunting task, especially with the need for individual configuration. A single pane of glass for managing everything at once would be a game-changer, streamlining the process significantly.

I have been using Netgate pfSense for five years.

I would rate the stability of Netgate pfSense ten out of ten.

Based on what I have heard from other users and what I have read, Netgate pfSense can scale.

The deployment was easy, but I took a cautious, phased approach to avoid disrupting household internet access. Once complete, the upgrade from my previous Netgate appliance allowed me to take advantage of SFP+ ports, so I put ten gigabytes into it and continued fine-tuning the system.

The initial deployment for basic functionality was completed within a few hours, but achieving full functionality took approximately two weeks. 

Netgate pfSense stands out as a cost-effective option that delivers excellent value. While I haven't personally used their support at home, a vendor I spoke with praises it highly. Their reputation suggests phenomenal hospital-grade support might be worthwhile for a critical environment like ours.

Netgate's maintenance contracts are significantly more affordable compared to other vendors, demonstrating their competitive pricing and commitment to customer value.

I would rate Netgate pfSense ten out of ten.

Netgate pfSense is low maintenance.

Before committing to any network or security hardware, including Netgate pfSense, I recommend a Proof of Concept to ensure it meets your specific needs. Don't rely solely on others' suggestions. Thankfully, pfSense offers downloadable virtual images, allowing you to experiment with its features before purchasing physical equipment.

I use Netgate pfSense in my home lab and company. I wanted to learn more about networking so I swapped my ISP router with Netgate pfSense.

Netgate pfSense is a flexible solution. Netgate has its appliances but if I want to use pfSense somewhere else, I can install it into a virtual machine or on my hardware.

I would rate the ease of adding features to Netgate pfSense eight out of ten.

Netgate pfSense has improved the traffic visibility of the devices we are monitoring. Netgate pfSense has also taught me a lot about networking because I got to use an enterprise-grade firewall.

pfSense Plus helps minimize downtime thanks to its ZFS snapshotting feature. This means if we misconfigure something, we can quickly restore our system to a previous working state, reducing downtime.

Both pfSense Plus and the community edition provide visibility that enables us to make data-driven decisions.

Netgate pfSense has provided a reduction in downtime of 30 percent thanks to its user-friendly configuration process.

The most valuable features of Netgate pfSense are the ease of use and GUI. 

pfSense's dashboard offers basic monitoring, but it lacks centralized management for multiple PSM devices and a unified event interface for various services. Ideally, I'd like a management interface that can handle multiple PSMs, even if they're in different locations. This interface should provide at least status information and basic management features.

I have been using Netgate pfSense for three years.

I would rate the stability of Netgate pfSense nine out of ten. While I did encounter some issues earlier on, they have all since been resolved. 

Netgate pfSense is scalable. While we haven't used features like the rack-mounted version or maxed out its capabilities, the system is easily scalable. Upgrading to a more powerful model is simple - just export our settings and import them to the new device.

I had to use the technical support twice and they were extremely quick to respond and deal with my issues.

Positive

While I previously switched from UniFi to pfSense for its wider range of features, the gap between them has narrowed somewhat. However, pfSense remains a more enterprise-focused option, allowing for granular control over specific network elements useful in complex environments. UniFi, on the other hand, offers a less detailed view.

While the initial setup was mostly straightforward, some specific configurations proved challenging and lacked intuitiveness. To address these, I consulted YouTube videos and Netgate's documentation.

I would rate the ease of the setup process a seven out of ten.

Installing pfSense took a full day.

I implemented pfSense myself.

pfSense has definitely paid off for me. It's become a rock-solid foundation for my network. Since the memory leak fixes, it's been incredibly stable and requires minimal maintenance.

While pfSense hardware from Netgate might have a higher upfront cost, I've had very little trouble with it. Plus, buying from them directly helps fund the software's development, making it a worthwhile investment in my eyes.

pfSense offers a reasonable total cost of ownership for me. Since I primarily use it at home, I don't need additional features or paid support. However, compared to commercial options like SonicWall, even support costs seem affordable. It's worth noting that advanced features like Suricato or Snort require additional subscriptions for business use, but overall, pfSense remains a cost-effective solution.

I would rate Netgate pfSense nine out of ten.

pfSense handles both my home lab, suitable for a small household, and our company's branch office with roughly 150 on-site users and 50 remote VPN connections. It also facilitates a site-to-site VPN connection between this branch and our main New York office.

pfSense is low-maintenance. While regular updates are important, I typically won't need to perform much additional maintenance beyond occasional logins to check the dashboard and install those updates.

pfSense is a stable and feature-rich firewall, but it lacks  Layer 7 application filtering, which means you can't easily block specific applications. While I haven't personally needed this feature, it's a known gap in pfSense's functionality.

I recommend pfSense overall to others.

We use pfSense internally to protect our management networks and provide VPN access to our internal staff. We also use it for customers needing a more sophisticated firewall than your home or small business WiFi router firewall package.

We deployed it at work when I got hired because we needed to replace the existing hardware solution. I've used pfSense for over 10 years, so I drew upon the experience from the experimentation I do in my home lab.

We're an ISP that provides managed services. We deploy pfSense as part of a larger solution, usually a contract for managed services. We provide their Internet circuit and a managed firewall so that they don't have to do that themselves. They pay part of the hardware cost—maybe 50%—upfront, and then the rest of it is applied against a contract, after which they will then own the hardware.

We use pfSense as a hybrid within our data centers, with some virtualized instances running pfSense community edition and some as Netgate hardware running pfSense Plus (the higher-end ones because we need a firewall that can handle 10 gigs of throughput). We've got multiple different models of the official hardware deployed for ourselves and some managed customers. They range from small businesses to a professional sports venue.

We use pfSense for work because I was already aware of its flexibility for our needs. The solution provides a great base level of network protection. PfSense is not a next-generation firewall, so it doesn't do in-line virus scanning or offer out-of-the-box IPS/IDS, but that can be covered by a manged antivirus suite and following good security practices. In terms of how secure pfSense is and how secure it keeps your network, it does that very well.

The biggest benefit of pfSense is its ease of setup, especially for VPN — both the end-user VPN and site-to-site VPN. It's easy to add features to pfSense via the package management system. We can just turn things on. They have made it much easier to deploy things like free radius, where we want to have enterprise authentication for WiFi. It's by far the most flexible firewall I have ever worked with. There are also packages for ACME for Let's Encypt SSL certificates, and HA proxy.

The pfSense Plus package has given us peace of mind, but we haven't had to open many trouble tickets with NetGate. Aside from the maintenance and support contract, the only feature we use from pfSense Plus is the wizard for building site-to-site VPNs from our locations to AWS VPCs. Building site-to-site IPSEC tunnels to AWS is a fairly complicated task, so having that wizard made it easier.

I would like a management console to manage and monitor multiple pfSense installs. We have several pfSense hardware devices installed and as far as I know, there is no single, unified pane of glass that I can use to manage all of them at once. That's the one thing I wish I had, just having a good single unified configuration interface for each install. 

I have used pfSense at my current company for at least four years now, but I've used it personally for over 10 years. 

I have to really dig deep to come up with any shortcomings. If you are using VLAN tagging, and making adjustments, restart the DHCP and DNS services manually, just in case.

As far as I know, there isn't a single console from which I can manage multiple installs. That is the only thing impacting their scalability. They max out at 10 gigabits per second, but anything above 10 gigs is such a niche market. To be honest, I doubt that's their target.

I rate Netgate support 10 out of 10. They turn around tickets quickly and their staff is fairly well educated. When I provide detailed information about the problem, they've been able to reply quickly with a solution or go research the problem and get back to us quickly with a fix. It's been pretty top-notch.

Positive

I've used OPNSense, a fork of the pfSense project, as well as Cisco ASA, PIX, Palo Alto, Ubiquiti's Unified Gateway, SonicWall, and FortiGate. Some bigger Ubiquiti firewall products are comparable to pfSense, and Cisco ASA has name recognition. SonicWall and FortiGate offer some enhanced features, like better threat management you get as part of a subscription, some block lists, and some more next-generation firewall features.

Overall, our chosen solution is pfSense, as it balances features and cost. It isn't the best at everything, but it's more than enough for almost everything you can throw at it, and it isn't ridiculously expensive like some solutions. It is massively flexible. Although it is missing some of the more esoteric features, you don't need those features 99% of the time. If you have the budget for it and need to do something more advanced than just the basic firewall, it remains the go-to solution we use every time. It's why I keep a couple in stock on the shelf so that I don't have to order them if we need one for an immediate customer install.

It's incredibly easy to deploy pfSense and takes no more than 30 minutes in a typical small office setup. A typical out-of-the-box setup for a small business can be running in five minutes flat. We usually have a two-person team with someone from our network engineering team responsible for the configuration and a field tech installing equipment on-site.

Regarding maintenance, you need to go back in occasionally and install the most current version of the software. We check for updates every couple of months, and that's it. That's it for maintenance. Once it's installed, we fire it and forget. It's there, and it works.

In-house

Priceless

I would say pfSense is competitively priced. It isn't the cheapest hardware, but I've never had a problem with it. It is far cheaper than big brand names like FortiGate and Cisco while delivering a feature set that's nearly the same across the entire list. The only places it falls short are esoteric features that almost nobody needs.

The support plan is reasonable. The pfSense Plus license with the warranty is either 400 or 800, depending on the level you want. For a commercial customer, that's more than reasonable and a lot cheaper than many solutions. We haven't had any sort of issues with the firewall hardware itself, so it's doing extraordinarily well on the total cost of ownership.

We did side by side comparisons of the feature sets and prices, and drew upon our experience with multiple vendors, including the equipment we had at the time.

I rate Netgate's pfSense 10 out of 10. I recommend turning on the built-in automatic configuration backup so that if you mess something up, you can easily restore the configuration from a backup and get it back up quickly. I also suggest downloading the community edition on a spare computer to play with and break because it's free. 

We use it for the backup line for the internet. When the internet is disconnected, we transfer to pfSense.

We only use it for the backup internet connection. It is effective. We have not had any problems.

We have not had any problems with it, and we also do not have a need for any new features. If anything, its reporting can be better. Sophos has better reporting than pfSense. Sophos has more detailed information. pfSense is not as detailed. It is summarized.

I have been using pfSense for six months.

It is stable. I would rate it an eight out of ten for stability.

It is scalable. I would rate it a seven out of ten for scalability.

I have not used their support.

The installation of pfSense is very easy. It took two to three hours.

It is easy to maintain. We did not have to do any maintenance of pfSense since we installed it.

It is free. It is open source.

We have not used the VPN capabilities of pfSense. We also did not have a need to integrate pfSense with any service.

I would rate pfSense a nine out of ten.

I am using it for personal use.

It is quite easy to manage firewall rules and policies in pfSense. It is not the most user-friendly, but it gets us there. We have to be sure of all the things that we are activating, but it is easy. It is alright.

Open source and support are valuable. I have community support.

Its performance is good. It is reliable. I would rate it a solid nine out of ten for performance.

There are several levels of firewall configuration such as beginner, advanced, and expert configurations. At each level, it becomes more complex and more tricky to set up the firewall. For example, if you want to install the firewall on your computer system, it would be a lot easier if it just tells you that this is the internet NIC and this is the Wi-Fi NIC. 

It would also be interesting if we could add an interface for DNS versions. It will be a multisystem to make all the blocks of the DNS. I know that firewalls are different from DNS, but if we could take advantage of everything in a single system, that would be lovely.

I have been using pfSense for half a year.

It is stable. I would rate it a nine out of ten in terms of stability.

I believe it is scalable. If I need more computers with more NICs, it is scalable, but it is not something related to pfSense. 

The support that I have is community support. 

Neutral

I also use WatchGuard Firebox. It is different from pfSense. I have Firebox on a rack mount server on a cabinet, whereas pfSense is on my computer, so it is quite different because I can use any kind of hardware to implement the firewall.

Firebox can make an open-source version, but that is not the target of the company. pfSense is doing a great job because they have covered both situations. They have an open-source version with community support, and if we purchase the license for hardware, we can also get support from their side. In the long run, pfSense has more advantages.

If I go to a company and they ask me to implement something, I would most definitely go with pfSense. Its price is lower. I have a great knowledge of pfSense. I can very easily find support in the community, and if the company buys a license, I can get support directly from pfSense. I believe it is a win-win for pfSense and for the customers.

I am implementing it in two phases. In the first phase, it was implemented directly on hardware on an old computer with five NICs, and everything went smoothly. The second stage is virtualizing this machine into a Proxmox server, which is a bit more tricky. It is quite difficult to make it work on the NIC hardware system.

The first phase is very easy. It is almost plug-and-play. We just have to install it and activate the NICs. Everything will go smoothly. The second phase is not easy because I have to make double configurations on Proxmox and on pfSense. I would rate it an eight out of ten in terms of the ease of setup.

In terms of our environment, I have one computer connected directly to the Internet's router, and then all the information is passed through and managed, so I can filter everything by MAC address in my network. I have it on one computer, but my whole network is using it.

I use the free version.

I would recommend it. For personal use, it is a great way to start. For companies, it is a great add-on. Companies can get support by buying the license.

I would rate pfSense a ten out of ten.