pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and can be deployed through the cloud (AWS or Azure), or on-premises with a Netgate appliance. It as scalable capacities, with functionality for SMBs. As a firewall, pfSense offers Stateful packet inspection, concurrent…
$179
per appliance
Trend Micro Deep Security
Score 8.9 out of 10
N/A
Trend Micro™ Deep Security™ software provides comprehensive security for virtual, cloud, and container environments. Deep Security allows for consistent security regardless of the workload. It also provides a rich set of application programming interfaces (APIs) so security can be automated.
Because pfSense is built around open source software, it is very convenient to be able to deploy in the event of hardware failure. We once had a client with a proprietary router that failed. While the router was under warranty, the expected time for the new router to arrive was about 2 weeks. We decided to implement pfSense for the client as a stop gap and ultimately ended up deploying the full enterprise appliance. Being able to get up and running using commodity hardware was a huge win for the client. We've also had a great amount of success deploying pfSense hardware at apartment complexes. The DNS resolver works great and we've had no issues handling multiple VLANs with various DHCP scopes on it. Finally, we've had clients that require having a failover cluster. Utilizing the built in CARP capabilities, we've been able to provide a very robust failover system that requires little maintenance and no downtime in the event of equipment failure.
Hypervisor based agentless security this product excels at. It provides thorough protection for your VM's. The web filtering product that comes with it also does a great job filtering out malicious websites from being accessed by users with a very user friendly prompt that they are going to a website which has been found to be malicious. This is particularly useful when it comes to VDI.
Easy to use. Good user interface design! Easy to understand and easy to set up.
Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.
I did kind of mention a Con in the Pro section with OpenVPN.
When I create a config for an employee other employees are able to login to that config.
I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong.
I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing.
I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.
Trend Micro has very little room for improvement. I am using version 9.6 at this time and it is extremely reliable. Some of the upgrades were not completely intuitive, but in those cases Deep Security support came through with documentation that covered all the bases.
Trend Micro's support is pretty decent, we have had issues in the past and they have been fairly responsive to us and our complaints. Depending on how severe the issue was. Any ticket that had a high priority was handled very shortly especially when we contacted our account rep even if it was after hours, we were still able to get support within a short time period.
While you can get the performance out of other products, pfSense offers the unique ability to put other services on the same device. Products such as Untagle's NG Firewall and SonicWall's TZ series offer cost effective options for firewall and VPN services, having incoming load balancing and connection proxies on the same device as the firewall offers extremely easy configuration and day to day management of network services
We selected trend micro to take the AV scans and filtering out of the hands of the Windows and Linux vm's we have deployed and move it to the hypervisor level. This has led us to be able to deploy only a single DSVA per host and can protect all VM"s that are on that hosts. This has allowed for more time being spent on other priority security tasks.
Using pfSense has allowed us to build a professional network in our small office without needing a lot of proprietary hardware, saving thousands of dollars in IT infrastructure investment.
The cost for using pfSense is free, so it's a great option for those who don't have a large IT budget
pfSense utilizes all of the industry standard services to provide all of it's functionality, so support for service-level issues is readily available
Because of how much work has been put into pfSense to make it rock solid and reliable, we're able to support our network with minimal IT staffing, saving us thousands of dollars/year in personnel alone.
100% positive ROI. Without Deep Security we would have to leverage and endpoint protection management solution like Sophos or SEPM (Symantec). Although both are good products, from a cost perspective it would have hit us much harder. Trend Micro Deep Security scales very nicely.
Since Deep Security actually has zero (or at least unnoticeable) resource footprint on monitored VMs, it is a huge cost benefit for us. As previously mentioned, actual antivirus clients installed on each virtual machine (VM) would have significantly affected performance. This would have cost us much more additionally in paying for additional resources to allocate over VMs in the VMware environment. Deep Security is almost completely unintrusive from a resource perspective.
Also, from a layered security perspective, it helps us meet our goals; and since the price of Trend Micro Deep Security quite reasonable, it is that much easier to get approval for this specific internal layer of security.
