The world’s leading open-source driven firewall, router, and VPN solution for network edge and cloud secure networking.
Over two million installs protecting consumers, businesses, governments and educational institutions.
pfSense Plus software consists of a number of open source projects, Internet standards and protocols, independently maintained software modules and Netgate value-add software.
Netgate’s productization and ongoing release progression converts the above into a turnkey software product, complete with Netgate-assured testing, comprehensive documentation, release packaging, distribution and customer support.
From a pure technology perspective, we know customers like to ‘peek under the hood’ to understand what they are buying.
A simple software stack diagram - complemented by a list of some of the more prominent software elements - most of which are user-insertable packages - describes the vast majority of pfSense Plus software from a software-plane taxonomy point of view.
A free implementation of the RADIUS protocol, used for Authentication, Authorization, and Accounting (AAA).
A GUI for the FRR routing daemon which supports BGP, OSPF, and OSPF6.
FTP Client Proxy
A basic FTP client proxy using ftp-proxy from FreeBSD.
A reliable, high performance TCP/HTTP(S) load balancer that implements the TCP, HTTP and HTTPS balancing features from haproxy and supports ACLs for smart backend switching. Requires SSD/HDD.
Creates IPsec configuration profiles for Apple devices (iOS and OS X) and IPsec import script bundles for Windows devices.
OpenVPN Client Export
Generates pre-configured OpenVPN configuration files for clients, Windows Client installers with configurations bundled, and Mac OS X Viscosity configuration bundles, among others.
Utility for controlling connections through the firewall based on more general criteria than firewall rules, e.g. by country, by domain name, etc. Manages IPv4/v6 List Sources into ‘Deny, Permit or Match’ formats. GeoIP database by MaxMind Inc. (GeoLite2 Free version).
An open source network intrusion detection and prevention system (IDS/IPS). Combining the benefits of signature, protocol, and anomaly-based inspection. SSD/HDD is strongly recommended.
A high performance web proxy cache. It combines Squid as a proxy server with its capabilities of acting as a HTTP/HTTPS reverse proxy. SSD/HDD recommended.
A high performance web proxy URL filter. SSD/HDD recommended.
A multiplatform IPsec implementation that uses X.509 public key certificates and optional secure storage of private keys and certificates for strong authentication.
A high performance network IDS/IPS and security monitoring engine by OISF. SSD/HDD strongly recommended.
A computer operating system with advanced networking, security, and storage features
A high performance web proxy reporting tool. Includes realtime proxy statistics (SQStat). Requires the Squid package. Requires SSD/HDD.
The NET-SNMP implementation of SNMP. More extensible than the built-in SNMP daemon (bsnmpd), and supports SNMPv3 authentication and TLS encryption.
A utility for network exploration and security auditing useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
A network traffic probe that monitors network usage and provides a web user interface for the exploration of realtime and historical traffic information. Requires SSD/HDD.
Network UPS Tools (NUT)
Provides support for monitoring of Uninterruptible Power Supplies. It supports UPS units attached locally via USB or serial, and remote units via the SNMP protocol, the APCUPSD protocol or the NUT protocol.
Gives a total amount of traffic passed In/Out during this and the previous month. Set to be replaced by the Traffic totals package.
An agent written in Go for collecting, processing, aggregating, and writing metrics.
Zabbix Monitoring agent. The agent gathers operational information locally and reports data to Zabbix server for further processing. The agent can also generate alerts in case of failures. Available in multiple versions.
Netgate Value Add
Our roots are open source. We firmly believe in it. We have based our entire company upon it. But it’s deeper than that for us. We are also heavy, and long-term, open source software contributors. We always will be. And, of course, beyond our open source contributions, we deliver business assurance value for our customers, who depend on Netgate every day to keep their networks securely connected to the digital world.
Contribution to Open Source Software
There are many ways to help build a better world for all by thoughtfully participating in the open source software ecosystem. We are proud of our long heritage of giving back open source via the following ongoing contributions:
Significant financial sponsorship
Engineering and test resources
Upstreamed code to numerous open-source projects including Clixon, DPDK, FD.io/VPP, FreeBSD, Free Range Routing (FRR), Linux, pfSense, and strongSwan
Full-time employment or contractual relationships with numerous developers holding roles in FreeBSD, pfSense, Clixon, and VPP/FD.io projects - whose contributions and responsibilities include development, administration, maintenance, release engineering, etc.
By the numbers
Open source pfSense software releases
pfSense software code submits
Company employees with code commits to pfSense software
pfSense software downloads
Customer Value Add
As powerful and capable as open source software is, it alone is not the answer for organizations whose depend upon secure networking connectivity for their livelihood. This is where Netgate’s productization of open source technology delivers extraordinary value with unbeatable economics.
Value-added software features not available in open source contributions
Fully-tested software releases - for turnkey appliances, public cloud instances, and commercial virtual machine use
Securely distributed for customer efficiency and confidence
24x7 direct support options from seasoned network engineers who know the software like the back of their hand
Comprehensive documentation to support needs ranging from first-time deployments to advanced use-cases
These value-add capabilities enable Netgate to provide the best possible secure networking experience for each and every customer - 24x7.