I usually use it on premises, and I use it for different purposes. I use it for network security for my infrastructure, and I use it for my web servers and data servers that are on-premises.

My main use cases for Netgate pfSense are proxy servers and IDS/IPS, blocking ads, clearing the network for adware and malware, and monitoring the network flow. 

As an open-source solution, Netgate pfSense is highly flexible because a person with kernel-level or code-level experience can control the firewall as per their requirements, and there are multiple packages and tools readily available to integrate with Netgate pfSense. In the IT industry, most of the tools can be integrated with pfSense.

Adding packages to Netgate pfSense is very easy. I just need to search for the required package and then install and configure it.

Netgate pfSense has a very intuitive dashboard. The information is readily available on the dashboard.

Netgate pfSense has routing facilities that help minimize downtime while having multiple internet connections. If one bandwidth goes down, it automatically diverts to the other. 

Netgate pfSense helps prevent data loss by monitoring data transactions and network protocols, allowing us to block certain amounts of data and implement policies to reduce malware and firewall threats. 

From my perspective, the best feature of Netgate pfSense is the load balancer, as I usually take multiple internet connections. I can use both internet providers' bandwidth as a single network bandwidth, which helps in a very smooth network traffic flow. Netgate pfSense has a very interactive and intuitive dashboard that provides all the major and informative information that is readily available.

Netgate pfSense has positively impacted my organization because when we look at other firewalls or alternatives, they are costly. 

For my requirements and use cases, it is sufficient for me, and I have never faced a need for additional features. AI would always be a plus point, and if pfSense could change its framework from FreeBSD and PHP to a different language and Linux OS, that could enhance security.

I have been providing services for network solutions and network security, and I have been using Netgate pfSense for almost four to five years.

Netgate pfSense is definitely stable; I've multiple sites using it, and they are live right now. I've at least 20 sites operational.

It is a scalable product. I would rate its scalability a seven out of ten.

I have never used the services of Netgate, but I can rate the product itself as a 10 out of 10 because it has been very helpful to me.

Neutral

I have previously used Fortinet and Sophos. The major reason I switched from Fortinet and Sophos to Netgate pfSense was to mitigate the financial aspect, as those alternatives were costing us lakhs.

Deploying Netgate pfSense is very easy because I used to deploy it on my personal hardware. Whatever spare hardware I have, I install it directly on that. Installing and configuring it is very easy for me.

I deploy Netgate pfSense for various companies. There are many startups in India that require a cost-effective solution that allows them to use their hardware and provide basic security. 

Deploying infrastructure for a new company takes me approximately one day, unless there are separate requirements to configure, such as creating usernames and passwords for each user, which may take two to three days.

I do everything in-house by myself. I am the only person involved in the deployment.

I have seen a return on investment with cost savings after implementing Netgate pfSense, as other firewalls would cost me lakhs of rupees while pfSense is free.

Everything we need is covered in the free version of the open-source pfSense. I have never used the licensed version or required certified partner help to implement or deploy anything.

If we are not purchasing any support or incurring any Netgate costs, the total cost of ownership for Netgate pfSense is zero, as it is freely available to download and install, requiring only hardware for deployment.

The cost of other firewalls goes to thousands and lakhs of rupees compared to pfSense, which costs zero. If we opt for Fortinet, it costs about one lakh thirty thousand Indian rupees for the firewall, and then it costs up to almost fifteen to twenty thousand annually for the user subscription. With Netgate pfSense, all those things get covered at zero cost.

I did not evaluate any other options aside from Netgate pfSense because it was the only solution I could find that effectively met my needs. It works for our use cases.

In terms of data-driven decisions, there is a package that can help me understand each and every packet and time. I have not gone through that avenue yet, but it allows us to get all the data for data-driven decisions.

There is a paid feature to increase performance, but there are multiple tweaks available in the advanced settings that can help increase bandwidth or usability based on requirements.

I have not used pfSense Plus on Amazon EC2 VMs because there was no requirement. 

I would rate Netgate pfSense a ten out of ten.

We have been building local firewall systems since 2008. 

The main use cases for Netgate pfSense are its exceptional stability and reputation as a premier network operating system worldwide. Millions of people are using it, and we have rolled out a new hotspot system that works from the cloud. The service is running under the pfSense portal.

Netgate pfSense impacts our organization positively because it's open source and has a free edition, which helps us significantly in building our own systems for our customers. It helps in building a new firewall system for the Turkish market. It helps us substantially.

Netgate pfSense's best features are that it's open source and flexible. We have implemented IPsec VPNs, site-to-site VPNs, and client-to-site VPNs. 

We appreciate the flexibility of the Netgate pfSense solution, but we have waited approximately two years for new updates to the Community Edition. We are now moving to OPNsense.

I appreciate Netgate pfSense because we have been using it for approximately 18 years, which is a considerable amount of time. We are waiting for pfSense to integrate AdGuard, Pi-hole, or Zenarmor directly into the pfSense kernel. When I install packages, such as Snort or OpenVPN client export tool, I need to install AdGuard or Zenarmor because it's very challenging to ban TikTok, YouTube, or social media for our customers. In the early days, we managed this using SquidGuard, but since the blacklist has changed, we are struggling. There are many other blacklists I have tried, but I couldn't make them work. It has to be much easier for engineers to implement this. It's easy to integrate AdGuard into OPNsense; it becomes a function under the firewall. You can easily switch blacklists on and off, and create custom blacklists to block all social media with a toggle. We would appreciate such facilities in pfSense as otherwise, we have to manually enter all the websites, DNS resolver, and DNS overrides. Writing numerous rules on the LAN side during installation takes considerable time.

We have been using Netgate pfSense since 2008.

Netgate pfSense is a stable solution for me.

It's a scalable solution. Two months ago, I purchased a brand new server edition, a Lenovo ThinkSystem server with 128 GB RAM. I installed this pfSense server in a data center, and it's working fine. Many people connect via VPN; three or four sites are connecting site-to-site, and we also established another IPsec connection to one of the biggest ISPs in Turkey. It's working great now.

We have never asked for technical support from Netgate. We rely on the resources on the web for information.

Neutral

Two months ago, we switched to OPNsense, and we are now studying OPNsense. We made a strong decision to switch to OPNsense because of the large solutions. There are many facilities, such as AdGuard and Zenarmor, which can be easily installed under OPNsense. We are studying OPNsense, and we will likely switch to OPNsense in 2025 because we are still waiting for a stable version of pfSense. 2.7.2 is very old, and we have switched to the 2.8 beta version, but we are still making our tests now.

Since we have been using pfSense for almost 18 years, we have learned extensively about Netgate pfSense. We have worked extensively and watched many educational videos from the United States, and we have made ourselves ready for pfSense. If one understands the system, it's easy to handle, but without knowledge, it's very challenging for everybody. Many people try to work with pfSense in Turkey with the free edition, the Community Edition, but they couldn't succeed because it's a complex system. It's a vast ocean, and understanding every protocol is necessary. Basically, all firewall systems are the same. Brands such as Cisco, FortiGate, and Sophos sell well in Turkey, and we are competing with these companies. Our target market is the small market, not the big companies or holdings, especially in the hospitality sector, where we deal with hotels and motels.

We would appreciate seeing facilities similar to OPNsense for Community Edition. In Turkey, people generally don't want to pay for yearly subscriptions to firewall systems. We barely recouped our investment for our Safe Hotspot system in Turkey. Competing with other brands such as Sophos, FortiGate, and Cisco is challenging. These brands also require annual payments, and due to Turkey's economic conditions, everyone is eliminating such costs. We have produced our hardware for pfSense, but it was not Netgate; it was only pfSense in the early days. We made our own rack mount 5 or 8 port firewall systems in Turkey and sold many.

The initial setup of Netgate pfSense is not complex; it's very easy. I can even have one of our resellers burn a pfSense USB stick and install pfSense without knowing anything about it. 

Because the Community edition is free, we only charge for our services to the customers. In Turkey, we cannot demand normal pricing; if we were in Europe or the United States, we might collect more money from customers. The conditions in Turkey are very challenging, and collecting payment is difficult. We often charge half or one-third of the price compared to Europe.

We would like to buy Netgate hardware, but when I checked its price in Europe, it seemed expensive.

I would rate Netgate pfSense a 10 out of 10.

Most of my clients want to use it as a firewall. There are two things that they're looking for. Number one is bandwidth management so that if there are multiple links, they can share bandwidth for their staff. The other important aspect that has come up recently is for IDS and IPS.

Currently, for me, the most valuable feature is the implementation of pfBlockerNG. The community behind pfSense is really strong. 

In terms of the features, the simplicity of the installation is a significant advantage. Out of the box, I am ready to start using pfSense after installation, which is very important. It allows minimal downtime before integration, enabling use even on a weekday without users knowing there's a new firewall in place. 

The key thing I found is saving on the cost of equipment. Whether CapEx or OpEx, we appreciate this.

The user interface needs improvement. Even though it's a system that's easy to get working upon installation, the configurations are not intuitive. The interface needs to be friendlier. That's the only complaint I have about pfSense.

I have been using pfSense since 2008.

One issue is due to bugs and broken links.

I have not had the chance to experience Netgate technical support, because most of the time I have been able to sort out the issues with forums.

Positive

Before Netgate, I used a lot of MikroTik. In comparison, pfSense is more robust in terms of the feature set. The open form of the GPL system makes it better than MikroTik.

The steps to implement involve aligning with the key aspects I am going to implement, knowing what they already have running, and what needs to be mirrored and improved. I usually have it pre-installed, tested, and then deployed.

I have a team. There are around three of us, and we do this together.

I would recommend it a lot because it's a proper firewall, and there are no issues apart from the interface and broken links. It's very easy to recommend pfSense without even going through the POC stage. For me, pfSense is a ten out of ten.

I use pfSense for my home network firewall.

I've installed pfSense on nearly every environment type, including Virtual Manager and most virtual machine hypervisors like Microsoft Hyper-V, ESXi, and even older versions like VM Player. Currently, it's running as a VM in Virtual Machine Manager on my NAS, showcasing its flexibility.

pfSense is a highly flexible product with a rich feature set. While designed with a graphical user interface in mind, it also offers command-line access for greater control. This versatility allows users to tailor the product to their specific needs.

Adding packages to pfSense is straightforward; navigate to the package manager and click "add." However, incorporating hardware, such as a dongle, is slightly more complex.

I saw the benefits of pfSense immediately. Going from a SOHO router to a pfSense one is night and day. pfSense is an enterprise-grade product that is easy to use and has a simple GUI.

The dashboard is very handy. I use mine almost daily. I can put up the widgets I want to see or remove widgets I don't want to see. It has pertinent information about my services running, any VPN connections I have, and clients connected. It's a nice dashboard.

The failover functionality for connectivity helps minimize downtime. It has also been simplified recently with some excellent added features. If I lose or corrupt my image, I can easily reinstall the operating system and restore my configuration. I'm pleased with these features of pfSense.

pfSense is a straightforward, feature-rich firewall. I am a big fan.

One area where Netgate could improve is communication with its user base. While they make an effort, much of their user base isn't composed of enterprise-level engineers who regularly read release notes and stay abreast of feature changes. A few years ago, they held a commendable meeting with forum moderators to discuss upcoming changes, which was appreciated. However, they could enhance their communication further by providing more precise information about changes and release timelines for new features.

I have been using Netgate pfSense for 13 years.

I have not contacted technical support for any technical issues. I did contact them for a replacement box, and their support was fantastic. I received the replacement box within a couple of days. I do contact their TAC when they release a new version. That process is changing with their new Netgate, the store, and everything. Previously, if we had a Netgate appliance and wanted a new image to install natively, we had to contact TAC with a ticket. The turnaround time was always excellent, just a couple of minutes. They would provide a link where we could download the image. I've been surprised by how fast they respond sometimes. Even when they're in the middle of deploying a new version, I've reached out and received a download link within five minutes. So they're usually on the spot.

Positive

Over the years, I've played with quite a few different firewalls, but I always go back to pfSense. It's a leader in its field, with its direct competition being OPNsense. There was a feud when they forked off. pfSense is the leader in that sense.

Installing pfSense should be relatively straightforward, even for a network engineer unfamiliar with the product. The process is user-friendly and guided, similar to installing an operating system like Windows. With a basic understanding of networking concepts, setting up pfSense can be accomplished within minutes. The main challenge arises when users need more fundamental networking knowledge, such as understanding IP addresses or the difference between DHCP and static configurations. For someone with networking experience, however, the installation process is quick and straightforward.

The pricing is reasonable. It costs money to run a product. It used to be completely free, and I think that's where many people became a bit disappointed when the pricing model was introduced, but I think it's a pretty fair price point. Some users don't understand that they can't offer everything for free. The development work involved costs money.

The inclusion of firewall, VPN, and router functionalities significantly reduces the total cost of ownership. In my previous role, we utilized pfSense in some locations due to its superior cost-effectiveness compared to other enterprise solutions. For smaller companies or those aiming to reduce expenses, it's a highly affordable option, and even their hardware is reasonably priced.

I rate Netgate pfSense ten out of ten.

We use the Netgate pfSense firewalls for each location in the same metropolitan area.

We implemented Netgate pfSense at the most basic level, aiming for a reliable firewall solution without incurring the high costs associated with Cisco products.

Netgate pfSense is a flexible firewall solution. It supports OpenVPN and IPsec, providing various options for establishing secure connections. Additionally, it offers features for monitoring user browsing behavior, enabling administrators to implement restrictions if desired. Overall, pfSense is a versatile platform that can be adapted to meet the needs of different network environments.

Adding new features to pfSense is quick. We select the feature we want and click install.

One feature that pfSense had, which my Cisco PIX firewall lacked, was built-in failover. With the Cisco PIX, if I wanted to implement failover, for instance, if one internet connection went down and I had a backup, I had to purchase additional hardware and a whole other firewall. However, with pfSense, failover configured two ports on the existing box to switch between them if one connection failed.

The security of pfSense is excellent. It effectively prevents unauthorized access.  To date, we haven't experienced any security breaches.

pfSense Plus provides a cold spare that helps minimize downtime. In the event of a failure, the other firewall can be activated while the broken one is restored and configured.

We saw the value of pfSense within a few days. Some of it was instant, but other things took time. When we first implemented it, we saw some value, and a few days later, it kept impressing me with more. A week went by, and I still saw more value.

With a firewall, VPN, and other router functionalities, pfSense offers an excellent total cost of ownership. It's a one-time purchase with no hidden fees, making it significantly more affordable than Cisco products, which require additional licensing, subscriptions, support, and per-feature purchases. While pfSense necessitates some time investment to learn and configure, this is comparable to the effort needed for any enterprise-grade solution, including Cisco, which also incurs substantial licensing costs. Overall, pfSense's upfront cost and user's time represent its total cost of ownership. 

Netgate pfSense is 100 percent flexible and configurable. We can do anything with it. We have not run into any scenario where it didn't work.

The overall documentation has room for improvement. Currently, we need to search forums for answers, as the official documentation by Netgate is not very helpful. The community support is excellent, and there should be a feedback loop to incorporate missing information from the community forums into the official documentation.

I have been using Netgate pfSense for four years.

I would rate the stability of pfSense ten out of ten.

The scalability of pfSense fits our company requirements.

Based on both my partner's and my experience with technical support, it is excellent.

The user community support is fantastic. It's a large and engaged community where members show genuine interest in one another's questions.

Positive

I switched from Cisco Firewalls to pfSense Firewalls. I had a Cisco PIX, but they started implementing a subscription model where we had to pay for individual features. It was like, if we wanted this feature, it's a dollar. And if we wanted that feature, it's another dollar. I decided I was done with that approach and wanted something different. I like that with Netgate, what we buy is what we get. It's not a subscription model. We can get a support subscription, which is perfectly natural to me, but we don't have to buy or pay extra for every feature. We get what you get.

It was a gradual learning experience, beginning with our initial purchase and installation of a pfSense firewall. Its features impressed us, so we decided to replace another firewall with pfSense to enable failover capabilities. This success led to a broader implementation across our network. It wasn't a planned, calculated rollout; rather, it evolved organically as we replaced outdated firewalls and discovered the benefits of pfSense, particularly its ability to work in tandem with other pfSense devices for enhanced functionality.

The initial deployment takes a couple of hours and can be done by one person.

Netgate pfSense offers good value for its price. I prioritize getting the most out of my money, so I choose pfSense. I don't always seek the cheapest or most expensive option but rather the best value for my investment. With pfSense, I get the most product for every dollar spent.

I would rate Netgate pfSense ten out of ten.

I am one of two IT people in the organization, and we are the only two who can access the pfSense firewalls. We have what will soon be four metropolitan locations that use pfSense.

Other than updating pfSense, no other maintenance is required.

I recommend pfSense to others. It's an awesome product that fits everything we've ever needed, and they don't overcharge for every little license feature.

We use Netgate pfSense as a firewall solution for small and medium-sized businesses.

Netgate pfSense offers firewall protection, VPN access, and a range of monitoring tools.

Adding features to pfSense is easy to do through the wizard.

Netgate pfSense is well documented, and the interface is easy to use when we consult the documentation.

Netgate pfSense was recommended, so the benefits were immediate.

It provides a single wizard. Some third-party tools out there allow us to manage remotely. It also helps us optimize performance by enabling us to turn features on and off.

With the inclusion of firewall, VPN, and router functionality, we love pfSense's total cost of ownership. 

The most valuable features are the alerting and local monitoring.

We are a security shop. It would be very useful if we could place pfSense appliances in customer environments and remotely manage them.

I have been using Netgate pfSense for four years.

Netgate pfSense is relatively stable. It has been running for four years now without any issues.

The scalability is limited without upgrading the appliance.

The technical support offers great quality and good response times.

Positive

The initial deployment is not a plug-and-play out of the box. It takes a little bit more than that. For us, it takes ten to 20 minutes for one person to deploy one pfSense firewall.

Netgate pfSense has a great pricing model.

I would rate Netgate pfSense ten out of ten.

Maintenance is required for software updates.

I was looking to improve my security posture. Bottom line, I just wanted really high-quality cybersecurity. When I look at appliances for cybersecurity, they can get up to almost seven figures for some businesses. So, this was a good compromise for me.

It optimizes performance right away. That is apparent to your everyday user. It makes the whole system work better and more efficiently. When there is an intrusion or an attack, it's very easy to eradicate the issue. 

Before having the cybersecurity mechanisms I have now, even with VPNs from the App Store, I faced issues like hijacks that became multi-day issues where I had to perpetually get into some type of power struggle through remote based issues from another cyber threat. For example, in October 2022 or 2023, I sat down at my computer to move files from a cloud-based drive to an external hard drive. I opened the cloud drive, and all the files had been corrupted/damaged intentionally. Someone specifically corrupted the entire iCloud Drive. I called tech support, and the next day, there was an iOS update. Since I implemented the security appliance, I haven’t had this issue. 

It means there's a better level of security in terms of what you can build into your system than is available through downloadable software.

pfSense helps prevent data loss:

I haven't had one issue of data loss since implementing it. Previously, I had to file reports with the FBI and CIA because the intrusions were so serious. These documents had criminal penalties associated with tampering. I haven't had one of those instances since using pfSense. Netgate and pfSense are good go-tos, even for the government. They often use Netgate as their server, and the military uses it too. The fact that the American military and foreign militaries use Netgate was a big selling point for me. It's good quality for what you pay.

It's a really great entry-level way to see how much, and it's scalable, too. When you talk about flexibility, the important thing to know is that the appliance and the software are scalable, too. I can start at the entry-level point, or I can build in and scale it up to enterprise-quality software, too.

pfSense Plus:

I use pfSense Plus. I use VoIP through the router. 

It minimizes downtime in terms of having to debug and things of that nature. When there's an intrusion, it doesn't turn into a multi-day issue. It took me about ten minutes to eradicate one aggressive intrusion. Simple maneuvers resolved it quickly, avoiding days on the phone with tech support. 

There was an instance where my firewall software—I don't know what happened exactly—but I did have to call tech support. Something happened where my firewall needed to be completely reconfigured.

So, are the entry-level ones invincible? No. But do they save you tons of effort in terms of preventing a lot of problems that could get worse? Yes. It's like a preventative measure to cancer before it spreads. It helps you catch things quicker before they spread and become something bigger.

The visibility that pfSense Plus provides helps us optimize performance. I feel more comfortable exchanging information and having personal conversations. It makes me more comfortable, more confident that what I'm doing is not... Some people I even work with are just not comfortable to talk openly. Some people are very email-retentive, like, "Do not click that hyperlink on this computer system. Don't do this or that." So it's understandable with some people.

It absolutely optimizes my entire computer system. In fact, I'm opening a brick-and-mortar storefront, and I'm going to use pfSense. Actually, I'm going to step it up to the TNSR software, but I use the Netgate routers because it optimizes performance. I feel comfortable to have a small to medium-sized office operating off this stackable network I'm creating. It's still a prototype, but I can have six screens, and that's really all I need. I can probably get six screens or five screens and a hardwired payment processing system at most if I need it.

Plus on Amazon EC2 VMs:

I haven't tried it recently. I did in the past, but I didn't have it configured correctly, so I can't truthfully comment on it. It was more complicated than I could set up. Like I have to pay for that. I can download the AWS EC2 application, launch the instance from a cellular device, and intermesh the cellular device into the router. That's also extremely valuable if I want to have a coworking situation where everyone's on my network a certain way, so when I do exchange information, it's highly confidential.

I get a mesh VPN network. I can have an enterprise-grade VPN for the business without spending too much. That's important for some people. 

For me, I liked the pfBlocker, which is pfSense's firewall. I get a couple of different options with the firewall. I can use AWS as your provider to pass data through AWS's workstations to the router. There are a ton of important features. 

I can build an instance, have it move through the router, and then be just cellular. There are so many great features. 

I haven't even completely finished configuring it, and it's an ongoing process. There are always new, innovative, great things I learn. It's like a little gadget with a lot of great features. It's hard for me to decide what I like best and don't like.

It's pretty easy to customize. Once anyone gets past the technical jargon, it's highly flexible.

I would like to see a subscription-based tech support option as opposed to this flat yearly rate. I'd like to see more of a monthly tech support feature. I think that would be helpful for a different type of consumer. So, there could be more room for Netgate to expand. To me, it would have been nice to have a little bit more tech support at first. 

But since I'm becoming so satisfied with this system I'm developing, I'm gonna step up anyway into the TNSR software. And when I do that, I get unlimited tech support.

So, it's kind of like this: if I don't want to pay for tech support, I teach myself and learn how the device works. And that's what I've basically done to this point. It's pretty plug-and-play  but some of it is, like, if you don't configure it correctly, it just doesn't work.

I had a couple of instances where I was setting it up, and I set it up a certain way twice where I just didn't configure it in a way that it worked. I put so many security features in that I had locked myself out from even being able to log in. 

So, it would be better to make tech support more accessible because they're really good at what they do, like behind the scenes. They know how to configure things through the terminal differently than I was.

System Reports:

Reports would be good, like system reports and functionality. Dumbing it down a bit more would help, too. We do have a Setup Wizard , but it is even less complicated in terms of setting it up because the user guide is 2,000 pages long.

So, the manual itself is, like, 2,000 pages for this device. If Netgate could make it a little bit less complicated for users. But, part of this appliance goes to IT departments anyway. So, they're more adept at setting it up than your average consumer. So that's generally who buys these things and sets them up. It's like your IT community usually gets involved with these because they understand that when you buy a computer, and you just start logging into the Internet, you've created a sort of dangerous atmosphere that not everybody understands by not making it safer. Everybody understands that when you log in if you don't even play with the settings on your computer. You're basically just setting yourself up to put your data out there like it's some type of free-for-all.

I bought my first router from pfSense in early 2023. It was pfSense's entry-level appliance, around January last year. I was so impressed with it that I stepped up to the 8200 level, which is one step beneath a TNSR-grade server. pfSense has two models of appliances that are higher than the one I have before I get into more elaborate appliances with different companies. 

I've stayed with this one for a year and a half now. I still have the original, which is nice. I bought it to use for a prototype concept that was built in. It worked, so I stepped it up.

I don't really know how to compare it to anything more elaborate. For my purposes, it's been a ten out of ten in terms of what I was expecting.

Scalability was definitely what I was looking for, so I would give it a ten out of ten for my business needs. It's perfect right now. 

If I can't get that level of security or sense of security, I can always stack the units more cost-effectively than going with something like Fortinet or Cisco. 

I'd almost rather stack the appliances at this price point than get into a $7,000 to $ 10,000 appliance. I get a lot of security just by stacking them, too. So, I'd rate it as highly scalable. I'd give it a ten.

The customer service and support are excellent, especially when they're supposed to charge you and they don't. When my entry-level router was fried and needed to be rebuilt, they did it from scratch, they made it seem easier than I would have ever been able to do. 

I had to download software onto a USB drive, insert the USB drive into the router, and then rebuild it from scratch because, for whatever reason, it was completely trashed.

So, I get tech support, and I pay for it. Unless I get the enterprise software, which includes unlimited tech support. Initially, I called tech support for help, and they were always willing to assist but reminded me of the limitations because I hadn't bought the support packages. Their tech support is excellent, 24-hour, and multinational.

Positive

I used some other DNS-quality firewalls, but they were cloud-based.  Like cloud-based DNS providers, but not an appliance base. That's why I bought Netgate pfSense bottom-line product to test out a prototype concept. I was satisfied with it, so I set it up to be highly competitive against everything virtually, except maybe a really high-end computer lab that could cause some type of intrusion.

Buying it, brainstorming, and waiting for it, as they build each one for you, which takes about two weeks. 

I wanted it partially because it's not one of these fantastically elaborate routers that you would just want to be completely encapsulated and protected a certain way. This is the kind of router that I wanted to be able to bring around with me, too, because I created a mobile stackable cellular network with it.

I have it attached to an entry-level desktop that was not custom-made or custom-built but premanufactured. But it worked well. I wanted more processing speed than I have now. I just didn't have time to step up my processor. But, unfortunately, with the system I'm on now, you can't switch them. So it's fine. It's a grade lower than what I wanted, but it's fine.

Creating a Portable Network:

But what is good about this is that it does work for what I was trying to do, making it mobile, stackable, and cellular. I can put a laptop. I can get a laptop as long as it has, like, a hard drive, and I can download the SI Labs, the Silicon Labs software onto the laptop. Then, I can connect the router to the cellular, like a cellular modem, which is what I have. I have one of these Netgear Nighthawk mobile cellular so it's like a cellular modem. So, I put in a SIM card with unlimited data. I connect the the Netgate router to the cellular modem, and now I connect the computer to the router. And if it's a laptop, I can connect all of this to, like, a portable network, and now you have a portable network. So I have, like, a portable point server if I want for significantly less.

Security Considerations:

You're not gonna get that level of cybersecurity on a mobile device unless you configure it that way. I mean, you could. You'd have to be getting into, like, your your, like those kinds of vans that you see on movies where they have, like, like, those vans where they're doing, like surveillance and intelligence work.  Netgate pfSense is pretty excellent quality if you wanna sit at a cafe and feel comfortable doing business and things, not being on their Wi-Fi.

Future Deployment Plans:

Right now, I'm getting ready to put enterprise-grade software on my devices exclusively; that's what I'm going to do until I get the business off the ground. 

The real deployment will be once I'm transacting service-related business against the appliance. I'm going to open a healthcare practice in Europe. I have a business in the United States that I structured to be a multinational business. I'm going to take this network and put it into a 30 to 60-square-meter office space.

I'll probably have about ten employees, but none of it will be for their personal devices. The purpose of the network will be to offer a secure Wi-Fi network to my patrons and to set up payment processing and other business-related tasks. It's going to be a small scale, with maybe six computer screens tops.

I have seen ROI, it saved me time by preventing frustration and loss of content, data, and time. The confidence it provides also pays for itself. 

I used to deal with intrusions weekly, spending anywhere from an hour to several hours each time. Now, it's less tedious and frustrating to optimize and eradicate threats and intrusions. 

It’s like a high-maintenance car that needs fine-tuning but ultimately runs smoothly.

It's highly cost-effective for both the average consumer and business users. It's highly competitive, which is why so many people use it. It's extremely down-to-earth compared to Fortinet or Cisco, Netgate doesn't reach that financial tier but is extremely competitive and extremely cost-efficient. They offer superb levels of service for what we pay. 

Currently, my setup is for a small to medium office. My first one was more for a home-based office—you could have a printer, computer, some gaming systems, TV. I would do a personal office with my first one, and this next one for a small to medium-sized office business for myself and others. I feel comfortable with that.

And they're also stackable, so I can scale it that way. It's highly scalable. It's really something worth playing with. And they offer a return policy, which is fair too, for the security appliance too.

The total cost of ownership of Netgate pfSense:

It's basically a one-off deal, which is good. You might consider building in installment payment options on the Netgate website, possibly with services like Afterpay or Klarna. This could appeal to noncommittal consumers. Personally, I would just pay cash upfront for my clients.

I'm clearly recommending it to others. It's scalable, cost-effective, practical, and down-to-earth. It's enterprise quality. It has a reputation that even the military endorses openly. When you buy something described as indestructible, and even the military uses it for their security, it says a lot. The government also uses it, testing prototypes and various things of that nature with it. 

If someone looks at the website, they'll see a large naval ship where cadets are operating off that prototype, testing if they could use the step-up with the pfSense software. They were using a higher-grade appliance with pfSense software to see if it was feasible. This shows that it's practical because the price point is unbeatable for that level of quality.

The solution for me is a ten. It's still a prototype, but I'm confident I can meet the needs of a medium-sized office with ten to twenty employees. However, scaling it up for something like an Airbnb with a high level of traffic is uncertain. It's not like a navy ship with a hundred military personnel. For my needs, it's perfect. 

It's a solution for my personal needs, and I feel confident about it. Looking into the future, scalability-wise, I think it meets my needs. But when you get to a different level of e-commerce, I'd be interested to hear their perspectives too.

We currently use pfSense firewalls at our branch offices and central server locations. I have implemented TAC enterprise support on three of these firewalls, with the installation of the third scheduled for this weekend. Our network infrastructure relies on VPN tunnels between sites, and I have successfully deployed an always-on OpenVPN solution that significantly outperforms our previous SonicWall VPN system.

Installing packages on pfSense is straightforward, although the quality of package documentation varies. While I understand this isn't Netgate's responsibility, the installation and configuration process for these packages is remarkably user-friendly, relying almost entirely on the GUI. In my experience, I've rarely needed to resort to the command line, but I'm certainly not averse to it when necessary.

I immediately recognized the advantages of pfSense. Its ability to support custom hardware installations allows me to tailor solutions to the specific needs of each branch location. While I've had excellent results with Netgate's pre-built hardware, the option to construct higher-specification systems myself, all while maintaining support, is incredibly valuable. The difference compared to our outdated SonicWall is night and day. I previously built a pfSense firewall on a Dell server for a business handling high traffic volumes, and its performance was exceptional.

pfSense helps me prevent data loss by utilizing firewall aliases and other DNS-based filtration methods to block access to shadow IT and third-party cloud data transfer sites, providing some control over data movement.

While pfSense doesn't offer a centralized overview of multiple firewalls, it provides extensive customization options for each firewall's homepage. This allows for detailed monitoring of VPN tunnels, interfaces, and other components. I appreciate the ability to add, remove, and customize widgets on the homepage for tailored information display.

Helps minimize downtime. I have set up the high availability with one location, which works flawlessly.

Provides visibility that enables us to make data-driven decisions about network capacity, including throughput and the ability to handle traffic.

pfSense has significantly improved our performance by optimizing our always-on VPN. The recent release of the OpenVPN data channel offload feature, which was quickly adopted and supported by Netgate pfSense, has revolutionized our Windows laptop VPN solution. This new feature is nearly ten times faster than the previous OpenVPN without data channel offload, and its thorough documentation encouraged us to implement our always-on VPN ahead of schedule.

pfSense's greatest strength lies in its customizable package installation, detailed logging capabilities, and ability to manage log history, including sending it to Vault Logs via Syslog. OpenVPN support is exceptional. When I inquired about setting up an always-on VPN, the engineer swiftly and fully understood my needs and provided expert guidance. Netgate support's in-depth knowledge of included features is truly impressive.

I would like clear guidance on supported network interface cards, including detailed performance metrics for various models. While I understand the focus on selling appliances, more comprehensive documentation for those building their own systems would be beneficial. Specific throughput numbers and other statistics for Intel, Broadcom, Mellanox, and other cards are needed. Additionally, reinstating the ability to visualize long-term RRD data through built-in graphs would be valuable, as the current live traffic display offers limited insights.

I have been using Netgate pfSense for ten years.

I have not experienced any crashes in the production systems. The only crashes I've encountered have been while running unstable development builds, which is expected. However, excluding power outages, pfSense itself has been one hundred percent reliable in my experience.

If you invest in hardware capable of handling increased bandwidth, performance remains unaffected. We haven't observed any spikes in CPU utilization or memory usage. Even with a jump from a 50 megabit to a 500 megabit internet connection and approximately 65 active VPN clients, our firewall operates smoothly without any strain. Our small businesses handle the load effortlessly.

I have exceptionally high praise for the Netgate technical support team. In the three or four times I've called support, I've always reached an engineer within 20 minutes, which was the longest wait time. Every time, they've quickly addressed the issue once verifying firewall support. Their knowledge and willingness to assist are impressive.

Positive

I have experience with FortiGate, Dell, SonicWall, Cisco, and numerous consumer-level firewalls. While I am not the most seasoned network engineer, I have worked in the field for a considerable time, encountering a variety of solutions. Among these, pfSense stands out as exceptionally customizable and intuitive. Given the inherent complexity of networking, pfSense has made the subject as accessible as possible.

Deploying a pfSense box is straightforward when I'm physically present. Remotely guiding someone unfamiliar with operating system deployment presents more challenges. However, on-site deployment is remarkably easy, even simpler than installing a Linux server. 

Deploying a Netgate pfSense appliance is straightforward, even for network engineers without experience with the platform. The setup wizard is intuitive, requiring minimal networking knowledge. Subsequently, the configuration interface is user-friendly, allowing those with moderate networking experience to navigate and manage settings efficiently. Building a custom solution would depend on hardware expertise and operating system deployment skills, but utilizing Netgate appliances is notably easier.

The Netgate appliance I recently purchased took less than an hour to install, with most of that time spent gathering necessary information from the internet provider.

pfSense pricing is reasonable. Whether purchasing appliances or support, I hope they're charging enough to sustain their exceptional support services. Whether you opt for a bundled appliance and support or standalone support for a custom-built device, the pricing remains impressively fair.

When considering the total cost of ownership, pfSense is a compelling choice for a solution that incorporates firewall, VPN, and router functionality. Initially, I explored purchasing the OpenVPN access server, which would have required a virtual machine due to the lack of a dedicated physical server. However, integrating the VPN endpoint into the firewall aligns better with our design goals. It eliminates the need for a separate VPN appliance, resulting in significant cost savings and improved performance. Testing pfSense with OpenVPN in a virtual environment confirmed that it operates more efficiently on bare metal hardware. Moreover, the licensing cost for the OpenVPN access server would have been comparable to the support fees for pfSense.

The TAC enterprise support is $800 a year per firewall.

I would rate Netgate pfSense ten out of ten. If I could choose a product that was among the least frustrating and nearly flawless I've used, pfSense would likely be at the top of my list.

In addition to initial configuration tasks like routing and applying patches, minimal maintenance is required. Once the interfaces are set up, we configure firewall rules and are ready to go. Patching will be necessary for all platforms, but no specific requirements exist beyond standard practices.

I work for a small business. We have a number of different remote sites, so I use the solution as my primary firewall. I use it as a way for my remote sites to connect back to the main office via VPN.

The VPN features are the most valuable aspects of the solution.

It's pretty flexible. It does everything I need it to do. My use cases are somewhat limited.

I do like how easy it is to restore if you lose a router. I lost a firewall over the weekend at one of my remote sites. As of right now, I'm setting up a new piece of hardware and restoring it. It couldn't be more simple.

There are features in pfSense that help me to prevent data loss. It's relatively easy for me to back up what I need. I've created a pretty simple script that I run on a computer inside of my network that reaches out to all of the different pfSense firewalls that I use. It grabs a config file. And that's pretty simple. It's a script that runs daily. I could probably even run it weekly. It simply reaches out and grabs these things and backs them up. Data loss is not something that I'm really concerned about as long as I have a good backup, which I do, and I check it regularly.

It’s easy to add features to pfSense and to configure them. I don't add a lot to pfSense with regard to the package manager that it comes with. That said, the packages that I do use are easy to install, easy to update, and easy to configure.

I witnessed the benefits of pfSense immediately. I have what I consider an enterprise-class firewall and routing stack at a pretty reasonable price.

pfSense gives you a single pane of glass type of management. You can see pretty much most things inside of the firewall, everything from bandwidth charts to DHCP leases - anything you've set up with regards to DNS. It's got pretty good logging features. I wind up sending most of the Syslog information from pfSense to third-party logging software. That’s why I'm not really using it to peer through logs. However, to do quick checks, I'll use it. The UI is pretty similar to Netgate. It makes a lot of sense.

pfSense provides features that help minimize downtime. The high availability configuration allows me to mitigate downtime. I've worked with their deployment team to set that up and also set up the LAN. Regardless of whether or not I lose a firewall or an Internet connection, my connection to the Internet remains pretty resilient.

The visibility in pfSense helps optimize performance. I'm primarily using it to see how our bandwidth is being utilized. Outside of that, I'm not using pfSense to visualize a ton of data. I offload pfSense data to third-party software that I use to visualize things that are happening on my network. If I just pop in and take a quick glance at what might be going on in my network, it's sufficient.

I'm hard-pressed to think of a needed additional feature. It would be nice to see which packages are officially from pfSense and which are from a third party in the package manager.

I've been using the solution for more than a decade. 

The stability is rock solid. 

I haven't really had to scale my deployment. My deployment was for an in-place network. My network hasn't changed much as I've redeployed the pfSense over the years.

The speed of response is good. It was well within the SLA. 

They were incredibly helpful. They answered follow-up questions in a timely manner. I was very pleased. I have had to use it very minimally. However, I was very pleased with how it worked.

Positive

I may have used something different a decade ago. Since then, I've been using pfSense. We're a small business. I do have some Cisco hardware, however, I'm not using it on my edge network. It's mostly just for switching.

I typically buy the hardware myself for the installation. I have one or two pfSense appliances. One is sitting on a rack as a backup unit in case I need it. I have a couple in the field. At the end of the day, if I'm going to buy the appliance, I get a year or two of CE. I'd much rather just buy the hardware myself and purchase a CE or get a Plus license.

It's incredibly easy to deploy. Even for a new engineer, it would be pretty simple. 

I am in the process of restoring one. It took me 20 minutes to flash the image to a thumb drive, install it on the device, boot the device, restore the configuration backup, and have it up and running. I'm familiar with the hardware that I purchased, and I take and test good backups. That said, the process is incredibly easy. It takes very little time to deploy something that has failed. 

With regard to a new setup, it's impossible for me to answer broadly; however, even then, it's not a long time. It just depends on how sophisticated a given user's network is.

There is very little maintenance outside of updating the software. 

I deployed devices to our remote sites myself. I used Netgate Professional Services to help deploy a high availability stack at our main office, and they were outstanding to work with.

Anybody not using it, at least at the small or medium business level, is crazy. There's a significant return on investment. We're getting a pretty state-of-the-art device that runs OpenVPN and some other VPN software. It's not Cisco. It's not Juniper or any of the others out there. However, I keep my ear to the ground with regard to vulnerabilities generally out there, and it seems like there are far more vulnerabilities that you hear about day-to-day in their competitors than in their software. At the enterprise level, there may be some more sophisticated and purpose-built solutions. That said, pfSense meets all of my needs. I can't imagine it not meeting the needs of anybody in a business my size and slightly bigger or slightly smaller.

The licensing is fair. 

I'm a pfSense customer.

There are two versions of pfSense. The plus version, which is paid, and the community edition, which is free. I primarily use plus.

I'd rate the solution ten out of ten.

I use the solution in my home. It's my firewall, DNS server, DHCP server, intrusion detection server, and reverse proxy server.

The solution's web interface is very feature-rich and well-supported. There's a large community of users out there you can get to. There are many things that I'm not using at the time. It's got great support for VPNs. One of the ways that I'm using it is for VPN support as well. Netgate pfSense is a great product.

Netgate pfSense is an extremely flexible solution.

You'll see the benefits of Netgate pfSense immediately after you deploy it. The more features you use, the more benefits you get from it. I'm using the tool for VLAN support. That was something I implemented first, and it completely changed the way I was using my network. That was a real game-changer because it provided greatly enhanced security for my network and reduced the complexity of my network.

The firewall, the intrusion detection service, the VPN support, and VLAN support keep me from getting hacked and possibly having problems with ransomware and potential data loss.

pfSense Plus provides features that help us minimize downtime. You can create copies of different environments that you set up. If you want to try a setting but want to be protected from loss and downtime, you can create a copy of your current working environment.

You should try adding the new change to your pfSense configuration. If that doesn't work, you can easily go back to the working configuration with just a simple change from within the web interface. It also does automatic backups of its configuration.

The visibility of pfSense Plus helps us optimize performance. You can overcome latency issues through traffic shaping. I previously had buffer bloat issues, which I don't have currently.

If you have a slower connection, you can use traffic shaping limiters and priority queues to ensure that your VoIP traffic, internet TV traffic, or streaming traffic has enough guaranteed bandwidth. In my case, my broadband connection is wide enough, and I do not have to really use those features.

The cost of ownership of Netgate pfSense with the hardware cost was about $ 350.

It would be nice for the code optimization to run on even slower processes. It's optimized quite a bit, but there's always room for improvement.

I have been using Netgate pfSense for two years.

We haven’t faced any issues with the solution’s stability.

From my point of view, the solution's initial setup is pretty easy. Many YouTube videos are out there to help you get it up and running. There's a lot to try, a lot of things to do, and a lot of technology to play with, but I'm afraid I'm a bit of a tinkerer. To do what I initially wanted, I probably spent a day.

I would like to see the solution's price reduced.

There is some complexity to adding features to pfSense and configuring them. I would not say it's extremely complex, but it's got a high degree of complexity.

The website is all you need to configure Netgate pfSense. If you choose to, you can use its SSH terminal interface, but that's not something that most users would do. I would think they would stick with its fully developed, mature web interface.

The solution by itself does not need any maintenance. However, if you use the incursion detection plugins, you need to make sure that those are tuned properly. That involves periodic checks and possible adjustments. New users should be prepared to learn, read the manual, and utilize YouTube resources. It'll be worth it.

Overall, I rate the solution ten out of ten.