pfSense
pfSense is used to route internal development networks, either tagged or untagged, manage the ACLs between those networks, and forward …
Starting at $179 per appliance
View PricingOverview
What is pfSense?
pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and…
Recent Reviews
Popular Features
- VPN (11)10.0100%
- Policy-based Controls (11)10.0100%
- Reporting and Logging (11)8.080%
- Content Inspection (11)4.040%
Reviewer Pros & Cons
Video Reviews
2 videos
pfSense Review: With Over 10 Years of Service, pfSense Proves To Be A Reliable Firewall For Business
02:15
User Benefits From Open Source Nature of pfSense When Limitations Are Solved By Others: User Review
03:33
Pricing
SG-1100
$179
On Premise
per appliance
SG-2100
$229
On Premise
per appliance
SG-3100
$399
On Premise
per appliance
Entry-level set up fee?
- No setup fee
For the latest information on pricing, visithttps://www.netgate.com/pricing-pfsense…
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Product Demos
PFSense 2.4.4 with LCDproc on Broadband9 Firewall appliance! Tested with 100Mbit leased line
YouTube
Introduction of PFSense Open Source Firewall and Router
YouTube
pfSense installation and setup demo (VirtualBox)
YouTube
Building cloud firewall-router appliances for free: Installing Pfsense in Hyper-V
YouTube
pfSense Tutorial - How to enforce Google Safe Search using PfSense - Guide and Demo
YouTube
1. How to Install and Configure BGP in GNS3 using pfSense
YouTube
Features
Return to navigation
Product Details
- About
- Tech Details
What is pfSense?
pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and can be deployed through the cloud (AWS or Azure), or on-premises with a Netgate appliance. It as scalable capacities, with functionality for SMBs.
As a firewall, pfSense offers Stateful packet inspection, concurrent IPv4 and IPv6 support, and intrusion prevention. Within its VPN capabilities, it provides SSL encryption, automatic or custom routing, and multiple tunneling options. pfSense also supports optional clustering and load-balancing, along with proxying and content filtering services. The product can also monitor and report on network traffic.
pfSense Videos
Pfsense vs Ubiquiti - Which is better for you?
In this video, TrustRadius goes over the pricing, top features, and user sentiment of pfSense.
pfSense Technical Details
| Deployment Types | On-premise |
|---|---|
| Operating Systems | Windows |
| Mobile Application | No |
Comparisons
Compare with
Reviews and Ratings
(69)
Community Insights
TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!
- Business Problems Solved
- Pros
- Cons
- Recommendations
pfSense has proven to be a versatile and reliable network solution, addressing various use cases for organizations of different sizes and industries. Users have successfully managed multiple ISPs and performed load balancing, ensuring efficient internet connectivity and reducing downtime. The ability to quickly backup and restore configurations has been appreciated by customers, providing peace of mind and minimizing disruptions. The stability and ease of management have been particularly important for small IT teams, allowing them to efficiently handle network operations.
Many organizations rely on pfSense as their primary firewall, utilizing its features for load balancing, failover, and hosting software and services. The support for multi-WAN and load balancing at both the WAN and load distributing levels has been highly beneficial for users. pfSense has also been successfully used to establish multiple IPsec tunnels for site-to-site VPN connections, enabling secure communication between different locations.
The scalability, flexibility, and cost-effectiveness of pfSense have made it a great solution for small to medium-sized businesses. It can be easily customized and integrated into existing infrastructures, including the implementation of VLANs and time-based rules. The GUI and CLI versions of pfSense have streamlined management tasks, making it accessible to users with varying technical expertise.
Furthermore, the extensive online manual and community support have received praise from users, providing valuable resources for troubleshooting and guidance. The community-supported nature of pfSense ensures that it stays up-to-date with the latest security measures.
Overall, pfSense serves as a reliable network backbone, handling routing, VPN connections, security features, failover scenarios, and inter-VLAN routing. Its versatility eliminates the need for multiple servers in smaller environments while providing essential security functions. Users appreciate its basic security measures and routing features which make it a cost-effective solution for those with limited budgets. With its proven reliability and enterprise-grade features, pfSense continues to be a trusted choice for organizations seeking a powerful network solution.
Intuitive User Interface: Users have consistently praised the intuitive and user-friendly interface of pfSense. Many reviewers have expressed that the well-thought-out web interface makes it easy to configure firewall rules and set up VPNs, allowing them to perform tasks quickly and efficiently.
Informative Dashboard: The extensive dashboard of pfSense has received widespread praise from users. Reviewers have mentioned that the traffic graphics on the dashboard are wonderful and provide all the necessary information at a glance, making it easy to monitor network activity and performance.
Low Hardware Requirements: Users appreciate that pfSense can run smoothly even on older PCs or router devices with lower-end specifications. This is seen as a significant advantage by many reviewers as it allows them to implement pfSense without the need for expensive hardware upgrades.
Inconvenient integration with modems: Several users have expressed frustration that integrating modem functionality into pfSense is not possible, which can be inconvenient for those looking for a more comprehensive solution.
Challenging web GUI setup and management: Non-expert users may find it challenging to set up and manage the web GUI, particularly when it comes to assigning WAN and LAN interfaces.
Limited API and scripting capabilities: Some reviewers have highlighted the lack of an API for making changes in pfSense. This limitation can be a hindrance in environments where frequent updates to firewall rules or HAProxy configs are required.
Users have made several recommendations based on their experiences with pfSense. The most common recommendations are:
-
Users recommend reading the documentation and taking official training for pfSense. This suggestion highlights the importance of familiarizing oneself with the product and its features. By investing time in understanding the documentation and receiving official training, users can maximize their proficiency in network administration using pfSense.
-
Users suggest making the switch to pfSense and using reliable hardware. This recommendation emphasizes the benefits of utilizing pfSense as a comprehensive solution for routing and firewall requirements in network administration. By switching to pfSense and ensuring the use of reliable hardware, users can optimize their network resource management.
-
Users advise doing test builds and hardening before going live with pfSense. This recommendation underscores the importance of thorough testing and securing the system before implementing it in a live environment. By conducting test builds and hardening processes, users can identify potential issues or vulnerabilities, ensuring a smoother transition to pfSense.
These recommendations reflect user opinions on how to effectively utilize pfSense for routing and firewall requirements while optimizing network resource management.
Attribute Ratings
Reviews
(1-12 of 12)Companies can't remove reviews or game the system. Here's why
January 17, 2024
pfSense
pfSense is used to route internal development networks, either tagged or untagged, manage the ACLs between those networks, and forward specific protocols and ports from the outside to a DMZ. pfSense has been deployed in a HA configuration and IDS/IPS has also been set up by using snort. Snort is also used to prioritize some traffic over others.
- Filtering and NAT forwarding.
- Routing
- IDS/IPS
- IDS/IPS requires tuning and is sometimes too aggressive.
- Filtering acts only by specifying ips. Even if less performing and secure, allowing the user also to insert DNS names would be a nice option.
December 29, 2023
pfSense provides excellent routing and firewalling capabilities
Score 10 out of 10
Vetted Review
Verified User
We use pfSense both for ourselves and for our clients as a perimeter firewall and router. We've implemented it as a virtual machine, physical equipment, and in failover clusters. The deployments include everything from apartment complexes with between 1500-4500 devices to financial institutions, to businesses.
We've needed a solution that is easily managed, secure by default, and offers a wide enough feature set to handle unique requirements.
We've needed a solution that is easily managed, secure by default, and offers a wide enough feature set to handle unique requirements.
- Site to Site VPN
- VPN Client to Office connections
- Firewall
- Routing
- IDS Ease of use
- Layer 2 Filtering
- Multidevice management from one interface
pfSense is core to our network architecture, both for ourselves, and for our clients. Its robust appliance style architecture lends itself extremely well to all manner of edge firewall applications, whilst the x86 architecture means we can run it on just about anything from physical tin to virtual machines on a variety of hypervisors. It provides a solid feature set and its pluggable application architecture and a rich VPN server and client functionality means we are able to use it to create secure mesh networks across both the internet and private circuits to ensure our clients are always on, and always securely connected.
- Robust appliance that is easy to install, manage and update.
- XML-based configuration backup and restore lends itself well to automation and pre-built configurations.
- Open-source platform means the availability of a wide array of third-party packages providing integration with everything from monitoring servers to backup.
- First releases are often buggy. For example, 2.5.0 broke fundamental routing features in some environments.
- Lack of API for automated configuration.
- Lack of CLI for scripting and automation purposes.
We use pfSense on our campus as our primary firewall/internet gateway as well as DNS, DHCP, time, and VPN server/gateway. It also handles internal routing across our VLANs. The versatility/feature set is helpful as it avoids the need for running multiple other servers for a small-business environment.
- OpenVPN is very easy to set up and administer.
- The web UI makes it very easy to configure.
- The feature set is broad and powerful.
- No official central management system (cloud or otherwise).
- Support for WireGuard VPN is limited.
May 28, 2019
pfSense - A great middle of the road solution
pfSense is currently the backbone of our company's network. We have five of them deployed handling VPN and routing. One is on a Dell R210II in the office handling the inter-vlan 10Gbps routing and 3 WAN failover. The second is a Hyper-V VM in our colo facility handling the NATing and forwarding there. The third is a Lenovo SFF PC in an office far away that we can selectively route through for geo purposes. The forth is a VM in a datacenter, again, just to selectively route out. The fifth is acting as a VPN server for the other four to connect to and route between each other as well as for clients outside the office to connect to.
- OpenVPN
- Inter-Vlan Routing
- Firewalling
- CLI Commands
- Hardware Support
April 02, 2019
pfSense Review from an SME IT manager
We use pfSense across several countries office such as Hong Kong, Singapore, Shanghai & Beijing and served over 150 staff. We use pfSense to build site-to-site VPN to link up our office network. pfSense is quite stable and easy to manage that is very important because our IT teams are small. Handled over 4 years, pfSense has not given me any big issue so I will recommend it to my friends.
- Easy to use. Good user interface design! Easy to understand and easy to set up.
- Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.
- Need to assign WAN, LAN interface in "text" console but not in web interface when you first install in a new network.
- I need to configure everything and send a pfSense device to my colleague in other countries, they are not IT professionals so they have difficulty assigning interfaces when they first boot.
March 30, 2019
Very competitive reliable solution
I used PfSense mainly as a firewall and an OpenVPN solution company-wide. It's very easy to manage and has a lot of features. I've also used Pfsense to load balance multiple internet connections as well as segregate multiple VLAN networks. It's been very reliable and is a great system overall.
- OpenVPN solution: straight forward and very easy to manage. It's easy to setup clients through the OpenVPN export wizard.
- Load Balancing Internet Connections: I was able to use a single pfSense machine to load balance two internet connections. Basically, if one connection is losing too many packets or drops out, all internet traffic is automatically routed through the other internet service gateway. Users didn't even notice whenever there were internet outages.
- Sometimes when there was an internet outage pfsense would start running really slow. I'm assuming because all the clients trying to access the internet creates a load. There should probably be a timeout feature where all traffic pauses and stops trying to access the internet if the internet is obviously down. The simple fix for this is to just disconnect the switch with all clients.
- There are numerous packages that try to act as middle-man web traffic filters. They are a little complex and don't always work. This pfsense isn't to blame but it just might be nice to see a more standardized solution that's easy to set up.
February 23, 2019
pfSense - The Firewall for Everyone!
The company I currently work for uses pfSense mainly for load balancing and also as a firewall. We have a lot of cloud customers and this software comes in real handy to ensure that if one of our services go down our customers will not experience any outages as pfSense will automatically make our second connection the primary one. I am currently just getting into the system administrator role and I am working under our current sysadmin who is going into development so I have been trying to learn a lot of this software on the fly.
One of the coolest features of pfSense for someone like me who is learning on the fly is the fact it has a GUI version as well as the CLI version. So you can manage your pfSense instances very easily by using drop-down menus.
I can see this being really useful for small to medium size businesses. The software is very scalable and very flexible. It is also open source so there is not a bunch of licenses to purchase. There are a bunch of addon/packages you can install to add features and they also have "commercial" packages which do cost money but can add features some of the really expensive solutions have.
The support for pfSense is pretty great too - they have a huge online manual you can look things up in and the forums/community support is incredible. I had a question a long while back and I remember having an answer just a couple of hours after I asked it. pfSense runs on FreeBSD - The install was straight forward and once it was installed it is really easy to set up so you don't need to know a bunch of commands. The interface is pretty much "press: 1 to set this up."
I would highly recommend giving this software a try even for personal use. I have been considering trying to make a pfSense based router for my own home use.
One of the coolest features of pfSense for someone like me who is learning on the fly is the fact it has a GUI version as well as the CLI version. So you can manage your pfSense instances very easily by using drop-down menus.
I can see this being really useful for small to medium size businesses. The software is very scalable and very flexible. It is also open source so there is not a bunch of licenses to purchase. There are a bunch of addon/packages you can install to add features and they also have "commercial" packages which do cost money but can add features some of the really expensive solutions have.
The support for pfSense is pretty great too - they have a huge online manual you can look things up in and the forums/community support is incredible. I had a question a long while back and I remember having an answer just a couple of hours after I asked it. pfSense runs on FreeBSD - The install was straight forward and once it was installed it is really easy to set up so you don't need to know a bunch of commands. The interface is pretty much "press: 1 to set this up."
I would highly recommend giving this software a try even for personal use. I have been considering trying to make a pfSense based router for my own home use.
- pfSense is an excellent firewall - It logs all of your traffic. It has packages you can install to snort bad traffic.
- pfSense has a tool called "p0f" which allows you to see what type of OS is trying to connect to you. You can filter these results and you can also block a specific OS from connecting to you.
- pfSense is an excellent load-balancer: (Multi-WAN and Server Load Balancing) The fail-over/aggregation works very well. This is perfect if your business uses multiple ISP's to ensure your customers are always able to access their data. Also helps with bandwidth distribution as well.
- VPN's - I am not entirely sure if this package was free with pfSense, but it does offer the ability to use OpenVPN which is what I am familiar with.
- They also have IPsec in the settings as well, but I am not familiar with that enough to go into any detail with it.
- As I mentioned I do use OpenVPN the only thing I don't care for with it is I can create OpenVPN configs for each user I want to be able to VPN into the network and I assumed each one would be "unique" but this does not seem to be the case. I could be doing it wrong, but if I create a config for a specific employee I would expect only that employee should be able to use that config, but I have been able to login to everyone that I made using my credentials.
- I mentioned earlier that pfSense had a GUI.
- I personally really think it is cool because it has a bunch of reporting graphs for monitoring your networks. I think when I become the full-time admin at the company I am going to try to talk them into getting me a TV I can mount on the wall and display all the graphs and real-time info pfSense shows so I can monitor what is going on with the network(s) at all times. Plus I think it would look rad.
- I did kind of mention a Con in the Pro section with OpenVPN.
- When I create a config for an employee other employees are able to login to that config.
- I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong.
- I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing.
- I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.
February 07, 2018
PfSense decent Open Source Firewall to reduce costs!
Pfsense is our layer 2 software firewall that allows us a better control over the overrides for the internet navigation; give us an accurate integration with a ton of plugins you can build your on appliance using a decent desktop; to manage with ease two ISPs, make the load balancing, set the VPN for your external users, reduce the downtime's, backup your config, and restore it in matter of seconds. Pfsense work together with the IPS sensor from the basic to the hard case. It's a 10 in our organization.
- Open Source (free). Pay only for support.
- Plugins are the crown of the product.
- An extensive dashboard gives you all that you need to have on the first look.
- Traffic graphics are wonderful.
- You can't integrate modem functionality into a pFSense box.
- I don't want to go completely open source if downtime is a risk factor that could lose more income that supported products would cost.
- Can be an expensive configuration if you choose to build your own pFsense box for several ISP.
- For non expertise users is a pain in the neck to manage the web GUI.
May 01, 2017
PfSense: A powerful tool in your hand
Pfsense is used in our whole organization. Our main firewall has been made by using Pfsense. Recently we've bought two appliances with pfsense preinstalled. Pfsense is crucial for our enviroment because we're a small company so we cannot buy expensive firewall. After some research and local tests, we've decided to use pfsense.
- Web User Interface: With new web UI, based on Bootstrap framework, you can control your Pfsense from everywhere.
- Scalable: It's an all-in-one solution useful for every kind of company. It's also very easy to set up rules and NAT, and it has several modules like transparent proxy, VPN, and traffic shaping.
- Community: There's a large community behind Pfsense so you can find a lot of documentation, tutorials, and howtos and also support from the official forum.
- Virtualization: We use virtualization on our systems based on KVM enviroment so they could improve Virtualization integration.
- Export/Import: You cannot import/export all of pfsense modules configuration. And also sometimes pfsense export/import creates conflicts with s Mac address.
July 27, 2016
pfSense - Review
I first learned of PFSense when searching for custom routers. Started from DD-WRT among other products such as zeroshell and pfSense. Some requirements were Dual WAN redundancy, failover and load balancing. In my particular experience I have setup/migrated pfSense in a Dual WAN redundant setup. pfSense was perfect as you can scrape up any old computer with 3 NICS (WAN1, OPT1, LAN). The setup is rather easy. If you are familiar with the setup of Linux, it should be a breeze. You setup a bootable USB stick and boot to USB and install pfSense. The initial setup of the NICs is also easy but you do need some networking experience. Once you get the initial setup completed and connected to the Web UI, you can pretty much go through each option and set to your needs.
pfSense supports Multiwan, load balancing both at the WAN level and load distributing level, VPN (IPSEC, OPENVPN), among many other features. I have a client who is using pfSense with Multi-Wan, three separate ipsec tunnels (Datacenter to HQ, HQ to Azure, HQ to another cloud provider). We have basic ACLs rules in place and host a number of servers behind the pfSense. We do not use the load balancing as pfSense is used in Headquarters where we do not host many services that require load balancing behind the router. In anycase for an office it works out well as my client has intermittent ISP issues so the mult-wan comes in really handy.
We've had hardware failures where I simply setup a new pfSense box and copied the configs over and was up and running in no time.
I would highly recommend pfSense for small to medium size businesses, maybe even large but I have yet to test loads at such high scales. I also have not setup pfSense in a production environment with high load so I cannot comment on that part. Overall, I think pfSense is great! I also used pfSense in a VMware environment for test labs and that worked out great fulfilling all my needs as well!
pfSense supports Multiwan, load balancing both at the WAN level and load distributing level, VPN (IPSEC, OPENVPN), among many other features. I have a client who is using pfSense with Multi-Wan, three separate ipsec tunnels (Datacenter to HQ, HQ to Azure, HQ to another cloud provider). We have basic ACLs rules in place and host a number of servers behind the pfSense. We do not use the load balancing as pfSense is used in Headquarters where we do not host many services that require load balancing behind the router. In anycase for an office it works out well as my client has intermittent ISP issues so the mult-wan comes in really handy.
We've had hardware failures where I simply setup a new pfSense box and copied the configs over and was up and running in no time.
I would highly recommend pfSense for small to medium size businesses, maybe even large but I have yet to test loads at such high scales. I also have not setup pfSense in a production environment with high load so I cannot comment on that part. Overall, I think pfSense is great! I also used pfSense in a VMware environment for test labs and that worked out great fulfilling all my needs as well!
- Great Multi-Wan redundancy.
- Great control of ACLs
- Perfect for VPN connections
- The tools that come with pfsense are great but I've seen better tools from home based routers like the ASUS routers. Wish we had more pretty graphs, traffic use by user or hostname, etc.
- The UI is good but seems a little outdated. The graphs and reporting looks more like cacti versus the look of something pretty like Kibana.
May 09, 2016
It's free - what's not to like!
Score 9 out of 10
Vetted Review
Verified User
It's a firewall that will compete with any "enterprise" firewall solution and often kicks the paid-for competition into touch. The fact that it is community supported is a big advantage as it is always at the cutting edge of security and support. It's a firewall for technologists first but once installed even the non-technically minded can take advantage of an outstanding network security solution. The latest version of pfSense provides a much improved GUI that will appeal to the less technically minded but it still retains the same level of rich functionality.
- Easy and quick to change firewall rules - no painful re-loads or reboots (!) like some firewall solutions
- VPN support is excellent and so fast as hardware acceleration is supported
- Large set of free add-on tools
- Multiple hardware platforms supported
- Quality of service and traffic shaping setup could be better but the answers are usually on the pfSense forums if you look
- Non-technically minded will lose patience but it's designed to be a fully-fledged firewall so it's not surprising