Navigating to Buy pfSense +

Amodin

@dopeytree said in Navigating to Buy pfSense +:

@Amodin

I don't really believe people stole pfsense+ it was available for free so..... how is it piracy.

I get netgate are annoyed with third party manufacturers but you know their hardware is a bit out of date compared with market offerings.

And they've binned the $129 offering which would have netting a few $million each year.

So presence CE is pretty much dead. There's no point moving to it as they will just kill off updates.

Read the blog about what happened on this site, it explains it. It's not piracy, it's NetGate losing out on TAC because third-party providers are violating the agreement by selling it pre-installed on hardware for profit. That's the key here - the agreement, so essentially, the software/licensing is being used out of scope, violating the "Oh we trust you to do the right thing if you claim to be a home user" aspect by NetGate.

If they would implement home licensing and have it managed just like any other kind of licensing, this would have been a moot point. You tie the token to an account (not an e-mail account, a verified NetGate account) and include the hardware if you wish (MAC addresses), but in order to claim another token, you have to invalidate and remove the old token (license key). That will allow users to reinstall if they have to with either different hardware and/or virtual MAC address changes (VM). That way the license isn't abused, or at least severely mitigated.

This is the biggest issue I have with NetGate about this - the lack of management on this point. I just came from using Sophos for over 20 years, and their management and hardware limitations of product is what drove me away - but they know how to properly license the product, so it's not abused - or severely mitigated in that aspect, to the point you don't have this issue. I only got to start using pfSense+ for a few months and I think the product is great. However, after this, the lack of management on this (frankly) stupid ass level of management has driven me away and I am looking for a new solution and taking my friends with me after promoting this product. They are of the same mindset and won't hesitate to discontinue use because of this.

I wouldn't mind using CE - if I believed it was actually going to be updated and be kept up to date, but even by NetGate's own words, that isn't going to happen. Their focus is elsewhere and it's not CE.

@dopeytree said in Navigating to Buy pfSense +:

I think actually they dont want to support such a wide range of hardware. They are instead focusing on cloud solutions by geting $999 for TNSR a year license or you >buy a netgate box.

But that's the thing here - home use is not their concern, that's why we have a user forum, to help each other out with the occasional NetGate employee chiming in for user base support - we aren't paying for it anyways, so that's really why these forums exist, to help each other out. We aren't paying for it anyways with a TAC, and commercial use with TAC will most likely have NetGate hardware.

NollipfSense

@Amodin said in Navigating to Buy pfSense +:

However, after this, the lack of management on this (frankly) stupid ass level of management has driven me away

Agree...some members here are corporate executives and board governance members...

chigh09

I want to offer a different perspective on this because I think it’s important. Let’s imagine that we are netgate and noticed an uptick in lost income because of the misuse of our software distribution. Now I’m not saying it was right or wrong but if it were me I would shut it down as well. Should we have issued a statement before shutting it down? I think it would have been the best move, but maybe we don’t know the whole story. And maybe if there were a statement before the shutdown then there would have been a mad rush to get as many free licenses as possible (just thinking out loud). I don’t know if they really intended to lose our trust, but rather they tried to make the best decision with the time they had.

I know it’s easy to feel like the victim and wanting to stick it to them with threats and say they will never use pfsense again, but I think we are all better than this. I say we might want to give them some time to rectify this situation and see what they come up with. We all aren’t perfect and yeah, everyone and every company makes mistakes. So, we could sit here and complain about the decisions being made or we can once again come together as a community and offer constructive feedback in a civil manner to improve the longevity of this great open source software that is also profitable by both parties.

gisuck

I don't understand why people come to the conclusion that CE will no longer be supported and will be dropped. Or that 2.7 will be the last CE to be released. Clearly people don't understand that Netgate have a roadmap website for all of the release. CE 2.8 is nearly finished at this point.

https://redmine.pfsense.org/projects/pfsense/roadmap

Isn't it called Community Edition for a reason? Netgate is still making commits to it. What am I missing that everyone is negative about this?

Amodin

@gisuck said in Navigating to Buy pfSense +:

I don't understand why people come to the conclusion that CE will no longer be supported and will be dropped. Or that 2.7 will be the last CE to be released. Clearly people don't understand that Netgate have a roadmap website for all of the release. CE 2.8 is nearly finished at this point.

https://redmine.pfsense.org/projects/pfsense/roadmap

Isn't it called Community Edition for a reason? Netgate is still making commits to it. What am I missing that everyone is negative about this?

For the very fact in the blog, they are referring to CE as a 'home lab or POC in order to evaluate Plus' now.

Also, because support for ended in 2022.

Also, because they have even stated more than once that CE doesn't get updated often. Quite frankly, why would you implement something that is barely updated and rely upon an outdated, unsupported model of what they want to not even bother touching? The only reason CE is getting 2.8 is because it was already planned for Plus and CE. I can 99.9% guarantee within the next year or two, CE will not even be updated and still used for evaluation, and nothing more.

edited for spelling

Amodin

@chigh09 said in Navigating to Buy pfSense +:

I want to offer a different perspective on this because I think it’s important. Let’s imagine that we are netgate and noticed an uptick in lost income because of the misuse of our software distribution. Now I’m not saying it was right or wrong but if it were me I would shut it down as well. Should we have issued a statement before shutting it down? I think it would have been the best move, but maybe we don’t know the whole story. And maybe if there were a statement before the shutdown then there would have been a mad rush to get as many free licenses as possible (just thinking out loud). I don’t know if they really intended to lose our trust, but rather they tried to make the best decision with the time they had.

I know it’s easy to feel like the victim and wanting to stick it to them with threats and say they will never use pfsense again, but I think we are all better than this. I say we might want to give them some time to rectify this situation and see what they come up with. We all aren’t perfect and yeah, everyone and every company makes mistakes. So, we could sit here and complain about the decisions being made or we can once again come together as a community and offer constructive feedback in a civil manner to improve the longevity of this great open source software that is also profitable by both parties.

So just because you had a pain in your arm because YOU bumped it and caused the pain, should you have it removed entirely to spite your body? I mean, that's essentially what they've done here, when there are other remedies and options to make it right for everyone. Instead, they went the lazy route and just decided to amputate.

GPz1100

@Amodin Best to amputate now, reattach later (maybe).

At this point, I think what the community really needs is some form of commitment from netgate. Trust has been broken. Not easy to rebuild.

"Maybe"'s in a PR usually mean the opposite of preferred outcome. We need definites.

gisuck

@Amodin

That's not even remotely.what they said.

Current pfSense CE Users

For those of you currently using pfSense CE, you will not be affected by this change. You can continue to use pfSense CE at no cost, and you will continue to receive updates and security patches as they are made available. This is the ideal solution for home labs that do not require a TAC subscription or frequent updates while experiencing a similar feature set and peace of mind that your network is protected. pfSense CE is a fantastic solution for your home lab or proof of concept (POC) project to see if pfSense Plus might be the right solution for your network security needs.

In otherwords, if you don't know if it's worthwhile to purchase a TAC Pro or Enterprise license and want to develop a proof of concept first, use the CE version since the feature sets are very similar. Also, citation on where Netgate said they are no longer developing CE. People are finding bugs in CE all the time and they are making patches for it.

link text

Amodin

@GPz1100 said in Navigating to Buy pfSense +:

@Amodin Best to amputate now, reattach later (maybe).

At this point, I think what the community really needs is some form of commitment from netgate. Trust has been broken. Not easy to rebuild.

"Maybe"'s in a PR usually mean the opposite of preferred outcome. We need definites.

As I've said above, the correct route would be home licensing models similar to commercial models and not replying on the "we trust you to do the right thing" model. People aren't going to do the right things, for the most part. If it's labeled as "free" they are going to do whatever they can to obtain it and get more of it. It's free after all, right?

If you need limitations in place and still make it available, you moderate it. Home licensing is very much a thing that could really be implemented, along with commercial licensing. I don't understand why this didn't happen to begin with in their production, or even at management level. Auditing of licensing should also be a thing - and it's apparent that audit is either non-existent, or they have it and it's not being used correctly (at all).

Amodin

@gisuck said in Navigating to Buy pfSense +:

@Amodin

That's not even remotely.what they said.

Current pfSense CE Users

For those of you currently using pfSense CE, you will not be affected by this change. You can continue to use pfSense CE at no cost, and you will continue to receive updates and security patches as they are made available. This is the ideal solution for home labs that do not require a TAC subscription or frequent updates while experiencing a similar feature set and peace of mind that your network is protected. pfSense CE is a fantastic solution for your home lab or proof of concept (POC) project to see if pfSense Plus might be the right solution for your network security needs.

In otherwords, if you don't know if it's worthwhile to purchase a TAC Pro or Enterprise license and want to develop a proof of concept first, use the CE version since the feature sets are very similar. Also, citation on where Netgate said they are no longer developing CE. People are finding bugs in CE all the time and they are making patches for it.

link text

Incorrect, it's right there. You aren't even reading it. I think you should stop trying to read it in the reflection of your polished armor.

"pfSense CE is a fantastic solution for your home lab or proof of concept (POC) project to see if pfSense Plus might be the right solution for your network security needs."

What part of that did you not understand? That's exactly what they said.

gisuck

@Amodin Please point out the error on the comment I made against that quote? My statement and their statement is exactly the same.

Amodin

@gisuck

I believe I've already more than made my case in this debate, I can't be any more clear than what I have been.

Reading their own words isn't enough, me explaining it isn't enough - I don't know what else to tell you, except read it. Then read it again. Then again until you understand it.

chudak

@GPz1100 said in Navigating to Buy pfSense +:

@Amodin
At this point, I think what the community really needs is some form of commitment from netgate. Trust has been broken. Not easy to rebuild.

True!

gisuck

"Don't read the words at are exactly printed on their blog. Instead, use my words that I just made up because trust me bro."

I'll pass. This post has devolved into more FUD.

Amodin

@gisuck said in Navigating to Buy pfSense +:

"Don't read the words at are exactly printed on their blog. Instead, use my words that I just made up because trust me bro."

I'll pass. This post has devolved into more FUD.

You're frankly delusional at this point. I literally, LITERALLY copied/pasted their own words from the blog YOU POSTED.

Really? Are you that brain dead that you can't read, but telling me that I made it up? LOL, my God.

I'm done speaking with you about this, you obviously don't/won't get it.

gisuck

I asked you the point out the difference between what I stated and what they stated and you couldn't. All you said was read it and read it again after injecting an opinion that's not their. I read it a hundred times. The words on the screen didn't change. What I said and what they said are exactly the same still. Please tell me where I'm wrong.

NRgia

@gisuck said in Navigating to Buy pfSense +:

I asked you the point out the difference between what I stated and what they stated and you couldn't. All you said was read it and read it again after injecting an opinion that's not their. I read it a hundred times. The words on the screen didn't change. What I said and what they said are exactly the same still. Please tell me where I'm wrong.

What is your angle here? Can't you just read a few days of motives as of why almost nobody who switched from CE to Plus at Netgate's hint, want to switch back to CE? Who is spreading the FUD here?

JonathanS

One problem I have is I won't be able to re-register my Plus home license if I need to rebuild on new hardware, and frankly, I don't know why, but when I initially built it I had to request a license three times before I was able to register my Plus version. This was a big concern even before they withdrew the free home Plus licenses. The registration appears a bit flaky. Also, when I log in I can see the orders but I can't see any registration details, I had expected I would see something like device <x> registered with license <y>. And given these were home/lab licenses I had expected it would say you have requested 4 of 5 maximum licenses. What do Pro and Enterprise users see in their portal - do they see the orders, and devices and licenses associated with those devices?

They should want us to keep using the Plus version as we are an ideal pool of free testers. I'd never expected, as a home Plus user, to get anything other than community support, via the Netgate forums. They have benefitted from taking an open-source product and commercialising it, and obviously added to it, they have built an offering from the hard work of countless contributors who created pfSense, and m0m0wall. I don't understand why you would throw loads of free testers under the bus.

And they should keep CE up-to-date, I understand it has the older version of openSSL, which is now defunct, and they are putting v3 into the next Plus release. There was an idea to register a credit card, to stop people who might want to abuse the free Plus licensing, but that creates a big problem for Netgate who would have to ensure these are stored very securely, if they got hacked they'd have a company-ending situation on their hands. How many licenses should a home-lab email account have? 2, 3, 4, 5? I could do with 2, maybe a max of 3 (one for testing new releases).

Please Netgate don't leave us in limbo, and please don't force us to look elsewhere.

NollipfSense

@gisuck said in Navigating to Buy pfSense +:

I read it a hundred times.

Really...most of us here read it once or twice...

Darkk

@JonathanS said in Navigating to Buy pfSense +:
How many licenses should a home-lab email account have? 2, 3, 4, 5? I could do with 2, maybe a max of 3 (one for testing new releases).

I think 5 licenses for home lab should be more than enough for testing and home use. But it needs to be set up so that we can get a new token while it invalidates the old one in case we have to reinstall or make changes to the hardware with the same netgate hardware ID.