Announcing pfSense plus

fbor

@johnpoz said in Announcing pfSense plus:

You would think they announced the sky is falling, and we have all these chicken little's running around screaming...

When something is not well known or fully understand, people fill the gaps and imagine whatever is possible. It's just basic human behavior.

Maybe there have been some poor choices in communication here.

One example: explaining that going close source is for protecting the open-source community and the guys who forked from some disruptive changes is, at best, dubious. Imo, it does not make any sense. If disruption is really a concern, there is no need to go close source: an open-source fork from pfSense CE to pfSense plus would achieve exactly the same goal. So, what does this really mean ?

Similarly, when saying on one hand that the two versions will diverge more and more and, on the other hand, that the advancement of CE will mainly depend "how the project progresses itself, separate and distinct from Netgate", what should be understand other than Netgate is starting to disinvest from the development of CE ?

ahking19

@inxsible You can't have it both ways stating you are in "no rush" but in the next sentence worry about be being "left hanging dry".

2.5 has not been released yet and Netgate has confirmed there will be a 2.6. That is probably 2 years support for CE right there.

Take a breath and see what happens in the next 12 months. Then make a decision not based on speculation of what might happen.

Spacecase

Full disclosure: I'm not a power user.

I'd like to offer up a bit of balance. I understand the arguments for OSS, but it's not important to me. It's this:

National Vulnerability Database

Note that Netgate has expeditiously addressed vulnerabilities through patches and update releases. FYI, this is a random 4-week example of the type of stuff going on in the background:

redmine

I'm not about to sift through source code. But as an armchair technocrat, I want a bit more than consumer-grade offerings. What's important to me is security, stability, features, and a commitment to the product.

It's very likely I'll stick with pfSense in one form or another. Netgate has demonstrated a generosity to the community, and I'm appreciative of their gratis COVID support when I needed it. That said, they're a business and need to turn a profit to make payroll. If OSS is a hard requirement for enough paying customers, I expect they'll make adjustments.

Appropriate acknowledgement of the NVD:

NVD Data Feed

Inxsible

@ahking19 said in Announcing pfSense plus:

@inxsible You can't have it both ways stating you are in "no rush" but in the next sentence worry about be being "left hanging dry".

Not having both ways at all. You are compounding 2 different statements meant for 2 different things.

I personally am not in a rush to move to another software at this very instant.

"left hanging dry" was for the pfSense CE version as a whole -- due to the divergence from pfSense+ and not getting anything but security fixes as announced by Netgate. Please read my earlier post again.

@ahking19 said in Announcing pfSense plus:

2.5 has not been released yet and Netgate has confirmed there will be a 2.6. That is probably 2 years support for CE right there.
Take a breath and see what happens in the next 12 months. Then make a decision not based on speculation of what might happen.

Your statement about "probably 2 years support for CE..." is speculation more than any of my statements. I didn't say anything about how long Netgate would support CE -- because I don't know. All I said was, that some users would not like to wait until Netgate announces how much support they will provide and until when.

ahking19

@inxsible I don't work for Netgate so yes I'm "speculating" based on past release history and an ethos of "release it when its ready".
https://docs.netgate.com/pfsense/en/latest/releases/versions.html

Patch

From the blog Announcing pfSense Plus

• installed over two million times, with at least half that many in active use today

• our customers ... In particular, however, are business, government, and education customers.

• pfSense Plus ... move beyond the limitations of pfSense open source software

• pfSense Plus for my own hardware or virtual machine ... There will be a no charge path for home and lab use and a chargeable version for commercial use

• Which is the same pricing model as TNSR

I assume I will get flamed for this but that policy does not make any sense to me as it says:

• Netgate has about 1 million users, by far the majority don't pay any money for the service they receive and this will continue.

• We price our software product out of the range of small business. In the past service provides could help them use our CE software but in the future they will have to look elsewhere

• We pin all our hopes for business viability of our software product line on big business, where our software product is relatively economical.

In my opinion, given Netgates user base, it would make far more sense to capitalize on micro transactions.

• Don't give the proprietary software to any one for free, but ensure the price is low enough represents that it is excellent value for everyone.

• Scale cost gradually with installation size, using some measurable parameter such as users devices. Use a soft limit so the system continues to work if used beyond licensed capacity but the user is informed (& Netgate collect license violation statistics)

• At the base product have only forum and on-line manuals support (enabling it to be a low cost product). Even $20 / year x 1 million users pays for a significant amount of development.

• Support a proportional cost increase for larger installation so larger homes or test beds do not suddenly hit a price barrier.

• Do not offer volume discounts to mid sized customers but include higher level support which are demanded from larger paying customers. Include business level support options.

As for PfSense open source product, the future does not look bright

• Historically, pfSense FE and pfSense Community Edition (CE) have been closely related ... In 2021, they will begin to diverge from one another ... Netgate will focus most of its efforts on pfSense Plus ... pfSense CE ... security vulnerability protection ... 2) hardware support updates, and 3) bug fixes ... upgrade path to pfSense Plus (? nagware)

provels

I have just returned from the future and everything worked out fine.
Unsubscribing from this thread for now.

mfld

@patch said in Announcing pfSense plus:

In my opinion, given Netgates user base, it would make far more sense to capitalize on micro transactions.

+1. I had a few Gold subscriptions back then, expecting nothing in return other than ACB and the pfSense book. Now sure why they made that free, discontinued Gold and now make it super hard to give them money. Entry level for showing some love now is a TAC at Black Friday / COVID discount (399.00 a year). Why ?

slu

@mfld said in Announcing pfSense plus:

@patch said in Announcing pfSense plus:

In my opinion, given Netgates user base, it would make far more sense to capitalize on micro transactions.

+1. I had a few Gold subscriptions back then, expecting nothing in return other than ACB and the pfSense book.

+1 We had it only to sponsoring Netgate and would like to see a "Gold Sponsoring" back...

DaddyGo

@provels said in Announcing pfSense plus:

Unsubscribing from this thread for now.

just like you do, I'm also :)

A Former User

@daddygo @provels Sounds like a good idea ;) I'm out.

mr.pine

It 's time to migrate to https://opnsense.org ?

provels

@mr-pine said in Announcing pfSense plus:

It 's time to migrate to https://opnsense.org ?

A Former User

@jwj said in Announcing pfSense plus:

Sounds like a good idea ;) I'm out.

Clarification, I'm out of this thread. Not out of pfSense.

mhab12

Been reading both this and the other 'dev' post regarding PfS+. Curious as to the 'why?' behind closing the source of the plus edition. I don't believe this has been addressed. I have a couple ideas but hate to speculate...would love to hear from the team on this.

Just because something is open source doesn't mean it has to be free, correct? I am all for paying for great software (former Gold member, purchased support cases over the years, have a few Netgate boxes running) and would be happy to further support the project but would prefer to see PfS+ remain fully open source.

mr.pine

@provels
Maybe its better for you to be quiet

drewsaur

@fbor pfSense FE was never open source. Not sure what you are getting at here.

fbor

@drewsaur The differences are small with CE, a few packages (AWS Wizard, IPSec exporter, ...), some tuning for the hardware. I checked a few FE only files: they are not obfuscated and are all licensed under Apache license. So maybe FE is only 99.99% opensource but that's not the 0.01% I'm worried about.

With pfSense+, will I still be able to change everything I may need, at least in the "CE layers", and not get stuck asking the editor for changes ?

drewsaur

@fbor I would imagine that this will be the case for a very long time. I can’t see how, anytime soon, the majority of pfSense+ would be replaced with completely different code. That would be like https://www.joelonsoftware.com/2000/04/06/things-you-should-never-do-part-i/ - completely self-defeating.

FeFe

@al I really do not see how you cannot benefit from keeping OSS roots and your paying customers and keep advancing!

You now basically abandon it by out-forking the OSS version into Closed source and get onto the route RedHat just got with CentOS. On top of that, the trust into pfSense because of the OSS nature will be gone and the closed nature will raise questions and break trust on unseen backdoor/weakened security!

On top of that you still advertise/market/benefit the power of the OSS base, yet all the full-feature changes will not get into the CE?

Did I miss something?!?