Barracuda Web Security Gateways now available in the 200 through 1000 series provide web content filtering as well as access and advanced threat protection, and are available as physical appliances, virtual appliances, or as a SaaS.
N/A
pfSense
Score 9.2 out of 10
N/A
pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and can be deployed through the cloud (AWS or Azure), or on-premises with a Netgate appliance. It as scalable capacities, with functionality for SMBs. As a firewall, pfSense offers Stateful packet inspection, concurrent…
I've used a number of routers like Cisco, Sonicwall, Juniper, Home based routers, etc. pfSense is like most routers but with the benefit of load balancing and multi-wan. Well many support multi-wan but load balancing is usually a separate device like an BIGiP F5 or Cisco CSS.
For a larger organization, this is a must. It provides insight into what the users are doing online and most malicious sites will no longer be accessible if access is denied. This can also give access to non-work related sites, but in a limited capacity, based on user or time of day. Though a smaller company would benefit from the features, it may be cost prohibitive.
I believe PFSense is well suited for both home lab environments as well as up to small to mid-size business environments on a tight budget. However, I would implore that anything in production requires the use of the authorized hardware that PFSense sells to receive support. However, in my experience, PFSense is a solid set-and-forget firewall solution.
Easy to use. Good user interface design! Easy to understand and easy to set up.
Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.
I did kind of mention a Con in the Pro section with OpenVPN.
When I create a config for an employee other employees are able to login to that config.
I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong.
I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing.
I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.
There are a lot of settings you can adjust. The web log is easy to use. If a user is having issues accessing a website, you can go in and see what's being blocked and why. After that, you can make adjustments fairly easy. The GUI is easy to navigate and updating the software is a simple click of a button.
The pfSense UI is easy to navigate and pretty go look at. It is much better than some high dollar firewalls that just throw menus you you. The pfSense UI is quick and responsive and makes sense 99% of the time. Changes are committed quickly and the hardware rarely requires a reboot. It just runs.
Barracuda support have also been excellent when we have had to contact them. The only time we had a hardware issue on a device (and that device was about 8 years old) it was replaced within about 24 hours of reporting it. Generally there has not been much need to contact their support, as once the device is in and set up, it just works.
SonicWall, Barracuda NG Firewall, and WatchGuard provides Content Filtering, but are primarily firewalls with Content Filtering features. The Web Filter is a dedicated appliance with more storage space and better reporting of users.
Meraki has a unified management login for all devices, which is nice. It also has decent content filtering, both areas where pfSense is weaker. Where pfSense far ouclasses Meraki is in the ease of use and the other width of features. These include features such as better VPN interoperability, non-subscription based pricing, auditability, not relying on the infrastructure of a third party, more transparency of what's actually going on, easier to deploy replacements if hardware fails. Additionally, the NAT management for pfSense seems to be a bit better, as you can NAT between any network segment and not just the LAN segments out the WAN interfaces.
pfSense can be installed on commodity hardware with no licensing fees. With a simple less than 10 minute restore time, on most hardware, it's an extremely inexpensive way to achieve the same results that some of the more expensive vendors provide.
The easy to use interface has allowed configuration management to be preformed by lower level technicians with quick and easy training.