pfSense Plus Software on AWS

Netgate pfSense® Plus software is the world's leading price-performance edge firewall, router, and VPN solution, with over seven million installations used by homes, businesses, government agencies, educational institutions, and service providers.

pfSense Plus Logo White


AWS White logo


Get pfSense Plus on AWS

pfSense Plus Software Highlights

  • Leading Open-source Driven Firewall, Router, and VPN (OpenVPN®, IPsec, and WireGuard®) Solution for network edge and cloud secure networking.
  • Unparalleled TCO. No hidden fees for features or functions, arbitrary licensing fees, or artificial user limitations.
  • Technical Support Included.
Attack Prevention
User Authentication and System Security
Monitoring and Reporting

pfSense Plus Logo

Cloud Features on AWS


  • Extensive firewall rules
  • Stateful filtering & packet inspection
  • Per-interface configuration
  • Ethernet (layer 2) rule-based packet filtering
  • IP/DNS-based filtering and blacklisting [w/pkg]
  • Multi-Zone & Region High Availability 


  • Policy-based routing
  • Multiple IP addresses per interface
  • Multiple WAN connections (with load balancing and failover)
  • Complex NAT mapping (outbound and inbound)
  • Concurrent IPv4 and IPv6 support
  • Dynamic routing protocol support [w/pkg]

Attack Prevention

  • IDS/IPS with Snort-based packet analyzer [w/pkg]
  • Layer 7 application detection and blocking [w/pkg]
  • Reverse proxy [w/pkg]
  • Geo/country blocking, IP block lists [w/pkg]


  • Site-to-site and remote access (Mobile) VPNs
  • IPsec, OpenVPN, WireGuard
  • Split tunneling
  • IPsec policy-based and route-based protocol support
  • OpenVPN Data Channel Offload (DCO)
  • Intel® IPsec Multi-Buffer (IIMB) where available
  • Intel QuickAssist Technology (QAT) where available

User Authentication and System Security

  • User and group-based privileges
  • LDAP authentication
  • Automatic lockout after repeated attempts
  • Optional key-based SSH access
  • Traffic and bandwidth shaping
  • Captive portal with user data transfer quotas
  • External RADIUS authentication [w/pkg]

Monitoring and Reporting

  • Customizable dashboard with widgets
  • Local monitoring graphs
  • Remote logging
  • Network usage monitoring [w/pkg]
  • Network diagnostics [w/pkg]

Top 3 Use Cases for pfSense Plus Software on AWS

1. Securely connecting on-premise infrastructure to the cloud

2. Protecting cloud-based applications and workloads

3. Providing secure access to cloud workloads and applications


Who depends on pfSense Plus software?


Businesses of all sizes and in every vertical use pfSense Plus - especially those who expect features found in enterprise-class solutions, at budget-friendly consumer / SMB level price points.

cloud iStock-508311852 1 coworks-at-desk

Do You Need A Cloud Firewall?

Cloud computing has many benefits; flexibility and the potential for lower costs are two very attractive reasons why the cloud is rapidly replacing data centers, and businesses are busy moving applications and workloads to the cloud. 

A cloud firewall can protect your Virtual Private Cloud (VPC) with intrusion detection/intrusion prevention (IDS/IPS), function as a DNS server, NAT Gateway, and provide additional secure communications between the following scenarios: 

  • Cloud instances (cloud-to-cloud)
  • Your organization’s network and cloud instance (site-to-cloud)
  • Employee assets (computers, phones, tablets) and a cloud instance (endpoint-to-cloud)

Reduce Your Cost of Cloud Security on AWS

pfSense Plus software on AWS® is almost ¼ of the cost of using the AWS Network Firewall and VPN services. 

One common pricing strategy on the cloud is that you only “pay for only what you need.” Cloud platforms have taken this to the extreme by breaking out every function in the firewall as a separate service you purchase and assemble into your cloud solution. Unfortunately, À la carte services can get expensive quickly when looking at just a handful of common functions asked of a firewall.

Learn More

AWS Firewall vs. pfSense Software

  • The two main charges associated with the AWS Network Firewall are: 
    Network Firewall Endpoint Hourly: $0.395/hour
  • Network Firewall Data Processing Charge: $0.065/1 GB of data processed by the firewall 

pfSense Plus software on an m5.large AWS EC2 instance costs $0.24/hour.

Right away, choosing pfSense Plus software from Netgate saves the user $1339.20/year in hourly charges, not even including AWS Network Firewall data processing charges.

AWS VPN vs. pfSense Software

The total cost for the AWS VPN (before outbound data transfer fees) is $11,424/year.

pfSense Plus software on AWS is $0.24/hr. Including the cost of a m5.large EC2 instance ($0.096/hr) and assuming 720 hours/month, the cost of pfSense software is just $2903.04/year.

That is 74.5% less expensive!


Live 24x7 Support

TAC Lite is included with AWS instances. Customers can purchase additional TAC support, Pro ($399/Year) or Enterprise ($799/Year), for technical support via email, portal, or phone with a four (4) or 24-hour initial response SLA. 

Learn More

wireless headset make conference video call-705x620