Overview
What is pfSense?
pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and…
pfSense - Security guaranteed by transparency
Review for pfSense
pfSense for High security
Pfsense for best security features
Pfsense review
Extremely flexible with a vast range of configurations and features for very little cost. Highly reliable.
pfSense: The best of all worlds, community and enterprise supported
The best small-to-medium business software based firewall
pfSense - A great middle of the road solution
pfSense Review from an SME IT manager
Very competitive reliable solution
pfSense is rock solid
pfSense - The Firewall for Everyone!
pfSense offers an all in one network appliance that saves time and money!
iron firewall for your services
Popular Features
- Reporting and Logging (9)8.989%
- VPN (9)8.888%
- Policy-based Controls (9)8.585%
- Content Inspection (9)7.676%
Video Reviews
2 videos
Pricing
SG-1100
$179
SG-2100
$229
SG-3100
$399
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting / Integration Services
Product Demos
PFSense 2.4.4 with LCDproc on Broadband9 Firewall appliance! Tested with 100Mbit leased line
Introduction of PFSense Open Source Firewall and Router
pfSense installation and setup demo (VirtualBox)
Building cloud firewall-router appliances for free: Installing Pfsense in Hyper-V
pfSense Tutorial - How to enforce Google Safe Search using PfSense - Guide and Demo
1. How to Install and Configure BGP in GNS3 using pfSense
Features
Firewall
A firewall is a filter that stands between a computer or computer network and the Internet. Each firewall can be programmed to keep specific traffic in or out
- 8.8Identification Technologies(8) Ratings
Policy-based visibility and control over applications, users and content
- 8Visualization Tools(7) Ratings
Visualization tools present administrators with data on applications traversing the network, who is using them, and the potential security impact.
- 7.6Content Inspection(9) Ratings
Inspecting permitted application traffic by means of threat prevention, URL filtering and data filtering
- 8.5Policy-based Controls(9) Ratings
Firewall policy controls enable administrators to create firewall policies controlling what data is allowed to traverse the firewall
- 8Active Directory and LDAP(8) Ratings
Integration with Active Directory and LDAP directories
- 9.7Firewall Management Console(8) Ratings
Either command-line or web-based interface for centralized control and management
- 8.9Reporting and Logging(9) Ratings
Custom and summary reports, and log files enabling analysis of security incidents, application usage and traffic patterns
- 8.8VPN(9) Ratings
VPN's implement encryption and anonymize IP addresses
- 9High Availability(9) Ratings
Built-in capacity to prevent exposure if primary firewall stops working
- 9Stateful Inspection(9) Ratings
Stateful inspection analyzes packet headers and contents of packets
- 8.2Proxy Server(9) Ratings
A proxy server changes your IP address and masks the origin of your network traffic
Product Details
- About
- Tech Details
What is pfSense?
pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and can be deployed through the cloud (AWS or Azure), or on-premises with a Netgate appliance. It as scalable capacities, with functionality for SMBs.
As a firewall, pfSense offers Stateful packet inspection, concurrent IPv4 and IPv6 support, and intrusion prevention. Within its VPN capabilities, it provides SSL encryption, automatic or custom routing, and multiple tunneling options. pfSense also supports optional clustering and load-balancing, along with proxying and content filtering services. The product can also monitor and report on network traffic.
pfSense Videos
pfSense Technical Details
Deployment Types | On-premise |
---|---|
Operating Systems | Windows |
Mobile Application | No |
Comparisons
Compare with
Reviews and Ratings
(69)Reviews
(1-21 of 21)pfSense - Security guaranteed by transparency
- Firewall
- VPN
- IDS/IPS
- Centralised management interface
- Web Filters
Review for pfSense
- pfSense blocker NG
- Ips
- Ad blocker
- Ha proxy
- QOS
- Country wise block
- Lots of issue with fresh configure [in my experience]
- [I feel] Gui not user-friendly
- Not advanced level security features available [in my experience]
pfSense for High security
- High Availability
- Sandboxing
- Easy to Integrate
- Technical Support
- Web console interface needs improvement
Pfsense for best security features
- VPN Server
- Load Balancing Feature
- It also provides Reverse proxy
- It support IPv6
- Wake-on-lan feature is also available with [pfSense]
- Less Documentation available
- Difficult to upgrade the firmware
- Software Bugs
Pfsense review
- Vpn server
- Load balancing
- Traffic shaping
- Dns and dhcp server
- Intrusion Detection System and Intrusion Prevention System
- Packet Inspection
- No advanced security features
- No sandbox features available
- Complicated configuration
Extremely flexible with a vast range of configurations and features for very little cost. Highly reliable.
- Firewall rules
- Multiple WAN failover & balancing
- Statistics and reporting of internet connection use
- Automated configuration backup
- More support for PPOE connection drops/errors
- Central management console for multiple devices
It is less appropriate for a home network environment.
- Robust appliance that is easy to install, manage and update.
- XML-based configuration backup and restore lends itself well to automation and pre-built configurations.
- Open-source platform means the availability of a wide array of third-party packages providing integration with everything from monitoring servers to backup.
- First releases are often buggy. For example, 2.5.0 broke fundamental routing features in some environments.
- Lack of API for automated configuration.
- Lack of CLI for scripting and automation purposes.
- OpenVPN is very easy to set up and administer.
- The web UI makes it very easy to configure.
- The feature set is broad and powerful.
- No official central management system (cloud or otherwise).
- Support for WireGuard VPN is limited.
It may be less suited for larger businesses where having an all-in-one product could be a disadvantage where a spread infrastructure is desired, very high scalability is necessary, or specific enterprise features aren't available.
pfSense - A great middle of the road solution
- OpenVPN
- Inter-Vlan Routing
- Firewalling
- CLI Commands
- Hardware Support
pfSense Review from an SME IT manager
- Easy to use. Good user interface design! Easy to understand and easy to set up.
- Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.
- Need to assign WAN, LAN interface in "text" console but not in web interface when you first install in a new network.
- I need to configure everything and send a pfSense device to my colleague in other countries, they are not IT professionals so they have difficulty assigning interfaces when they first boot.
Very competitive reliable solution
- OpenVPN solution: straight forward and very easy to manage. It's easy to setup clients through the OpenVPN export wizard.
- Load Balancing Internet Connections: I was able to use a single pfSense machine to load balance two internet connections. Basically, if one connection is losing too many packets or drops out, all internet traffic is automatically routed through the other internet service gateway. Users didn't even notice whenever there were internet outages.
- Sometimes when there was an internet outage pfsense would start running really slow. I'm assuming because all the clients trying to access the internet creates a load. There should probably be a timeout feature where all traffic pauses and stops trying to access the internet if the internet is obviously down. The simple fix for this is to just disconnect the switch with all clients.
- There are numerous packages that try to act as middle-man web traffic filters. They are a little complex and don't always work. This pfsense isn't to blame but it just might be nice to see a more standardized solution that's easy to set up.
pfSense is rock solid
- Great firewall. It has all the capabilities of very expensive firewalls. I have never had to restart the device in 10 years due to an issue.
- DHCP always works without any issues.
- OpenVPN has been rock solid, I like that OpenVPN has clients for all Linux, Mac and MS Windows.
- Reporting
- Viewing log files
pfSense - The Firewall for Everyone!
One of the coolest features of pfSense for someone like me who is learning on the fly is the fact it has a GUI version as well as the CLI version. So you can manage your pfSense instances very easily by using drop-down menus.
I can see this being really useful for small to medium size businesses. The software is very scalable and very flexible. It is also open source so there is not a bunch of licenses to purchase. There are a bunch of addon/packages you can install to add features and they also have "commercial" packages which do cost money but can add features some of the really expensive solutions have.
The support for pfSense is pretty great too - they have a huge online manual you can look things up in and the forums/community support is incredible. I had a question a long while back and I remember having an answer just a couple of hours after I asked it. pfSense runs on FreeBSD - The install was straight forward and once it was installed it is really easy to set up so you don't need to know a bunch of commands. The interface is pretty much "press: 1 to set this up."
I would highly recommend giving this software a try even for personal use. I have been considering trying to make a pfSense based router for my own home use.
- pfSense is an excellent firewall - It logs all of your traffic. It has packages you can install to snort bad traffic.
- pfSense has a tool called "p0f" which allows you to see what type of OS is trying to connect to you. You can filter these results and you can also block a specific OS from connecting to you.
- pfSense is an excellent load-balancer: (Multi-WAN and Server Load Balancing) The fail-over/aggregation works very well. This is perfect if your business uses multiple ISP's to ensure your customers are always able to access their data. Also helps with bandwidth distribution as well.
- VPN's - I am not entirely sure if this package was free with pfSense, but it does offer the ability to use OpenVPN which is what I am familiar with.
- They also have IPsec in the settings as well, but I am not familiar with that enough to go into any detail with it.
- As I mentioned I do use OpenVPN the only thing I don't care for with it is I can create OpenVPN configs for each user I want to be able to VPN into the network and I assumed each one would be "unique" but this does not seem to be the case. I could be doing it wrong, but if I create a config for a specific employee I would expect only that employee should be able to use that config, but I have been able to login to everyone that I made using my credentials.
- I mentioned earlier that pfSense had a GUI.
- I personally really think it is cool because it has a bunch of reporting graphs for monitoring your networks. I think when I become the full-time admin at the company I am going to try to talk them into getting me a TV I can mount on the wall and display all the graphs and real-time info pfSense shows so I can monitor what is going on with the network(s) at all times. Plus I think it would look rad.
- I did kind of mention a Con in the Pro section with OpenVPN.
- When I create a config for an employee other employees are able to login to that config.
- I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong.
- I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing.
- I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.
I installed pfSense on my Hyper-V with 5GB of space and 2GB of RAM.
I personally think pfSense is flexible enough for a large business and can probably do most things Cisco hardware and software can do, but I guess depending on how big you are you are probably looking for something more "known" like Cisco so if something goes wrong you can throw someone under the bus lol!
pfSense is open source and your support comes from a community of people who use the software where with Cisco if something goes wrong you are contacting another large business.
We needed something easy to setup and manage on a day to day basis that didn't come with expensive fees or recurring costs to reduce our financial exposure. As time marches on, we've definitely made the best choice in choosing pfSense as it fits our needs extremely well.
- Easily configure firewall rules through a well thought out web interface.
- Easy to configure VPN setups and if using OpenVPN, easy to deploy client setups.
- Many additional packages and features can be installed on the fly, including things like OpenBGPD, freeradius3, and lightsquid.
- Load Balancing and connection proxies built in and the ability to HAProxy easily.
- Backup and restore in minutes, not hours. A online (free) service is also offered to backup each and every change made to their cloud.
- There is no API for making changes. This can be a hindrance in environments where auto-deploying something needs firewall rules or HAProxy configs updated. Since all settings are stored in an XML file and then configs are generated from that, even manually updating config files cannot be done.
- Beware that some network cards can have issues. pfSense is based on FreeBSD, so it's best to look on their compatibility list before deploying.
pfSense is less well suited for home or home-office environments as it's a little over kill and with high bandwidth home connections, a larger device will be needed for throughput.
iron firewall for your services
- stable vpn connection through your web application and easy to use
- load balancer that allows me to distribute the bandwidth to the ip that I need with more power at the request of the user and less power to users who have fewer requirements
- dns server that allows me to give a domain name to several applications that I have hosted in my network so that it has a connection from the outside and can be seen by the user
- they should improve in creating more manuals of procedures or processes that can be done with this systems since the documentation obtained from this system is small, which makes it difficult to use 100 percent of this system
In short, this system is very complete and can be used in large, medium or small companies. It is only necessary to have a vision of what is required and this software will cover your needs.
PfSense decent Open Source Firewall to reduce costs!
- Open Source (free). Pay only for support.
- Plugins are the crown of the product.
- An extensive dashboard gives you all that you need to have on the first look.
- Traffic graphics are wonderful.
- You can't integrate modem functionality into a pFSense box.
- I don't want to go completely open source if downtime is a risk factor that could lose more income that supported products would cost.
- Can be an expensive configuration if you choose to build your own pFsense box for several ISP.
- For non expertise users is a pain in the neck to manage the web GUI.
Robust, configurable, feature-rich, and RELIABLE network infrastructure at the perfect price.
I support ~15 network users, which represent something more like 30-40 devices (after notebooks, mobile phones, tablets, etc are accounted for).
pfSense is used as the primary router to our internet connection, as well as our VPN connect endpoint, local DNS resolution, and internet connection failover. Having all of these services bundled in one powerful, well supported, and robust software configuration platform saves a ton of time and makes managing our internal office network very easy.
- Point and click configuration for nearly any network infrastructure service you could need
- Centralized configuration, with documentation, of all firewall rules, dhcp lease rules, vlan routes, etc
- Fast security updates when vulnerabilities (and patches) are found in any of the software that pfSense uses out of the box
- Super simple to deploy
- Light-weight, doesn't need a high end system to run
- Some services can be clunky to configure if you're not 100% familiar with the technology
- Service configuration is bound to the pfSense interface, so if the UI doesn't expose configuration for a feature you need (and the service supports it), it's a significant challenge to configure the service outside of the pfSense system. (Note: this has rarely been an issue for us, once or twice in the entire time we've used the software)
I'm not sure how pfSense would fare in a larger network environment (multiple hundreds - thousands of users) as I've never supported a network with that many users.
For small - medium sized businesses, with a part time network administrator available, pfSense is perfect.
PfSense: A powerful tool in your hand
- Web User Interface: With new web UI, based on Bootstrap framework, you can control your Pfsense from everywhere.
- Scalable: It's an all-in-one solution useful for every kind of company. It's also very easy to set up rules and NAT, and it has several modules like transparent proxy, VPN, and traffic shaping.
- Community: There's a large community behind Pfsense so you can find a lot of documentation, tutorials, and howtos and also support from the official forum.
- Virtualization: We use virtualization on our systems based on KVM enviroment so they could improve Virtualization integration.
- Export/Import: You cannot import/export all of pfsense modules configuration. And also sometimes pfsense export/import creates conflicts with s Mac address.
It's useful in a SOHO infrastructure but for a very large company with a high constant bandwidth traffic, there are more powerful tools.
pfSense - Review
pfSense supports Multiwan, load balancing both at the WAN level and load distributing level, VPN (IPSEC, OPENVPN), among many other features. I have a client who is using pfSense with Multi-Wan, three separate ipsec tunnels (Datacenter to HQ, HQ to Azure, HQ to another cloud provider). We have basic ACLs rules in place and host a number of servers behind the pfSense. We do not use the load balancing as pfSense is used in Headquarters where we do not host many services that require load balancing behind the router. In anycase for an office it works out well as my client has intermittent ISP issues so the mult-wan comes in really handy.
We've had hardware failures where I simply setup a new pfSense box and copied the configs over and was up and running in no time.
I would highly recommend pfSense for small to medium size businesses, maybe even large but I have yet to test loads at such high scales. I also have not setup pfSense in a production environment with high load so I cannot comment on that part. Overall, I think pfSense is great! I also used pfSense in a VMware environment for test labs and that worked out great fulfilling all my needs as well!
- Great Multi-Wan redundancy.
- Great control of ACLs
- Perfect for VPN connections
- The tools that come with pfsense are great but I've seen better tools from home based routers like the ASUS routers. Wish we had more pretty graphs, traffic use by user or hostname, etc.
- The UI is good but seems a little outdated. The graphs and reporting looks more like cacti versus the look of something pretty like Kibana.
pfSense - A Great Choice for Network Security
- It secures things!
- It blocks bad things.
- It is easy to configure.
- Nothing really. The developers fix thing pretty quickly. They might want to run some vulnerability scanners against a device and fix those minor issues.
It's free - what's not to like!
- Easy and quick to change firewall rules - no painful re-loads or reboots (!) like some firewall solutions
- VPN support is excellent and so fast as hardware acceleration is supported
- Large set of free add-on tools
- Multiple hardware platforms supported
- Quality of service and traffic shaping setup could be better but the answers are usually on the pfSense forums if you look
- Non-technically minded will lose patience but it's designed to be a fully-fledged firewall so it's not surprising