pfSense: Not Linux, Not Bad

Through the years, I've used all sorts of router and firewall solutions at home and at work. For home networks, I usually recommend something like DD-WRT, OpenWRT or Tomato on an off-the-shelf router. For business, my recommendations typically are something like a Ubiquiti router or a router/firewall solution like Untangled or ClearOS. A few years ago, however, a coworker suggested I try pfSense instead of a Linux-based solution. I was hesitant, but I have to admit, pfSense with its BSD core is a rock-solid performer that I've used over and over at multiple sites.

It's not that pfSense is better than a Linux solution, but rather, it feels more focused. It seems like many of the firewall/router solutions out there try too hard to be everything for your network. pfSense offers services like DNS, DHCP, SNMP and so on, but out of the box, it just routes traffic and does it very well. Another thing that makes pfSense worth checking out is that there's no "premium" version of it. What you download is the full, complete pfSense product. The only thing you can pay for is support. That model has been around for a long time in the Open Source world, but lately it's been outmoded by the "freemium"-type offerings.

If you're looking for a firewall/router/NAT solution for your network, and you're not afraid to use a non-Linux product, I can't recommend pfSense enough. It's fast, rock-solid, and it has just enough network-related addons available to make it a viable option for small to medium-sized networks. Plus, it's completely free, so you can test it out without any financial commitment!

______________________

Shawn Powers is a Linux Journal Associate Editor. You might find him on IRC, Twitter, or training IT pros at CBT Nuggets.