pfSense

I've used PFSense for home lab environments as well as small office environments. As far as a full-featured firewall, there are very few other competitors that can offer the same value today. For free, using the homelab license, you can perform many tasks that mimic an enterprise-grade firewall, such as setting up S2S VPN configurations, DHCP, and NAT. Plugs in well with Home Assistant and also serves as a good way to detect if someone or something has actually connected to the network.

• Can't get much cheaper than free for the right use cases.

Fortinet FortiGate and Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series

We use pfSense for firewall role, VPN and IPSec, DHCP, and an additional IDS with Suricata addon. We migrated IPTables and Sonicwall firewall solutions to pfSense, and it acomplish all of our needs and more. It is very flexible, easy and intuitive to configurate. We have deployed it both as stand alone and high availability with cluster, and works like a charm.

• Positive, implementation
• Positive, administration and management
• Positive, high availability
• Positive, applications
• Negative, compliance

Fortinet FortiGate and SonicWall SonicWave Series

Grafana, Graylog, Fortinet FortiGate, Azion, Cloudflare, NGINX, Kong Gateway Community (Open Source)

I have been using pfSense of over 15 years and have been extremely happy with it. I have use CISCO routers, Fortigate, SonicWAll, Ubiquiti UniFi and others, and the pfSense CE edition has more features and is is much easier to use while providing EXCELLENT protection. I have 18 pfSense CE versions running now on virtual or my on SuperMicro hardware at my hone and my servers at the WOW colocation facility in Tampa, FL and recommend it to all of my clients. I have upgraded many of them to pfSense Pluss which is $129 and fully supported by the Netgate team. (support hours additional $) It has more reliable updates and code than the CE edition. I HIGHLY recommend it.

• + It is extremely Secure in Plus Version, inexpensive, can be virtualized
• + It runs on any server hardware
• + While being the best of the breed, it is also the least expensive
• - The CE version is open source, possibly giving hackers a way to figure out vulnarabilities
• + The Pluss version is NOT all opens source

Cisco 1000 Series Aggregation Services Routers (ASR 1000) and Fortinet FortiGate

Oracle Linux, Sangoma Asterisk, Oracle VM VirtualBox

We use pfSense in redundant pairs to service large coworking spaces, and it’s proven reliable and secure for many years. It’s easy to configure, simple, and reliable. We’ve weathered a lot of different events that I’ve seen bring down other firewalls. We apply a significant number of filters to reduce malware C2 and still achieve excellent performance. At this point we’ve deployed these machines to a dozen locations globally and have come to trust it.

• Lowers cost to deploy networks
• Improves network reputation

Cisco ASA 5500-X with FirePOWER Services and Palo Alto Networks Advanced Threat Prevention

Extreme Networks Wired Access - Switches

pfSense is used in a high availability pair as the primary firewall/router/gateway of our environment. It is also used as the primary VPN remote access solution. pfSense is also providing ids/ips, traffic shaping, and handling all layer 3 needs. pfSense addresses the licensing problem that most other firewalls have today. pfSense, while recently requiring a license, is not a continuous licensing investment like competitors.

• High ROI
• Missing modern features
• Development cycle is slow

Fortinet FortiGate, Cisco Meraki MX and Sophos UTM

Microsoft Exchange, SuperOps.ai, PaperCut