Pfsense Firewall Appliance Features

pfSense open-source software is a highly configurable, full-featured solution that meets any need from the edge to the cloud

Applications

  • VPN Server
  • High Availability
  • Load Balancing
  • Traffic Shaping
  • Captive Portal
  • UTM Device
  • Firewall / Router
  • DNS / DHCP Server
  • IDS / IPS
  • Transparent Caching Proxy
  • Web Content Filter
  • And more …

Features

Firewall and Router

  • Stateful Packet Inspection (SPI)
  • GeoIP blocking
  • Anti-Spoofing
  • Time based rules
  • Connection limits
  • Dynamic DNS
  • Reverse proxy
  • Captive portal guest network
  • Supports concurrent IPv4 and IPv6
  • NAT mapping (inbound/outbound)
  • VLAN support (802.1q)
  • Configurable static routing
  • IPv6 network prefix translation
  • IPv6 router advertisements
  • Multiple IP addresses per interface
  • DHCP server
  • DNS forwarding
  • Wake-on-LAN
  • PPPoE Server

VPN

  • IPsec and OpenVPN
  • Site-to-site and remote access VPN support
  • SSL encryption
  • VPN client for multiple operating systems
  • L2TP/IPsec for mobile devices
  • Multi-WAN for failover
  • IPv6 support
  • Split tunneling
  • Multiple tunnels
  • VPN tunnel failover
  • NAT support
  • Automatic or custom routing
  • Local user authentication or RADIUS/LDAP

Intrusion Prevention System

  • Snort-based packet analyzer
  • Layer 7 application detection
  • Multiple rules sources and categories
  • Emerging threats database
  • IP blacklist database
  • Pre-set rule profiles
  • Per-interface configuration
  • Suppressing false positive alerts
  • Deep Packet Inspection (DPI)
  • Optional open-source packages for application blocking

Enterprise Reliability

  • Optional multi-node High Availability Clustering
  • Multi-WAN load balancing
  • Automatic connection failover
  • Bandwidth throttling
  • Traffic shaping wizard
  • Reserve or restrict bandwidth based on traffic priority
  • Fair sharing bandwidth
  • User data transfer quotas

User Authentication

  • Local user and group database
  • User and group-based privileges
  • Optional automatic account expiration
  • External RADIUS authentication
  • Automatic lockout after repeated attempts

Proxy and Content Filtering

  • HTTP and HTTPS proxy
  • Non Transparent or Transparent caching proxy
  • Domain/URL filtering
  • Anti-virus filtering
  • SafeSearch for search engines
  • HTTPS URL and content screening
  • Website access reporting
  • Domain Name blacklisting (DNSBL)
  • Usage reporting for daily, monthly, etc.

Administration

Configuration

  • Web-based configuration
  • Setup wizard for initial configuration
  • Remote web-based administration
  • Customizable dashboard
  • Easy configuration backup/restore
  • Configuration export/import
  • Encrypted automatic backup to Netgate server
  • Variable level administrative rights
  • Multi-language support
  • Simple updates
  • Forward-compatible configuration
  • Serial console for shell access and recovery options

System Security

  • Web interface security protection
  • CSRF protection
  • HTTP Referer enforcement
  • DNS Rebinding protection
  • HTTP Strict Transport Security
  • Frame protection
  • Optional key-based SSH access

Reporting & Monitoring

  • Dashboard with configurable widgets
  • Local logging
  • Remote logging
  • Local monitoring graphs
  • Real-time interface traffic graphs
  • SNMP monitoring
  • Notifications via web interface, SMTP, or Growl
  • Hardware monitoring
  • Networking diagnostic tools

Netgate Hardware Comparison

The NetgateĀ® hardware comparison chart is designed to give visitors a quick side-by-side comparison of Netgate appliances against one another. While most of this data (and more) exists on individual product pages, we believe the chart makes it fast and easy for viewers to quickly determine which appliance is best for their needs.
The comparison matrix has two critical dimensions:

1. Packet Sizes: iPerf3 and IMIX
2. Secure Networking Function: Routing (Forwarding), Firewall, VPN

This provides a very clear manner by which products can be compared – and under different levels of user-experienced traffic conditions. We see this as crucial given our user base varies, literally, from home consumers (with relatively light bandwidth and firewall needs) all the way to sophisticated enterprises (who demand predictable performance under the most strenuous encryption and packet mix conditions).

FEATURED PRODUCTS

Choose The Right Product For Your Business Needs

The NetgateĀ® hardware comparison chart is designed to give visitors a quick side-by-side comparison of Netgate appliances against one another. While most of this data (and more) exists on individual product pages, we believe the chart makes it fast and easy for viewers to quickly determine which appliance is best for their needs.

FEATURED PRODUCTS