pfSense vs. Windows Server

Because pfSense is built around open source software, it is very convenient to be able to deploy in the event of hardware failure. We once had a client with a proprietary router that failed. While the router was under warranty, the expected time for the new router to arrive was about 2 weeks. We decided to implement pfSense for the client as a stop gap and ultimately ended up deploying the full enterprise appliance. Being able to get up and running using commodity hardware was a huge win for the client. We've also had a great amount of success deploying pfSense hardware at apartment complexes. The DNS resolver works great and we've had no issues handling multiple VLANs with various DHCP scopes on it. Finally, we've had clients that require having a failover cluster. Utilizing the built in CARP capabilities, we've been able to provide a very robust failover system that requires little maintenance and no downtime in the event of equipment failure.

If you have one user or 1000's of users (especially using Windows), Windows Server is a no-brainer! The only reason I would suggest going with a Linux server is if you have old hardware (Windows Server is more process intensive than Linux). But, Linux is open-source, so anyone can publish updates/security updates, but on the flip side, malicious people also have full access to Linux's codebase allowing for much easier writing of exploitations/viruses/malware/ransomware.

Incentivized

• Easy to use. Good user interface design! Easy to understand and easy to set up.
• Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.

Incentivized

• Easy to use due to its intuitive graphical user interface.
• Very popular and makes integration easier.
• Lots of software drivers available.
• Has many functionalities such as Active Directory, DNS, DHCP, VPN, RDP, VDI server, etc.
• Many patches and updates available. Maybe abit too much too often.
• Cost effective and with budget.
• Remote desktop feature simplifies remote access to this server.
• It has a built in VPN and ssl certificate feature.
• Event viewer is available for alerts, although it seems too cumbersome to go through the logs.
• If you got too many Windows systems to manage, then SCCM is an option.

Incentivized

• I did kind of mention a Con in the Pro section with OpenVPN.
• When I create a config for an employee other employees are able to login to that config.
• I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong.
• I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing.
• I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.

Incentivized

• DHCP Server could be better - we use the router for DHCP Routing
• Print Server - not a fan of using the server as a print server since you have to license it. Direct access to printers via IP addresses is a much more efficient way to go
• Better backup program - we utilize a third-party program that gives us more flexibility when restoring individual files.

Incentivized

I've carefully reviewed the servers and services currently running on Windows Server 2012, and given the opportunity would renew them as is going forward. There are two systems I currently have in place, one is a very large Linux implementation for a large ecommerce site, and one is a very large backup solution front ended by FTP servers running Linux. Neither are well suited for Windows, but the overall network infrastructure is and will be Windows Server for the foreseeable future.

The interface is simple, has sane defaults, and is consistent throughout.

There are simply too many different parts of Windows Server to make it a cohesive piece of software. While some of the newer features found in Windows Server 2012 and 2016 have nice UIs that are logically laid out, there are enough parts of the system that is still based on old code with clunky UIs and confusing options to make Windows Server a particularly user-friendly experience.

Incentivized

Microsoft's support is hugely wide-ranging from articles online to having to contact them directly for the more serious issues. In recent years when I have contacted them directly, I have found the support o be excellent as I have found myself connected to very knowledgeable people in the field in which I needed the support. The online support available is vast and I tend to find most of the time that there is always someone out there who has had the same issue as me in the past and knows something about how to resolve it! This is the advantage of using industry standard and long-established systems such as Windows Server.

Incentivized

Make sure that you have detailed processes in place for every server instance you plan to install/upgrade, if possible get the base OS loaded and Windows Updates applied ahead of time, and if using a VM take a snapshot prior to installing each role, as well as along the way.

Incentivized

While you can get the performance out of other products, pfSense offers the unique ability to put other services on the same device. Products such as Untagle's NG Firewall and SonicWall's TZ series offer cost effective options for firewall and VPN services, having incoming load balancing and connection proxies on the same device as the firewall offers extremely easy configuration and day to day management of network services

Incentivized

I didn't use any other system which gives the same functionality and I am not aware of any. The full integration between all components and especially the ability to integrate mail via Exchange or even via a hybrid setup with the Ofice365 cloud, including the ability to directly manage the cloud from the server, using Power Shell, is something I didn't see anywhere else.

Incentivized

• Using pfSense has allowed us to build a professional network in our small office without needing a lot of proprietary hardware, saving thousands of dollars in IT infrastructure investment.
• The cost for using pfSense is free, so it's a great option for those who don't have a large IT budget
• pfSense utilizes all of the industry standard services to provide all of it's functionality, so support for service-level issues is readily available
• Because of how much work has been put into pfSense to make it rock solid and reliable, we're able to support our network with minimal IT staffing, saving us thousands of dollars/year in personnel alone.

Incentivized

• Because of our Microsoft Campus Agreement, Windows products are fairly affordable for us and that has been a huge blessing. We are considering some Azure cloud options and some of that is covered under our Campus Agreement, making it a nice incentive to start migrating certain apps and functionality to the cloud
• I don't have access to our budgets so I cannot give a good answer as far as the impact of ROI on our institution, but if your company can afford it, you cannot go wrong with Windows server. Not having to send your sys admins to Linux or Unix school alone is a big savings as well as not having to train your staff on using a Linux desktop instead of a Windows-based one.
• The compatibility with end users of all varieties and platforms will definitely impact your ROI in a positive way. We have Apple users, Android, Windows, and even a few Linux end users on our campus and Windows server works quite well with all of them.

Incentivized