Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Is PfSense a good option as a company firewall?

    Scheduled Pinned Locked Moved General pfSense Questions
    10 Posts 9 Posters 8.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      Isterklister
      last edited by

      I wonder if pfSense is a good option as a firewall for businesses.
      We have offices in seven locations around the world with VPN tunnels between all offices. We are about 70 employees and have today WatchGuard firewalls, on the two main offices, we have X1250e and on the other X20e. We use very few features in the firewall and it is above all VPN tunnels between offices, stopping traffic and sending traffic to the LAN or DMZ.

      Is pfSense functionality comparable to example Watch Guard?

      /Thanks

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Yes.  ;)

        The biggest difference between pfSense and Watchguard (besides the price!) is that the Watchguard is a UTM device and pfSense, in standard form, is not. There are packages available to extend it's capabilities with web proxy, antivirus etc but it's never going to be quite as comprehensive especially compared to later Watchguard firmwares.
        However since you aren't using these features pfSense probably compares very well. You can even run pfSense on your X1250e if you have some technical experience.

        Steve

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          We replace tons of Watchguards, Cisco PIXes and ASAs, Sonicwall, you name it and have the 100% same end result functionally. Whether that's possible in every single environment depends. There are some things we can do that those can't, and some things some of them do that we can't. You can say the same comparing between different commercial firewalls as well.

          1 Reply Last reply Reply Quote 0
          • S
            Sup3rior
            last edited by

            Can recommend it :)

            We've thrown out our Zyxel UTM boxes for pfSense and have been happy with it ever since. And on a sidenote, the support is better on these forums than calling the paid support from Zyxel ;)

            1 Reply Last reply Reply Quote 0
            • J
              jits
              last edited by

              :) Yes. Pfsense works really well and we're happy with the results and I know you will be to.

              We're a small CATV company and have PFsense running at three locations. With the right hardware, PFsense is a go!
              Support via the forums is great, but that depends on your issue. There is also a paid support service to ensure you don't stay up late at night, watching and waiting for an answer on the forums.

              PFsense community is solid as a rock, and these very talented guys are not about to sell it all to the "New World Order".

              Jits.

              1 Reply Last reply Reply Quote 0
              • P
                podilarius
                last edited by

                We have 2 colo datacenter locations and 1 office with a VPN between the office and each colo. We also have proxied voip at the office and we have pfsense at each location. I can certainly recommend its use. The only thing that watchguard has that is kinda cool is that you can centrally manage all locations from a single interface. Course it could be a security hole but, it is cool. Really not worth the money for that feature alone. pfSense is much better because you can scale it with the hardware you are running it on and the packages you install.
                I don't know if I have said it enough, but thanks to the developers and to anyone helping make this software as great as it is.

                1 Reply Last reply Reply Quote 0
                • T
                  theflakes
                  last edited by

                  Only have had our pfSense firewall up for five days, but so far it is a huge improvement over the horrendous sonicwalls we had.  As long as it remain stable it is an excellent solution for us.  This is running at a University with a 300Mbps Internet connection.  We do some site to site VPNs as well and that has been rock solid.

                  1 Reply Last reply Reply Quote 0
                  • M
                    mhab12
                    last edited by

                    Recommend.  You can't go wrong and will be hard pressed to find anything else that is easier to manage or has better support (both paid/commercial and the forums/IRC/etc.).

                    1 Reply Last reply Reply Quote 0
                    • R
                      ronnieredd Rebel Alliance
                      last edited by

                      Replaced our first watchguard with pfsense about 3 years ago and we will be replacing the last 2 very shortly. Multi-site IPSEC tunnels and vpns accross 4 locations in 1 west coast state, another 2 on the other coast and 3 in other countries talking to each other.

                      We paid support for pfsense and snort to help the cause.
                      Our retired watchguard boxes are now door stops, foot rests and monitor holder-uppers.

                      Looking over the wall
                                \ | /
                                ~   ~
                         {~(@) (@)~}
                      –-oOO-(_)-OOo---

                      1 Reply Last reply Reply Quote 0
                      • stephenw10S
                        stephenw10 Netgate Administrator
                        last edited by

                        You can probably run pfSense on those door stops, depending which model they are.

                        Steve

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.