TrustRadius
pfSense is an open-source firewall and load management product. It provides combined firewall, VPN, and router functionality, and it can be deployed through AWS or Azure clouds or on-premises via Netgate.https://media.trustradius.com/product-logos/1c/pa/ZO1A4AO15GEQ.JPEGpfSense Review from an SME IT managerWe use pfSense across several countries office such as Hong Kong, Singapore, Shanghai & Beijing and served over 150 staff. We use pfSense to build site-to-site VPN to link up our office network. pfSense is quite stable and easy to manage that is very important because our IT teams are small. Handled over 4 years, pfSense has not given me any big issue so I will recommend it to my friends.,Easy to use. Good user interface design! Easy to understand and easy to set up. Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.,Need to assign WAN, LAN interface in "text" console but not in web interface when you first install in a new network. I need to configure everything and send a pfSense device to my colleague in other countries, they are not IT professionals so they have difficulty assigning interfaces when they first boot.,8,Positive. Old desktop + free software license, that is unbeatable ROI. At present, we use an Intel celeron + 8GB RAM device which supports a 30 person office with 1GB fixed IP WAN and IP phone systems very well.,Cisco Routers,Microsoft Office 365, Microsoft Dynamics NAV, Jet ReportspfSense - The Firewall for Everyone!The company I currently work for uses pfSense mainly for load balancing and also as a firewall. We have a lot of cloud customers and this software comes in real handy to ensure that if one of our services go down our customers will not experience any outages as pfSense will automatically make our second connection the primary one. I am currently just getting into the system administrator role and I am working under our current sysadmin who is going into development so I have been trying to learn a lot of this software on the fly. One of the coolest features of pfSense for someone like me who is learning on the fly is the fact it has a GUI version as well as the CLI version. So you can manage your pfSense instances very easily by using drop-down menus. I can see this being really useful for small to medium size businesses. The software is very scalable and very flexible. It is also open source so there is not a bunch of licenses to purchase. There are a bunch of addon/packages you can install to add features and they also have "commercial" packages which do cost money but can add features some of the really expensive solutions have. The support for pfSense is pretty great too - they have a huge online manual you can look things up in and the forums/community support is incredible. I had a question a long while back and I remember having an answer just a couple of hours after I asked it. pfSense runs on FreeBSD - The install was straight forward and once it was installed it is really easy to set up so you don't need to know a bunch of commands. The interface is pretty much "press: 1 to set this up." I would highly recommend giving this software a try even for personal use. I have been considering trying to make a pfSense based router for my own home use.,pfSense is an excellent firewall - It logs all of your traffic. It has packages you can install to snort bad traffic. pfSense has a tool called "p0f" which allows you to see what type of OS is trying to connect to you. You can filter these results and you can also block a specific OS from connecting to you. pfSense is an excellent load-balancer: (Multi-WAN and Server Load Balancing) The fail-over/aggregation works very well. This is perfect if your business uses multiple ISP's to ensure your customers are always able to access their data. Also helps with bandwidth distribution as well. VPN's - I am not entirely sure if this package was free with pfSense, but it does offer the ability to use OpenVPN which is what I am familiar with. They also have IPsec in the settings as well, but I am not familiar with that enough to go into any detail with it. As I mentioned I do use OpenVPN the only thing I don't care for with it is I can create OpenVPN configs for each user I want to be able to VPN into the network and I assumed each one would be "unique" but this does not seem to be the case. I could be doing it wrong, but if I create a config for a specific employee I would expect only that employee should be able to use that config, but I have been able to login to everyone that I made using my credentials. I mentioned earlier that pfSense had a GUI. I personally really think it is cool because it has a bunch of reporting graphs for monitoring your networks. I think when I become the full-time admin at the company I am going to try to talk them into getting me a TV I can mount on the wall and display all the graphs and real-time info pfSense shows so I can monitor what is going on with the network(s) at all times. Plus I think it would look rad.,I did kind of mention a Con in the Pro section with OpenVPN. When I create a config for an employee other employees are able to login to that config. I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong. I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing. I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.,10,pfSense has only had positive impacts on our company. We are not a huge company so not having to buy licenses to get all these features have been excellent. I was not around when our current sysadmin decided to use pfSense, but I am assuming from day one it was probably a 100% return on investment since it does everything we need it to and it was open source software.,Zabbix, Remote Desktop Manager, CentOS, ConnectWise Control (formerly ScreenConnect), Veeam Backup & Replication, Hyper-V, Windows ServerpfSense - A great middle of the road solutionpfSense is currently the backbone of our company's network. We have five of them deployed handling VPN and routing. One is on a Dell R210II in the office handling the inter-vlan 10Gbps routing and 3 WAN failover. The second is a Hyper-V VM in our colo facility handling the NATing and forwarding there. The third is a Lenovo SFF PC in an office far away that we can selectively route through for geo purposes. The forth is a VM in a datacenter, again, just to selectively route out. The fifth is acting as a VPN server for the other four to connect to and route between each other as well as for clients outside the office to connect to.,OpenVPN Inter-Vlan Routing Firewalling,CLI Commands Hardware Support,8,Don't need to buy as much hardware Don't need to pay licencing fees,Ubiquiti Networks UniFipfSense is rock solidpfSense is used as our firewall, VPN server, DNS forwarder, and NTP server. We also have two other pfSense devices installed at remote locations to provide VPN connections to our headquarters.,Great firewall. It has all the capabilities of very expensive firewalls. I have never had to restart the device in 10 years due to an issue. DHCP always works without any issues. OpenVPN has been rock solid, I like that OpenVPN has clients for all Linux, Mac and MS Windows.,Reporting Viewing log files,10,pfSense allows me to spend my budget where is has a direct impact on our business and not on firewall devices.,SonicWall TZ, Check Point Next Generation Firewall and F5 Silverline Web Application FirewallVery competitive reliable solutionI used PfSense mainly as a firewall and an OpenVPN solution company-wide. It's very easy to manage and has a lot of features. I've also used Pfsense to load balance multiple internet connections as well as segregate multiple VLAN networks. It's been very reliable and is a great system overall.,OpenVPN solution: straight forward and very easy to manage. It's easy to setup clients through the OpenVPN export wizard. Load Balancing Internet Connections: I was able to use a single pfSense machine to load balance two internet connections. Basically, if one connection is losing too many packets or drops out, all internet traffic is automatically routed through the other internet service gateway. Users didn't even notice whenever there were internet outages.,Sometimes when there was an internet outage pfsense would start running really slow. I'm assuming because all the clients trying to access the internet creates a load. There should probably be a timeout feature where all traffic pauses and stops trying to access the internet if the internet is obviously down. The simple fix for this is to just disconnect the switch with all clients. There are numerous packages that try to act as middle-man web traffic filters. They are a little complex and don't always work. This pfsense isn't to blame but it just might be nice to see a more standardized solution that's easy to set up.,10,Very reliable and competitive in today's market.,SonicWall VPN Clients,CenturyLink Fiber + InternetpfSense offers an all in one network appliance that saves time and money!We use pfSense as our primary firewalls on two fiber connections into our organization. We also utilize pfSense for load balancing and fail over of incoming requests for our software and service hosting. We needed something easy to setup and manage on a day to day basis that didn't come with expensive fees or recurring costs to reduce our financial exposure. As time marches on, we've definitely made the best choice in choosing pfSense as it fits our needs extremely well.,Easily configure firewall rules through a well thought out web interface. Easy to configure VPN setups and if using OpenVPN, easy to deploy client setups. Many additional packages and features can be installed on the fly, including things like OpenBGPD, freeradius3, and lightsquid. Load Balancing and connection proxies built in and the ability to HAProxy easily. Backup and restore in minutes, not hours. A online (free) service is also offered to backup each and every change made to their cloud.,There is no API for making changes. This can be a hindrance in environments where auto-deploying something needs firewall rules or HAProxy configs updated. Since all settings are stored in an XML file and then configs are generated from that, even manually updating config files cannot be done. Beware that some network cards can have issues. pfSense is based on FreeBSD, so it's best to look on their compatibility list before deploying.,10,pfSense can be installed on commodity hardware with no licensing fees. With a simple less than 10 minute restore time, on most hardware, it's an extremely inexpensive way to achieve the same results that some of the more expensive vendors provide. The easy to use interface has allowed configuration management to be preformed by lower level technicians with quick and easy training.,Ubiquiti Networks UniFi, SonicWall TZ and Untangle NG Firewall,Untangle NG Firewall, Ubiquiti Networks UniFipfSense firewall/router is a lightweight and supported alternative to hardware-based options.pfSense is being used as the primary edge firewall for the internet connection. As many hardware-based firewalls/routers do not receive timely security updates, it was time to implement something with more granular control over updates and patches. pfSense has exceeded expectations in terms of flexibility. We are also using the Snort add-on to perform IDS/IPS functionality.,Since it is based on FreeBSD, rock-solid stability is a given. Platform hardware requirements were quite modest. The firewall and NAT configuration was straightforward and works well. A good amount of add-ons permit the administrator to extend functionality to meet the needs and requirements of the organization.,Perhaps there can be more wizards put in for simpler turn-key configurations. Would be a good bonus to have disk mirroring for the main volume to prevent unexpected downtime due to disk failures. I'm currently using as SSD so that should help avoid any mechanical breakdowns. Include more choices for remote access VPN configurations.,9,The Snort IPS add-on has blocked many attacks that would otherwise cripple other hardware-based firewalls/routers. This greatly reduces downtime and system administration costs. The optional add-ons can remove the need for secondary servers/services to be running on other devices behind it. The community-based support is large to the point where a small business isn't necessarily needing to purchase a standard support contract.,Sophos UTM and Untangle NG Firewall,LibreOffice, VMware Workstation, Oracle VM VirtualBoxPfSense decent Open Source Firewall to reduce costs!Pfsense is our layer 2 software firewall that allows us a better control over the overrides for the internet navigation; give us an accurate integration with a ton of plugins you can build your on appliance using a decent desktop; to manage with ease two ISPs, make the load balancing, set the VPN for your external users, reduce the downtime's, backup your config, and restore it in matter of seconds. Pfsense work together with the IPS sensor from the basic to the hard case. It's a 10 in our organization.,Open Source (free). Pay only for support. Plugins are the crown of the product. An extensive dashboard gives you all that you need to have on the first look. Traffic graphics are wonderful.,You can't integrate modem functionality into a pFSense box. I don't want to go completely open source if downtime is a risk factor that could lose more income that supported products would cost. Can be an expensive configuration if you choose to build your own pFsense box for several ISP. For non expertise users is a pain in the neck to manage the web GUI.,9,Moving to a FWaaS solution installed on a decent computer the initial investment was moderate to cover 50 to 250 users, but still being cheaper that a Fortinet, Cisco ASA, or a Sophos UTM. Paying only for support can be a double edge knife, cause you need to identify what's the goal of the request, or your drown into a an endless list of requirements. To stay in the top with the half of a regular investment pFSense gives a wide variety of plugins that will give you a deep knowledge of your security flaws and strong points.,Fortinet FortiGate, Sophos UTM and Cisco ASA,AutoCAD, eTakeoff, VMware vCenter Server, WatchGuard NGFW,2iron firewall for your servicesIn my company we also manage a network of large numbers of users who need a stable server on which they can count at the time of sending a request. This software has helped me to have a Network Address Translation with which I get security in my sub network such that at the time of an attack, it can not reach our servers. It also has helped me to be able to place some services on the network through the property of the server DNS. It also offers the VPN connection so that I can connect from anywhere to check how my services are on the network,stable vpn connection through your web application and easy to use load balancer that allows me to distribute the bandwidth to the ip that I need with more power at the request of the user and less power to users who have fewer requirements dns server that allows me to give a domain name to several applications that I have hosted in my network so that it has a connection from the outside and can be seen by the user,they should improve in creating more manuals of procedures or processes that can be done with this systems since the documentation obtained from this system is small, which makes it difficult to use 100 percent of this system,9,Since it is a platform that is created under Linux a free distribution that does not generate licensing costs and is easy to use for its web environment,Smoothwall SWG,Smoothwall SWGRobust, configurable, feature-rich, and RELIABLE network infrastructure at the perfect price.We are a small business, so we use pfSense to manage our office network. I support ~15 network users, which represent something more like 30-40 devices (after notebooks, mobile phones, tablets, etc are accounted for). pfSense is used as the primary router to our internet connection, as well as our VPN connect endpoint, local DNS resolution, and internet connection failover. Having all of these services bundled in one powerful, well supported, and robust software configuration platform saves a ton of time and makes managing our internal office network very easy.,Point and click configuration for nearly any network infrastructure service you could need Centralized configuration, with documentation, of all firewall rules, dhcp lease rules, vlan routes, etc Fast security updates when vulnerabilities (and patches) are found in any of the software that pfSense uses out of the box Super simple to deploy Light-weight, doesn't need a high end system to run,Some services can be clunky to configure if you're not 100% familiar with the technology Service configuration is bound to the pfSense interface, so if the UI doesn't expose configuration for a feature you need (and the service supports it), it's a significant challenge to configure the service outside of the pfSense system. (Note: this has rarely been an issue for us, once or twice in the entire time we've used the software),10,Using pfSense has allowed us to build a professional network in our small office without needing a lot of proprietary hardware, saving thousands of dollars in IT infrastructure investment. The cost for using pfSense is free, so it's a great option for those who don't have a large IT budget pfSense utilizes all of the industry standard services to provide all of it's functionality, so support for service-level issues is readily available Because of how much work has been put into pfSense to make it rock solid and reliable, we're able to support our network with minimal IT staffing, saving us thousands of dollars/year in personnel alone.,PfSense: A powerful tool in your handPfsense is used in our whole organization. Our main firewall has been made by using Pfsense. Recently we've bought two appliances with pfsense preinstalled. Pfsense is crucial for our enviroment because we're a small company so we cannot buy expensive firewall. After some research and local tests, we've decided to use pfsense.,Web User Interface: With new web UI, based on Bootstrap framework, you can control your Pfsense from everywhere. Scalable: It's an all-in-one solution useful for every kind of company. It's also very easy to set up rules and NAT, and it has several modules like transparent proxy, VPN, and traffic shaping. Community: There's a large community behind Pfsense so you can find a lot of documentation, tutorials, and howtos and also support from the official forum.,Virtualization: We use virtualization on our systems based on KVM enviroment so they could improve Virtualization integration. Export/Import: You cannot import/export all of pfsense modules configuration. And also sometimes pfsense export/import creates conflicts with s Mac address.,10,We have a strong know-how, and we've used this solution with our customers so we can be more competitive than hardware solutions. We can sell to our customers not only hardware but different solutions by using only one product.,Opnsense, Ipcop and Smoothwall,Proxmox VE, Digium Asterisk, MikroTik Routers and SwitchespfSense - ReviewI first learned of PFSense when searching for custom routers. Started from DD-WRT among other products such as zeroshell and pfSense. Some requirements were Dual WAN redundancy, failover and load balancing. In my particular experience I have setup/migrated pfSense in a Dual WAN redundant setup. pfSense was perfect as you can scrape up any old computer with 3 NICS (WAN1, OPT1, LAN). The setup is rather easy. If you are familiar with the setup of Linux, it should be a breeze. You setup a bootable USB stick and boot to USB and install pfSense. The initial setup of the NICs is also easy but you do need some networking experience. Once you get the initial setup completed and connected to the Web UI, you can pretty much go through each option and set to your needs. pfSense supports Multiwan, load balancing both at the WAN level and load distributing level, VPN (IPSEC, OPENVPN), among many other features. I have a client who is using pfSense with Multi-Wan, three separate ipsec tunnels (Datacenter to HQ, HQ to Azure, HQ to another cloud provider). We have basic ACLs rules in place and host a number of servers behind the pfSense. We do not use the load balancing as pfSense is used in Headquarters where we do not host many services that require load balancing behind the router. In anycase for an office it works out well as my client has intermittent ISP issues so the mult-wan comes in really handy. We've had hardware failures where I simply setup a new pfSense box and copied the configs over and was up and running in no time. I would highly recommend pfSense for small to medium size businesses, maybe even large but I have yet to test loads at such high scales. I also have not setup pfSense in a production environment with high load so I cannot comment on that part. Overall, I think pfSense is great! I also used pfSense in a VMware environment for test labs and that worked out great fulfilling all my needs as well!,Great Multi-Wan redundancy. Great control of ACLs Perfect for VPN connections,The tools that come with pfsense are great but I've seen better tools from home based routers like the ASUS routers. Wish we had more pretty graphs, traffic use by user or hostname, etc. The UI is good but seems a little outdated. The graphs and reporting looks more like cacti versus the look of something pretty like Kibana.,10,pfSense is free minus the hardware and support if you need it. ROI is pretty much instant.,,Cisco ASA, SonicWall TZ, Barracuda Web FilterIt's free - what's not to like!It's a firewall that will compete with any "enterprise" firewall solution and often kicks the paid-for competition into touch. The fact that it is community supported is a big advantage as it is always at the cutting edge of security and support. It's a firewall for technologists first but once installed even the non-technically minded can take advantage of an outstanding network security solution. The latest version of pfSense provides a much improved GUI that will appeal to the less technically minded but it still retains the same level of rich functionality.,Easy and quick to change firewall rules - no painful re-loads or reboots (!) like some firewall solutions VPN support is excellent and so fast as hardware acceleration is supported Large set of free add-on tools Multiple hardware platforms supported,Quality of service and traffic shaping setup could be better but the answers are usually on the pfSense forums if you look Non-technically minded will lose patience but it's designed to be a fully-fledged firewall so it's not surprising,9,It's free It doesn't go wrong,,Ubuntu OpenStack, Visual Studio Test Professional, Microsoft SQL ServerpfSense - A Great Choice for Network SecuritypfSense is used as a security appliance for numerous applications and addresses the problems it was designed to address. (Providing specifics relating to the implementation of security in a public forum is a really bad idea. Asking people to disclose details relating to the deployment of security devices on the network is a really bad idea.),It secures things! It blocks bad things. It is easy to configure.,Nothing really. The developers fix thing pretty quickly. They might want to run some vulnerability scanners against a device and fix those minor issues.,9,No impact really. Being open source, you can deploy on commodity hardware so it is very cost-effective.,Cisco ASA
Unspecified
pfSense
31 Ratings
Score 8.9 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

pfSense Reviews

pfSense
31 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.9 out of 101

Do you work for this company? Manage this listing

Show Filters 
Hide Filters 
Filter 31 vetted pfSense reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role

Reviews (1-14 of 14)

Do you use this product? Write a Review
Allan Leung profile photo
April 02, 2019

pfSense Review from an SME IT manager

Score 8 out of 10
Vetted Review
Verified User
Review Source
We use pfSense across several countries office such as Hong Kong, Singapore, Shanghai & Beijing and served over 150 staff. We use pfSense to build site-to-site VPN to link up our office network. pfSense is quite stable and easy to manage that is very important because our IT teams are small. Handled over 4 years, pfSense has not given me any big issue so I will recommend it to my friends.
  • Easy to use. Good user interface design! Easy to understand and easy to set up.
  • Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.
  • Need to assign WAN, LAN interface in "text" console but not in web interface when you first install in a new network.
  • I need to configure everything and send a pfSense device to my colleague in other countries, they are not IT professionals so they have difficulty assigning interfaces when they first boot.
For fast-growing or SME companies, pfSense is quite suitable because pfSense already had many advanced features such as VPN and multiple WAN / LAN. As a result, we just need to pay for expensive router frequently to upgrade our infrastructure.
Read Allan Leung's full review
Charles R. Coggins III profile photo
February 22, 2019

pfSense - The Firewall for Everyone!

Score 10 out of 10
Vetted Review
Verified User
Review Source
The company I currently work for uses pfSense mainly for load balancing and also as a firewall. We have a lot of cloud customers and this software comes in real handy to ensure that if one of our services go down our customers will not experience any outages as pfSense will automatically make our second connection the primary one. I am currently just getting into the system administrator role and I am working under our current sysadmin who is going into development so I have been trying to learn a lot of this software on the fly.

One of the coolest features of pfSense for someone like me who is learning on the fly is the fact it has a GUI version as well as the CLI version. So you can manage your pfSense instances very easily by using drop-down menus.

I can see this being really useful for small to medium size businesses. The software is very scalable and very flexible. It is also open source so there is not a bunch of licenses to purchase. There are a bunch of addon/packages you can install to add features and they also have "commercial" packages which do cost money but can add features some of the really expensive solutions have.

The support for pfSense is pretty great too - they have a huge online manual you can look things up in and the forums/community support is incredible. I had a question a long while back and I remember having an answer just a couple of hours after I asked it. pfSense runs on FreeBSD - The install was straight forward and once it was installed it is really easy to set up so you don't need to know a bunch of commands. The interface is pretty much "press: 1 to set this up."

I would highly recommend giving this software a try even for personal use. I have been considering trying to make a pfSense based router for my own home use.
  • pfSense is an excellent firewall - It logs all of your traffic. It has packages you can install to snort bad traffic.
  • pfSense has a tool called "p0f" which allows you to see what type of OS is trying to connect to you. You can filter these results and you can also block a specific OS from connecting to you.
  • pfSense is an excellent load-balancer: (Multi-WAN and Server Load Balancing) The fail-over/aggregation works very well. This is perfect if your business uses multiple ISP's to ensure your customers are always able to access their data. Also helps with bandwidth distribution as well.
  • VPN's - I am not entirely sure if this package was free with pfSense, but it does offer the ability to use OpenVPN which is what I am familiar with.
  • They also have IPsec in the settings as well, but I am not familiar with that enough to go into any detail with it.
  • As I mentioned I do use OpenVPN the only thing I don't care for with it is I can create OpenVPN configs for each user I want to be able to VPN into the network and I assumed each one would be "unique" but this does not seem to be the case. I could be doing it wrong, but if I create a config for a specific employee I would expect only that employee should be able to use that config, but I have been able to login to everyone that I made using my credentials.
  • I mentioned earlier that pfSense had a GUI.
  • I personally really think it is cool because it has a bunch of reporting graphs for monitoring your networks. I think when I become the full-time admin at the company I am going to try to talk them into getting me a TV I can mount on the wall and display all the graphs and real-time info pfSense shows so I can monitor what is going on with the network(s) at all times. Plus I think it would look rad.
  • I did kind of mention a Con in the Pro section with OpenVPN.
  • When I create a config for an employee other employees are able to login to that config.
  • I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong.
  • I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing.
  • I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.
pfSense is perfect for small-medium businesses (IMO). I also believe it would be a great tool for a home user/IT enthusiast who wants a great high-end firewall solution or someone who just wants to learn, but does not want to buy a bunch of hardware or licenses.

I installed pfSense on my Hyper-V with 5GB of space and 2GB of RAM.

I personally think pfSense is flexible enough for a large business and can probably do most things Cisco hardware and software can do, but I guess depending on how big you are you are probably looking for something more "known" like Cisco so if something goes wrong you can throw someone under the bus lol!

pfSense is open source and your support comes from a community of people who use the software where with Cisco if something goes wrong you are contacting another large business.
Read Charles R. Coggins III's full review
Christian Shaheen profile photo
May 28, 2019

pfSense - A great middle of the road solution

Score 8 out of 10
Vetted Review
Verified User
Review Source
pfSense is currently the backbone of our company's network. We have five of them deployed handling VPN and routing. One is on a Dell R210II in the office handling the inter-vlan 10Gbps routing and 3 WAN failover. The second is a Hyper-V VM in our colo facility handling the NATing and forwarding there. The third is a Lenovo SFF PC in an office far away that we can selectively route through for geo purposes. The forth is a VM in a datacenter, again, just to selectively route out. The fifth is acting as a VPN server for the other four to connect to and route between each other as well as for clients outside the office to connect to.
  • OpenVPN
  • Inter-Vlan Routing
  • Firewalling
  • CLI Commands
  • Hardware Support
pfSense is great for companies with medium budgets and advanced networking needs. It is very versatile and can be installed on any x86 platform with as little as 16GB of disk and 1GB of RAM. This makes it great for applications such as hosted environments where you only have VMs. It also supports many kinds of hardware so it can be spun up in a hurry without specific hardware.
Read Christian Shaheen's full review
Jay Moore profile photo
March 07, 2019

pfSense is rock solid

Score 10 out of 10
Vetted Review
Verified User
Review Source
pfSense is used as our firewall, VPN server, DNS forwarder, and NTP server. We also have two other pfSense devices installed at remote locations to provide VPN connections to our headquarters.
  • Great firewall. It has all the capabilities of very expensive firewalls. I have never had to restart the device in 10 years due to an issue.
  • DHCP always works without any issues.
  • OpenVPN has been rock solid, I like that OpenVPN has clients for all Linux, Mac and MS Windows.
  • Reporting
  • Viewing log files
Great for small to midsize businesses that need a rock solid platform.
Read Jay Moore's full review
No photo available
March 30, 2019

Very competitive reliable solution

Score 10 out of 10
Vetted Review
Verified User
Review Source
I used PfSense mainly as a firewall and an OpenVPN solution company-wide. It's very easy to manage and has a lot of features. I've also used Pfsense to load balance multiple internet connections as well as segregate multiple VLAN networks. It's been very reliable and is a great system overall.
  • OpenVPN solution: straight forward and very easy to manage. It's easy to setup clients through the OpenVPN export wizard.
  • Load Balancing Internet Connections: I was able to use a single pfSense machine to load balance two internet connections. Basically, if one connection is losing too many packets or drops out, all internet traffic is automatically routed through the other internet service gateway. Users didn't even notice whenever there were internet outages.
  • Sometimes when there was an internet outage pfsense would start running really slow. I'm assuming because all the clients trying to access the internet creates a load. There should probably be a timeout feature where all traffic pauses and stops trying to access the internet if the internet is obviously down. The simple fix for this is to just disconnect the switch with all clients.
  • There are numerous packages that try to act as middle-man web traffic filters. They are a little complex and don't always work. This pfsense isn't to blame but it just might be nice to see a more standardized solution that's easy to set up.
Works great as a VPN solution and a firewall. Does not work well in a virtual environment. PfSense needs to be a dedicated physical box.
Read this authenticated review
Aaron Smith profile photo
November 30, 2018

pfSense offers an all in one network appliance that saves time and money!

Score 10 out of 10
Vetted Review
Verified User
Review Source
We use pfSense as our primary firewalls on two fiber connections into our organization. We also utilize pfSense for load balancing and fail over of incoming requests for our software and service hosting.

We needed something easy to setup and manage on a day to day basis that didn't come with expensive fees or recurring costs to reduce our financial exposure. As time marches on, we've definitely made the best choice in choosing pfSense as it fits our needs extremely well.
  • Easily configure firewall rules through a well thought out web interface.
  • Easy to configure VPN setups and if using OpenVPN, easy to deploy client setups.
  • Many additional packages and features can be installed on the fly, including things like OpenBGPD, freeradius3, and lightsquid.
  • Load Balancing and connection proxies built in and the ability to HAProxy easily.
  • Backup and restore in minutes, not hours. A online (free) service is also offered to backup each and every change made to their cloud.
  • There is no API for making changes. This can be a hindrance in environments where auto-deploying something needs firewall rules or HAProxy configs updated. Since all settings are stored in an XML file and then configs are generated from that, even manually updating config files cannot be done.
  • Beware that some network cards can have issues. pfSense is based on FreeBSD, so it's best to look on their compatibility list before deploying.
pfSense is well suited for many environments as a primary firewall, VPN server, and proxy server. For small to medium offices, it offers dead simple configuration and management. Large corporate environments may look to other big name providers, however pfSense can easily compete with those in performance and reliability. Hardware devices can also be purchased making pfSense an all-in-one solution for even the largest of environments.

pfSense is less well suited for home or home-office environments as it's a little over kill and with high bandwidth home connections, a larger device will be needed for throughput.
Read Aaron Smith's full review
Roger Mialkowski profile photo
December 22, 2018

pfSense firewall/router is a lightweight and supported alternative to hardware-based options.

Score 9 out of 10
Vetted Review
Verified User
Review Source
pfSense is being used as the primary edge firewall for the internet connection. As many hardware-based firewalls/routers do not receive timely security updates, it was time to implement something with more granular control over updates and patches. pfSense has exceeded expectations in terms of flexibility. We are also using the Snort add-on to perform IDS/IPS functionality.
  • Since it is based on FreeBSD, rock-solid stability is a given. Platform hardware requirements were quite modest.
  • The firewall and NAT configuration was straightforward and works well.
  • A good amount of add-ons permit the administrator to extend functionality to meet the needs and requirements of the organization.
  • Perhaps there can be more wizards put in for simpler turn-key configurations.
  • Would be a good bonus to have disk mirroring for the main volume to prevent unexpected downtime due to disk failures. I'm currently using as SSD so that should help avoid any mechanical breakdowns.
  • Include more choices for remote access VPN configurations.
pfSense is perfectly suited for small businesses as a firewall/router. Their hardware product line can scale with business size while the downloadable ISO can be installed directly on low-power devices. Many small businesses would be on DHCP for their internet connection so the built-in Dynamic DNS feature can keep track of the current IP address for easy access by remote/field workers.
Read Roger Mialkowski's full review
Victor Arana profile photo
February 07, 2018

PfSense decent Open Source Firewall to reduce costs!

Score 9 out of 10
Vetted Review
Verified User
Review Source
Pfsense is our layer 2 software firewall that allows us a better control over the overrides for the internet navigation; give us an accurate integration with a ton of plugins you can build your on appliance using a decent desktop; to manage with ease two ISPs, make the load balancing, set the VPN for your external users, reduce the downtime's, backup your config, and restore it in matter of seconds. Pfsense work together with the IPS sensor from the basic to the hard case. It's a 10 in our organization.
  • Open Source (free). Pay only for support.
  • Plugins are the crown of the product.
  • An extensive dashboard gives you all that you need to have on the first look.
  • Traffic graphics are wonderful.
  • You can't integrate modem functionality into a pFSense box.
  • I don't want to go completely open source if downtime is a risk factor that could lose more income that supported products would cost.
  • Can be an expensive configuration if you choose to build your own pFsense box for several ISP.
  • For non expertise users is a pain in the neck to manage the web GUI.
Pfsense will perfectly fit in to branch offices, mid size companies and will fulfill all the goals to merge all the ISP and have a less exposed web navigation. For those companies that need load balancing, VPN connections with less effort and reducing the cost of licenses Pfsense lets you control the traffic with accurate insight.
Read Victor Arana's full review
germary zambrano profile photo
February 13, 2018

iron firewall for your services

Score 9 out of 10
Vetted Review
Verified User
Review Source
In my company we also manage a network of large numbers of users who need a stable server on which they can count at the time of sending a request. This software has helped me to have a Network Address Translation with which I get security in my sub network such that at the time of an attack, it can not reach our servers. It also has helped me to be able to place some services on the network through the property of the server DNS. It also offers the VPN connection so that I can connect from anywhere to check how my services are on the network
  • stable vpn connection through your web application and easy to use
  • load balancer that allows me to distribute the bandwidth to the ip that I need with more power at the request of the user and less power to users who have fewer requirements
  • dns server that allows me to give a domain name to several applications that I have hosted in my network so that it has a connection from the outside and can be seen by the user
  • they should improve in creating more manuals of procedures or processes that can be done with this systems since the documentation obtained from this system is small, which makes it difficult to use 100 percent of this system
The scenarios where this software can be used are where companies have a large number of users in the network, to create reliable network structures for services. It's also well suited in companies that create applications or systems that have to launch them to the internet and this system can be managed DNS server to be assigned to these applications.
In short, this system is very complete and can be used in large, medium or small companies. It is only necessary to have a vision of what is required and this software will cover your needs.
Read germary zambrano's full review
Jim Rubenstein profile photo
September 12, 2017

Robust, configurable, feature-rich, and RELIABLE network infrastructure at the perfect price.

Score 10 out of 10
Vetted Review
Verified User
Review Source
We are a small business, so we use pfSense to manage our office network.

I support ~15 network users, which represent something more like 30-40 devices (after notebooks, mobile phones, tablets, etc are accounted for).

pfSense is used as the primary router to our internet connection, as well as our VPN connect endpoint, local DNS resolution, and internet connection failover. Having all of these services bundled in one powerful, well supported, and robust software configuration platform saves a ton of time and makes managing our internal office network very easy.
  • Point and click configuration for nearly any network infrastructure service you could need
  • Centralized configuration, with documentation, of all firewall rules, dhcp lease rules, vlan routes, etc
  • Fast security updates when vulnerabilities (and patches) are found in any of the software that pfSense uses out of the box
  • Super simple to deploy
  • Light-weight, doesn't need a high end system to run
  • Some services can be clunky to configure if you're not 100% familiar with the technology
  • Service configuration is bound to the pfSense interface, so if the UI doesn't expose configuration for a feature you need (and the service supports it), it's a significant challenge to configure the service outside of the pfSense system. (Note: this has rarely been an issue for us, once or twice in the entire time we've used the software)
pfSense is great for us, in a small business environment. It offers all the features and capabilities that we need, at the right price.

I'm not sure how pfSense would fare in a larger network environment (multiple hundreds - thousands of users) as I've never supported a network with that many users.

For small - medium sized businesses, with a part time network administrator available, pfSense is perfect.
Read Jim Rubenstein's full review
Paolo Daniele profile photo
May 01, 2017

PfSense: A powerful tool in your hand

Score 10 out of 10
Vetted Review
Verified User
Review Source
Pfsense is used in our whole organization. Our main firewall has been made by using Pfsense. Recently we've bought two appliances with pfsense preinstalled. Pfsense is crucial for our enviroment because we're a small company so we cannot buy expensive firewall. After some research and local tests, we've decided to use pfsense.
  • Web User Interface: With new web UI, based on Bootstrap framework, you can control your Pfsense from everywhere.
  • Scalable: It's an all-in-one solution useful for every kind of company. It's also very easy to set up rules and NAT, and it has several modules like transparent proxy, VPN, and traffic shaping.
  • Community: There's a large community behind Pfsense so you can find a lot of documentation, tutorials, and howtos and also support from the official forum.
  • Virtualization: We use virtualization on our systems based on KVM enviroment so they could improve Virtualization integration.
  • Export/Import: You cannot import/export all of pfsense modules configuration. And also sometimes pfsense export/import creates conflicts with s Mac address.
Great scenario is to use pfsense as a router to protect your network from unwanted access. It is possible to integrate some modules like pfBlocker to deny/allow inbound from specific country or to prevent some spam from an IP address in public spam list databases.
It's useful in a SOHO infrastructure but for a very large company with a high constant bandwidth traffic, there are more powerful tools.
Read Paolo Daniele's full review
Rikia Kosaka profile photo
July 27, 2016

pfSense - Review

Score 10 out of 10
Vetted Review
Verified User
Review Source
I first learned of PFSense when searching for custom routers. Started from DD-WRT among other products such as zeroshell and pfSense. Some requirements were Dual WAN redundancy, failover and load balancing. In my particular experience I have setup/migrated pfSense in a Dual WAN redundant setup. pfSense was perfect as you can scrape up any old computer with 3 NICS (WAN1, OPT1, LAN). The setup is rather easy. If you are familiar with the setup of Linux, it should be a breeze. You setup a bootable USB stick and boot to USB and install pfSense. The initial setup of the NICs is also easy but you do need some networking experience. Once you get the initial setup completed and connected to the Web UI, you can pretty much go through each option and set to your needs.

pfSense supports Multiwan, load balancing both at the WAN level and load distributing level, VPN (IPSEC, OPENVPN), among many other features. I have a client who is using pfSense with Multi-Wan, three separate ipsec tunnels (Datacenter to HQ, HQ to Azure, HQ to another cloud provider). We have basic ACLs rules in place and host a number of servers behind the pfSense. We do not use the load balancing as pfSense is used in Headquarters where we do not host many services that require load balancing behind the router. In anycase for an office it works out well as my client has intermittent ISP issues so the mult-wan comes in really handy.

We've had hardware failures where I simply setup a new pfSense box and copied the configs over and was up and running in no time.

I would highly recommend pfSense for small to medium size businesses, maybe even large but I have yet to test loads at such high scales. I also have not setup pfSense in a production environment with high load so I cannot comment on that part. Overall, I think pfSense is great! I also used pfSense in a VMware environment for test labs and that worked out great fulfilling all my needs as well!
  • Great Multi-Wan redundancy.
  • Great control of ACLs
  • Perfect for VPN connections
  • The tools that come with pfsense are great but I've seen better tools from home based routers like the ASUS routers. Wish we had more pretty graphs, traffic use by user or hostname, etc.
  • The UI is good but seems a little outdated. The graphs and reporting looks more like cacti versus the look of something pretty like Kibana.
I would totally be fine with putting pfSense in an operations/office space. I would be hesitant to put pfSense in a production environment. Likely reasoning being hardware, however I've seen many new pfSense hardware coming out in the recent days though I have yet to use them.
Read Rikia Kosaka's full review
Richard Kiernan profile photo
May 09, 2016

It's free - what's not to like!

Score 9 out of 10
Vetted Review
Verified User
Review Source
It's a firewall that will compete with any "enterprise" firewall solution and often kicks the paid-for competition into touch. The fact that it is community supported is a big advantage as it is always at the cutting edge of security and support. It's a firewall for technologists first but once installed even the non-technically minded can take advantage of an outstanding network security solution. The latest version of pfSense provides a much improved GUI that will appeal to the less technically minded but it still retains the same level of rich functionality.
  • Easy and quick to change firewall rules - no painful re-loads or reboots (!) like some firewall solutions
  • VPN support is excellent and so fast as hardware acceleration is supported
  • Large set of free add-on tools
  • Multiple hardware platforms supported
  • Quality of service and traffic shaping setup could be better but the answers are usually on the pfSense forums if you look
  • Non-technically minded will lose patience but it's designed to be a fully-fledged firewall so it's not surprising
pfSense may be deemed too risky an investment for larger organisations as their perceptions that they need to purchase an "enterprise appliance" will carry more gravitas with a CTO or IT head but it's important that potential users understand that most firewall solutions are built off the same Unix derived core code and as such you're paying over the odds for the name not better technology.
Read Richard Kiernan's full review
Jim Nitterauer profile photo
July 27, 2016

pfSense - A Great Choice for Network Security

Score 9 out of 10
Vetted Review
Verified User
Review Source
pfSense is used as a security appliance for numerous applications and addresses the problems it was designed to address. (Providing specifics relating to the implementation of security in a public forum is a really bad idea. Asking people to disclose details relating to the deployment of security devices on the network is a really bad idea.)
  • It secures things!
  • It blocks bad things.
  • It is easy to configure.
  • Nothing really. The developers fix thing pretty quickly. They might want to run some vulnerability scanners against a device and fix those minor issues.
It's a great feature rich solution for securing networks.
Read Jim Nitterauer's full review

pfSense Scorecard Summary

Feature Scorecard Summary

Identification Technologies (1)
3
Visualization Tools (1)
6
Content Inspection (1)
8
Policy-based Controls (1)
7
Active Directory and LDAP (1)
4
Firewall Management Console (1)
8
Reporting and Logging (1)
6
VPN (1)
10
High Availability (1)
9
Stateful Inspection (1)
9
Proxy Server (1)
9

About pfSense

pfSense is an open-source firewall and load management product. It provides combined firewall, VPN, and router functionality. It can be deployed through the cloud (AWS or Azure), or on-premises via Netgate. It as scalable capacities, with functionality for SMBs.

As a firewall, pfSense offers Stateful packet inspection, concurrent IPv4 and IPv6 support, and intrusion prevention. Within its VPN capabilities, it provides SSL encryption, automatic or custom routing, and multiple tunneling options. pfSense also supports optional clustering and load-balancing, along with proxying and content filtering services. The product can also monitor and report on network traffic.

Categories:  Firewall

pfSense Technical Details

Operating Systems: Unspecified
Mobile Application:No