About pfSense

What is pfSense?

pfSense is the world’s most trusted open source firewall. It brings together the most advanced technology available to make protecting a network easier and addresses a wide range of security and networking needs. pfSense is open source and you can download the Community Edition of pfSense here: https://www.pfsense.org/download/.

pfSense Community Edition can be installed on a physical computer or a virtual machine to make a dedicated pfSense firewall and/or pfSense router for a network. It is thoroughly documented ( pfSense documentation) and instructions are continuously updated on how to best operate pfSense software.

pfSense Plus is the version of pfSense that comes pre-installed on Netgate appliances which we sell in the UK at competitive prices.

FEATURES

item showcase image

Load Balancing

UTM Device

Traffic Shaping

Captive Portal

DNS / DHCP Server

IDS / IPS

OpenVPN / IPSec

Web Content Filter

Show All Features
Features

Firewall and Router

  • Stateful Packet Inspection (SPI)
  • GeoIP blocking
  • Anti-Spoofing
  • Time based rules
  • Connection limits
  • Dynamic DNS
  • Reverse proxy
  • Captive portal guest network
  • Supports concurrent IPv4 and IPv6
  • NAT mapping (inbound/outbound)
  • VLAN support (802.1q)
  • Configurable static routing
  • IPv6 network prefix translation
  • IPv6 router advertisements
  • Multiple IP addresses per interface
  • DHCP server
  • DNS forwarding
  • Wake-on-LAN
  • PPPoE Server

VPN

  • IPsec, OpenVPN and WireGuard
  • Site-to-site and remote access VPN support
  • SSL encryption
  • VPN client for multiple operating systems
  • L2TP/IPsec for mobile devices
  • Multi-WAN for failover
  • IPv6 support
  • Split tunneling
  • Multiple tunnels
  • VPN tunnel failover
  • NAT support
  • Automatic or custom routing
  • Local user authentication or RADIUS/LDAP

Intrusion Prevention

  • Snort-based packet analyzer
  • Layer 7 application detection
  • Multiple rules sources and categories
  • Emerging threats database
  • IP blacklist database
  • Pre-set rule profiles
  • Per-interface configuration
  • Suppressing false positive alerts
  • Deep Packet Inspection (DPI)
  • Optional open-source packages for application blocking

Enterprise Reliability

  • Optional multi-node High Availability Clustering
  • Multi-WAN load balancing
  • Automatic connection failover
  • Bandwidth throttling
  • Traffic shaping wizard
  • Reserve or restrict bandwidth based on traffic priority
  • Fair sharing bandwidth
  • User data transfer quotas

User Authentication

  • Local user and group database
  • User and group-based privileges
  • Optional automatic account expiration
  • External RADIUS authentication
  • Automatic lockout after repeated attempts

Proxy and Content Filtering

  • HTTP and HTTPS proxy
  • Non Transparent or Transparent caching proxy
  • Domain/URL filtering
  • Anti-virus filtering
  • SafeSearch for search engines
  • HTTPS URL and content screening
  • Website access reporting
  • Domain Name blacklisting (DNSBL)
  • Usage reporting for daily, monthly, etc.
Administration

Configuration

  • Web-based configuration
  • Setup wizard for initial configuration
  • Remote web-based administration
  • Customizable dashboard
  • Easy configuration backup/restore
  • Configuration export/import
  • Encrypted automatic backup to Netgate server
  • Variable level administrative rights
  • Multi-language support
  • Simple updates
  • Forward-compatible configuration
  • Serial console for shell access and recovery options

System Security

  • Web interface security protection
  • CSRF protection
  • HTTP Referer enforcement
  • DNS Rebinding protection
  • HTTP Strict Transport Security
  • Frame protection
  • Optional key-based SSH access

Reporting & Monitoring

  • Dashboard with configurable widgets
  • Local logging
  • Remote logging
  • Local monitoring graphs
  • Real-time interface traffic graphs
  • SNMP monitoring
  • Notifications via web interface, SMTP, or Growl
  • Hardware monitoring
  • Networking diagnostic tools

Who uses pfSense?

Thousands of businesses, educational institutions, government agencies and non-profits – on all seven continents, and for years – have come to rely upon pfSense® software for their secure networking needs.

Why Buy a Netgate pfSense Appliance?

Netgate appliances are the official pfSense hardware running pfSense plus natively. In other words, Netgate devices are developed, designed and tested to run pfSense plus reliably. With Negate pfSense plus appliances business users can access commercial support directly from the team that host and develop the pfSense project.

pfSense News and Articles

pfSense® and pfSense Certified® are registered trademarks of Electric Sheep Fencing, LLC in the United States and other countries.