pfSense: The best of all worlds, community and enterprise supported
May 12, 2021

pfSense: The best of all worlds, community and enterprise supported

James Freeman | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Software Version

pfSense Community Edition (open source)

Modules Used

  • SG-5100

Overall Satisfaction with pfSense

pfSense is core to our network architecture, both for ourselves, and for our clients. Its robust appliance style architecture lends itself extremely well to all manner of edge firewall applications, whilst the x86 architecture means we can run it on just about anything from physical tin to virtual machines on a variety of hypervisors. It provides a solid feature set and its pluggable application architecture and a rich VPN server and client functionality means we are able to use it to create secure mesh networks across both the internet and private circuits to ensure our clients are always on, and always securely connected.
  • Robust appliance that is easy to install, manage and update.
  • XML-based configuration backup and restore lends itself well to automation and pre-built configurations.
  • Open-source platform means the availability of a wide array of third-party packages providing integration with everything from monitoring servers to backup.
  • First releases are often buggy. For example, 2.5.0 broke fundamental routing features in some environments.
  • Lack of API for automated configuration.
  • Lack of CLI for scripting and automation purposes.
  • The option to use pfSense community edition or the paid support option means viable options for all customer types and low-cost lab/test environments.
  • pfSense is inherently reliable and so is an easy sell helping produce positive ROI.
  • XML-based configuration lends itself to pre-built configurations and thus faster roll-out and lower time to ROI.
pfSense is just a more flexible, lower-cost solution—it can be installed (if you wish) on just about any x86 hardware or even virtual machines - the community edition is free and so enables rapid prototyping and low-cost prototyping and lab build out—something that isn't possible with other higher priced commercial solutions. It keeps our network secure and supports two popular IDS solutions as well and known bad address blocking and management. The availability of ready-built appliances and an enterprise-supported version means the best of both worlds —enterprise-grade when you want it, and free community supported when budgets require it.

Do you think pfSense delivers good value for the price?

Yes

Are you happy with pfSense's feature set?

Yes

Did pfSense live up to sales and marketing promises?

Yes

Did implementation of pfSense go as expected?

Yes

Would you buy pfSense again?

Yes

Whilst I would love to see the addition of features like an API and/or CLI (both would be ideal), I love pfSense and would recommend it highly. I use it on my home network as well as in business settings, and it is robust, reliable, and easy to set up. The CARP or high availability functionality is quite easy to set up and works flawlessly. I can reboot my primary firewall and maybe drop 1 ping. It integrates well with my infrastructure including my UPS and has built-in Zabbix monitoring integration.

pfSense Feature Ratings

Identification Technologies
8
Visualization Tools
6
Content Inspection
4
Policy-based Controls
8
Active Directory and LDAP
8
Firewall Management Console
10
Reporting and Logging
8
VPN
10
High Availability
9
Stateful Inspection
9
Proxy Server
9