Jimp,
Thanks for taking the time to reply to each point.
Let me say however, that while I agree that you are spot-on with your account of what was done and why, that doesn't address the concerns I bring up.
Perhaps I am being too wordy or just plain vague, something I do from time to time.
PFSense has and continues to be a good firewall, however it is losing its standing as the leading Open Source solution in its category.
This is mainly because the category itself is changing.
Firewalls are now a thing that is largely considered a basic service.
Managing access at the edge of the Internet is a simple and expected function today.
PFSense can not continue to simply be a "great firewall" and stay in focus to the user base.
The UTM or NGFW (Next Gen Firewall) is nearly the defacto standard for managing traffic.
Firewall functions like the ones PFsense provides are just a component part of these new platforms.
the good news is that you are imminently qualified to keep up with this trend and stay in the forefront of the Open Source firewall category.
In my opinion, the PFSense team needs to seriously consider the role that your device plays in the daily life of a network administrator.
Ease of use, combined with monitoring and at-a-glance visual reporting and accurate alerting.
To be more specific…
Application Awareness,
Stateful Inspection,
Integrated Intrusion Protection System (IPS),
Identity Awareness (User and Group Control),
Bridged and Routed Modes,
The ability to utilize external intelligence sources
Nearly ALL of these things were available in the previous generation with the correct plugins applied.
Let me end by saying that overall, the PFSense team has done a remarkable job of keeping the base code healthy and secure.
However, the REAL value came from the features that were achievable using plugins.
Feel free to go back and read the reviews 1+ years ago and beyond.
you will see that the authors highlighted the plugin community as the series of "killer apps" that set PFsense above the rest of the pack.
My advice is to realize that the firewall aspects of protection are now expected and no longer a significant accomplishment.
Focus on the customer facing role of the platform and what it can do to EASE the daily life of the administrators and those that are protected by the platform.
Design backwards from there and you will once again prove PFSense is THE standard in Open Source firewall (and moving forward NGFW) solutions.
You have ALL the parts you need, and many experienced developers and community members to leverage for this effort.
That includes myself - someone who designs platforms and customer facing infrastructure software solutions daily.
Once you do this, your team can offer more than simple Gold Support options.
The number of managed services that you could provide (like cloud / managed threat protection) are nearly limitless.
All this without having to invent much in the way of "new" technology - remember PFSense has had most of this before at various times.
