About pfSense

What is pfSense?

pfSense is an extraordinary piece of software used by network enthusiasts, learners, medium-sized businesses, and large enterprises alike. Built on the strong foundation of FreeBSD, it is commonly employed as a network firewall and can also function as a VPN server or client, a DHCP server or relay, a DNS server or forwarder, and a WAN load balancer. It is highly configurable and feature-rich, making it suitable for a variety of network topologies and scenarios.

What is the difference between pfSense CE and pfSense Plus?


pfSense Community Edition (CE) is the free and open-source version that can be installed on amd64 and x86-64 architectures or virtual machines to make a dedicated pfSense firewall and/or pfSense router for a network. It is thoroughly documented ( pfSense documentation) and instructions are continuously updated on how to best operate pfSense software.

The free Community Edition of pfSense can be downloaded here: https://www.pfsense.org/download/.

👨‍💻 pfSense CE is suitable for individuals and organizations that prefer an open-source solution and do not necessarily require enterprise-level support.

pfSense plus

pfSense plus is the proprietary version of pfSense that comes pre-installed on Netgate-branded appliances, or it can be upgraded to from the community edition by purchasing a pfSense+ Software Subscription. It is built on the same open-source foundation of pfSense CE and provides additional, advanced features and professional support aimed at enterprises and users requiring higher levels of integration, support, and performance. When pre-installed on Netgate appliances, it includes TAC Lite support and software updates at no additional charge for the life of the unit. Netgate appliances are available for purchase from our online store at the following link: ITG Shop.

🏢 pfSense plus’s additional features and enhancements are specifically beneficial in enterprise environments. pfSense plus also comes with the option of purchasing professional support, training, and consulting from Netgate partners like us. Contact us for expert support and services or to upgrade to TAC Professional or TAC Enterprise for extended support and SLA.

What are the features available with pfSense?


item showcase image

Load Balancing

UTM Device

Traffic Shaping

Captive Portal

DNS / DHCP Server


OpenVPN / IPSec

Web Content Filter

Show All Features

Firewall and Router

  • Stateful Packet Inspection (SPI)
  • GeoIP blocking
  • Anti-Spoofing
  • Time based rules
  • Connection limits
  • Dynamic DNS
  • Reverse proxy
  • Captive portal guest network
  • Supports concurrent IPv4 and IPv6
  • NAT mapping (inbound/outbound)
  • VLAN support (802.1q)
  • Configurable static routing
  • IPv6 network prefix translation
  • IPv6 router advertisements
  • Multiple IP addresses per interface
  • DHCP server
  • DNS forwarding
  • Wake-on-LAN
  • PPPoE Server


  • IPsec, OpenVPN and WireGuard
  • Site-to-site and remote access VPN support
  • SSL encryption
  • VPN client for multiple operating systems
  • L2TP/IPsec for mobile devices
  • Multi-WAN for failover
  • IPv6 support
  • Split tunneling
  • Multiple tunnels
  • VPN tunnel failover
  • NAT support
  • Automatic or custom routing
  • Local user authentication or RADIUS/LDAP

Intrusion Prevention

  • Snort-based packet analyzer
  • Layer 7 application detection
  • Multiple rules sources and categories
  • Emerging threats database
  • IP blacklist database
  • Pre-set rule profiles
  • Per-interface configuration
  • Suppressing false positive alerts
  • Deep Packet Inspection (DPI)
  • Optional open-source packages for application blocking

Enterprise Reliability

  • Optional multi-node High Availability Clustering
  • Multi-WAN load balancing
  • Automatic connection failover
  • Bandwidth throttling
  • Traffic shaping wizard
  • Reserve or restrict bandwidth based on traffic priority
  • Fair sharing bandwidth
  • User data transfer quotas

User Authentication

  • Local user and group database
  • User and group-based privileges
  • Optional automatic account expiration
  • External RADIUS authentication
  • Automatic lockout after repeated attempts

Proxy and Content Filtering

  • HTTP and HTTPS proxy
  • Non Transparent or Transparent caching proxy
  • Domain/URL filtering
  • Anti-virus filtering
  • SafeSearch for search engines
  • HTTPS URL and content screening
  • Website access reporting
  • Domain Name blacklisting (DNSBL)
  • Usage reporting for daily, monthly, etc.


  • Web-based configuration
  • Setup wizard for initial configuration
  • Remote web-based administration
  • Customizable dashboard
  • Easy configuration backup/restore
  • Configuration export/import
  • Encrypted automatic backup to Netgate server
  • Variable level administrative rights
  • Multi-language support
  • Simple updates
  • Forward-compatible configuration
  • Serial console for shell access and recovery options

System Security

  • Web interface security protection
  • CSRF protection
  • HTTP Referer enforcement
  • DNS Rebinding protection
  • HTTP Strict Transport Security
  • Frame protection
  • Optional key-based SSH access

Reporting & Monitoring

  • Dashboard with configurable widgets
  • Local logging
  • Remote logging
  • Local monitoring graphs
  • Real-time interface traffic graphs
  • SNMP monitoring
  • Notifications via web interface, SMTP, or Growl
  • Hardware monitoring
  • Networking diagnostic tools

Who uses pfSense?

Thousands of businesses, educational institutions, government agencies and non-profits – on all seven continents, and for years – have come to rely upon pfSense® software for their secure networking needs.

What is pfSense best for?

pfSense is ideal for a wide range of applications, including use as a robust firewall, VPN gateway, advanced router, and for NAT. It also excels in load balancing and failover, traffic shaping and QoS. As a perimeter firewall, pfSense is typically placed at the boundary of the network to protect the internal network from external threats also thanks to its intrusion detection/prevention capability. As an internal firewall it protects internal resources and segment the network creating distinct network zones for different types of traffic or user groups, thereby enhancing security through isolation of sensitive areas.

Who is Netgate?

Netgate Logo

Netgate stands as the primary developer and custodian of the pfSense project, playing a significant role in the realm of open-source networking. The company’s contributions are notably evident in the advancement of FreeBSD, a critical base upon which pfSense is built, which also underpins a wide array of network and firewall solutions across the industry. Through a business model that balances the nurturing of open-source software with the provision of enterprise-grade solutions and services, Netgate has established a robust support system for the development of free and accessible networking technologies. Their approach enables a spectrum of users, from individuals and small businesses to large-scale enterprises, to benefit from a suite of networking security and reliability tools. In collaboration with partners such as IT and General, Netgate has positioned itself as a trusted provider in network security solutions, offering an array of services that cater to a diverse set of networking needs.

Why Buy a Netgate pfSense plus Appliance?

Netgate Appliances

Lifetime software and security updates at no additional charge

Netgate appliances are the official pfSense hardware, engineered to run pfSense Plus natively. This means that Netgate devices are specifically designed, developed, and rigorously tested to guarantee optimal performance and stability with pfSense Plus. By opting for Netgate pfSense Plus appliances, business users not only gain access to reliable hardware but also ensure compliance with industry standards. Every Netgate-branded appliance comes with TAC Lite support, software and security updates at no additional charge for the life of the unit.

Why do IT professionals choose pfSense to protect their businesses?

IT professionals choose pfSense for its cost-effectiveness, as it requires no license fees, and its security, enhanced by the transparency of open-source development. The longevity of the pfSense project is assured by Netgate’s solid business model, while its reliability stems from being based on FreeBSD, a robust operating system used by numerous enterprise security applications. Trust in pfSense is growing globally among enterprises due to its reputation as a dependable open-source network security solution. Its scalability is a key feature, with compatibility across various hardware and cloud platforms. Additionally, Netgate and its partners provide strong support and thorough, continually updated documentation, making pfSense an attractive option for businesses seeking a versatile and secure network security solution.


No recurring license fees are required to run pfSense.


Security guaranteed by transparency. The eyes of the community around open-source software would not let go unnoticed bugs or backdoors frequently discovered in the established closed-source firewall brands.


The open-source pfSense project is backed up by Netgate with a solid business model and revenue based on support and hardware offering. This ensure longevity of the project and continuous development.


With thousands of businesses and enterprises utilizing pfSense® software, it has earned the reputation of being the world's most trusted open-source network security solution.


pfSense is based on FreeBSD, the solid foundation also utilized by numerous enterprise security applications from Check Point, Cisco PIX, Cisco ASA, Juniper, Sonicwall, Netgear, Watchguard, Astaro, and others.


pfSense not only run on Netgate devices but it also run on several standard server architectures that can be designed around ever changing business requirements. Netgate’s pfSense software is also available in the Azure and AWS Marketplaces.


With pfSense Plus, businesses are covered by commercial support from Netgate as well as several partners around the globe, such as IT AND GENERAL.


pfSense is thoroughly documented by Netgate, offering detailed information and regularly updated guidelines on how to best use the pfSense® software.

pfSense News and Articles

Explore the latest pfSense Plus RELEASE 23.09 features and enhancements. Exclusive for Netgate appliance users – upgrade at no extra cost! If you're an ITG customer with a maintenance package or support contract, stay tuned – we'll reach out to plan your seamless upgrade. Discover all the details here....

pfSense® and pfSense Certified® are registered trademarks of Electric Sheep Fencing, LLC in the United States and other countries.