pfSense in company environment

[bigdunc]

Hi

Sorry if this is in the wrong forum but I was wondering what peoples thoughts are on putting pfSense in a corporate production environment. I have approached the powers that to replace the current Draytek firewalls and would look at putting pfSense as a replacement. They are aware that it is Open Source and have reservations.

Would you be happy putting pfSense in a production environment or would it be better to use an official Netgate appliance or would you recommend something different like a Fortinet Fortigate or similar?

Cheers

 

[bigdunc]

I'm more than happy, as we run it at work, having needed something a little more powerful and with a few more options than our previous Drayteks.

We currently run the Community edition of PFSense on a HP DL360G7, but at some point I will be looking to move across to OPNSense on a newer slightly more energy efficient platform.

Personally I wouldn't consider a Netgate appliance (or the paid for support of PFSense), as I'm more than happy to address any issues we have myself. (And arguably we have better "support" in place, as have cold spare hardware - and parts that are standardised)

Can I ask why you would be looking to move to OPNSense and away from pfSense?

 

[bigdunc]

How are the Draytek firewalls failing? Or, what can pfSense do better? And how big a company or site is this?

We have had issues where they can constantly reboot for no reason that we can fathom and neither can Draytek support. They don't seem particularly stable with IPSEC VPN's, they can drop and not rebuild, status showing as being connected and traffic not passing, RDP connections dropping for all users. All things which are a problem for end users and Draytek support although helpful can't find a reason why