Security Solutions

pfSense open-source software is a highly configurable, full-featured solution that meets any need from the edge to the cloud.

Applications

  • VPN Server
  • High Availability
  • Load Balancing
  • Traffic Shaping
  • Captive Portal
  • UTM Device
  • Firewall / Router
  • DNS / DHCP Server
  • IDS / IPS
  • Transparent Caching Proxy
  • Web Content Filter
  • And more ...

Features

Firewall and Router

  • Stateful Packet Inspection (SPI)
  • GeoIP blocking
  • Anti-Spoofing
  • Time based rules
  • Connection limits
  • Dynamic DNS
  • Reverse proxy
  • Captive portal guest network
  • Supports concurrent IPv4 and IPv6
  • NAT mapping (inbound/outbound)
  • VLAN support (802.1q)
  • Configurable static routing
  • IPv6 network prefix translation
  • IPv6 router advertisements
  • Multiple IP addresses per interface
  • DHCP server
  • DNS forwarding
  • Wake-on-LAN
  • PPPoE Server

VPN

  • IPsec and OpenVPN
  • Site-to-site and remote access VPN support
  • SSL encryption
  • VPN client for multiple operating systems
  • L2TP/IPsec for mobile devices
  • Multi-WAN for failover
  • IPv6 support
  • Split tunneling
  • Multiple tunnels
  • VPN tunnel failover
  • NAT support
  • Automatic or custom routing
  • Local user authentication or RADIUS/LDAP

Intrusion Prevention System

  • Snort-based packet analyzer
  • Multiple rules sources and categories
  • Emerging threats database
  • IP blacklist database
  • Pre-set rule profiles
  • Per-interface configuration
  • Suppressing false positive alerts
  • Deep Packet Inspection (DPI)
  • Optional open-source packages for application blocking

Enterprise Reliability

  • Optional multi-node High Availability Clustering
  • Multi-WAN load balancing
  • Automatic connection failover
  • Bandwidth throttling
  • Traffic shaping wizard
  • Reserve or restrict bandwidth based on traffic priority
  • Fair sharing bandwidth
  • User data transfer quotas

User Authentication

  • Local user and group database
  • User and group-based privileges
  • Optional automatic account expiration
  • External RADIUS authentication
  • Automatic lockout after repeated attempts

Proxy and Content Filtering

  • HTTP and HTTPS proxy
  • Non Transparent or Transparent caching proxy
  • Domain/URL filtering
  • Anti-virus filtering
  • SafeSearch for search engines
  • HTTPS URL and content screening
  • Website access reporting
  • Domain Name blacklisting (DNSBL)
  • Usage reporting for daily, monthly, etc.

Administration

Configuration

  • Web-based configuration
  • Setup wizard for initial configuration
  • Remote web-based administration
  • Customizable dashboard
  • Easy configuration backup/restore
  • Configuration export/import
  • Encrypted automatic backup to Netgate server (with pfSense Gold)
  • Variable level administrative rights
  • Multi-language support
  • Simple updates
  • Forward-compatible configuration
  • Serial console for shell access and recovery options

System Security

  • Web interface security protection
  • CSRF protection
  • HTTP Referer enforcement
  • DNS Rebinding protection
  • HTTP Strict Transport Security
  • Frame protection
  • Optional key-based SSH access

Reporting & Monitoring

  • Dashboard with configurable widgets
  • Local logging
  • Remote logging
  • Local monitoring graphs
  • Real-time interface traffic graphs
  • SNMP monitoring
  • Notifications via web interface, SMTP, or Growl
  • Hardware monitoring
  • Networking diagnostic tools

Deployment Scenarios

Netgate's portfolio offers a wide range of virtual and physical appliances that provide affordable throughput and failover resilience.

In the Cloud

Netgateā€™s pfSense virtual appliance makes your enterprise-ready Amazon Web Service (AWS) or Microsoft Azure deployment cost effective, easy to configure, and scalable to your needs.

  • Lower your total cost with similar services at a fraction of the price.
  • Identical in navigation and features to hardware-based pfSense software.
  • Choose the pfSense installation and instance sizing that are right for you.

Amazon AWS Microsoft Azure

On Premises

When hardware is a necessity, Netgate offers reliable, low power consumption options to fit your requirements. When bundled with Netgate Global Support, you have 24/7 assistance available.

Small / Branch Office Medium Enterprise Datacenter Large Enterprise Cloud Perimeter
SG-1000        
SG-2220      
SG-2440      
SG-4860      
SG-4860 1U      
SG-8860 1U  
XG-2758 1U  
XG-1541 1U  

The VMware Ready image of pfSense software is available with a pfSense Gold Membership.