Who is usin pfsense in real world ? and for what ?

  • hi,

    who is using pfsene and for what specific purpose ?
    what is your topology ?
    if its been in use for long time then there should also be a lot of change requests going on for some specific needs? can you mention some of the challenging change requests ?

    this thread will help newbies  in obtaining a real insight into its real life application..

  • Probably the best way to discover the answer to your question would be for you to search for commercial firewall appliances that are based on pfSense. My point is only that pfSense seems to be the backbone of a lot of commercial firewalls. I think that says a lot about the value of it. I've been using IPCop and Smoothwall for a long time. pfSense does much more than either.

  • Home/small business network setup, web, mail, phone when I get them back up and running.

    Saying that just what is pfsense or when is pfsense not pfsense?

    Is it the FreeBSD OS or the scripts & gui that ESF have put time in to write?

    Or is it the hardware it runs on? ;)

  • Simple use  in my case. Basically secure, manage and control my Home Network, laptops, Nas, game consoles, iPhones, iPads.

    The main feature I use is the VPN client and server.
    The main package I use is pfBlockerNG and Snort.

  • who is using pfsene and for what specific purpose ?

    I use it for my home network and on the work or in our business we use it as a internal firewall only
    to route separate and secure the internal network.

    what is your topology ?

    Private two managed switches (DMZ & LAN) some smartphones over the radius server, WiFi Captive Portal
    for Guests, together with Snort, Squid & SuidGuard, pfBlockerNG and SARG.
    Internet –- Firewall --- two switches LAN & WLAN devices

    pfSense can be used as a firewall, Load balancer, BGP peer or router, Captive Portal,
    http Proxy or as an entire UTM device. Likes you want to use it or you need to use it.

    if its been in use for long time then there should also be a lot of change requests going on for some specific needs?

    Not really, because with pfSense you should be able to set up a rel UTM device or a plain routing device
    likes you want to do.

    can you mention some of the challenging change requests ?

    The development is really looking forward for new features, functions and options are given by other
    OpenSource or commercial firewall appliances and the newest things get inside or they watch out the
    forum here or elsewhere what is going on in networking and security.

    this thread will help newbies  in obtaining a real insight into its real life application..

    There are many OpenSource appliances out there and they all do have their own community and skills
    or efforts but pfSense is something that is really combining many functions, features and options together.

    For sure and as an example, if your entire and main goal is WiFi based you could be happier with another
    distribution that is Linux and not FreeBSD based likes DD-WRT, OpenWRT, IPFire, ZeroShell, Smoothwall
    or IPCop. Or if your main need or goal is BGP based or oriented you might be happier with OpenBSD &
    OpenBGPD or Quagga or perhaps Vyatta.

    Or in shorter words this is mostly pending on your needs and favorite goals you must reach.

  • Used it as main routers/firewall for internet, tv and radio in several compounds (sat links)
    Main routers in our data centers, redundancy and VPN site to site etc. etc.

    Still use it at home (internet and IPTV) and for business, 14+ seperate networks (redundant with CARP) and VPN connection to other locations.

    I think your question is, is PFSense an alternitave for the well know (expensive) brands? the answer is yes it is, but pick the right hardware for the job.

  • Initially started with pfSense because of heavy torrenting - the number of connections killed off most consumer/ prosumer routers at the time (DGL-4300 & WRT54GS running Thibor/ Tofu).
    Technically, I started with IPcop and Monowall (used both for about a month each) before I hopped onto the pfSense bandwagon and never looked back.

    I primarily use pfSense in Single WAN/ LAN setups. The one feature that keeps me with pfSense is HFSC traffic shaping, it's an absolute deal breaker for me.

    So far, aside from using pfSense at home, I've also setup pfSense rigs for friends, in a cybercafe I used to run, and also for a customer (military hardware contractor).

    In at least the SOHO or SMB market, the key highlights would probably be easy to use WebGUI, license-free VPN, Snort (where required), and traffic shaping (this is getting to be less of an issue over here since nation wide fibre is available).

    pfSense can also easily integrate into a domain environment for authentication and it supports DNS forwarding for domains in corporate environments.

  • LAYER 8 Netgate

    Captive portal, guest internet in a 2200-room hotel/casino. Plus paid access in about 165,000 ft2 (15000 m2) of meeting/banquet/exhibit space.

    Several smaller installations.

  • I am using pfsense at about 20-25 sites, with networks may be more than 100- 250 computers, for vpn, content filtering and antivirus. frankly I am not interested in snort etc. works quite ok and becoming more and more stable after some work on squid from honored forum members.

    Excellent value for money and almost as good as commercial ones. For newbie it is not out of the box but nor it is very difficult with bit of patience.

  • I use it primarily as an access controller for our public wifi system - anything up to 500 users+. I have a second, smaller installation for handling SIP traffic from an office services network we run.

    I've also encouraged other companies to consider using it - one of which now uses pfSense as their standard firewall of choice for all new IP telephony installations.

  • so it seems its very serious product.
    are there any case studies about it ?
    and deployement scenarios where one could read them to get more insight into it ?

    i need to understand it more .. maybe i might recomend it at some point if asked by someone..
    i am following on this forum and wiki and general internet though . .

Log in to reply