We just raised a $30M Series A: Read our story

OPNsense OverviewUNIXBusinessApplication

OPNsense is #19 ranked solution in best firewalls. IT Central Station users give OPNsense an average rating of 8 out of 10. OPNsense is most commonly compared to pfSense: OPNsense vs pfSense. The top industry researching this solution is Comms Service Provider, accounting for 46% of all views.
What is OPNsense?

OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources.

OPNsense Buyer's Guide

Download the OPNsense Buyer's Guide including reviews and more. Updated: October 2021

OPNsense Customers
CompuNet Systems GmbH,

Pricing Advice

What users are saying about OPNsense pricing:
  • "OPNsense is a well known open-source tool."
  • "OPNsense is an open-source solution and it is free to use."
  • "It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source."
  • "As an appliance, it's in the medium price range."
  • "OPNsense is open source software so at this time it is free for us to use."
  • "The solution is not expensive."

OPNsense Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
YaserAljohani
OT/ICS Information Security Specialist at SANS
Real User
Top 20
A solution that detects and blocks malicious content with good reporting and visibility, but the reliability needs improvement

Pros and Cons

  • "The most valuable features in OPNsense are reporting and visibility."
  • "There are issues with stability and reliability."

What is our primary use case?

The primary use case of this solution is to detect and block malicious traffic, malicious files, and malicious links to protect the internal network from any external malicious website that may contain a virus or malware.

What is most valuable?

The most valuable features in OPNsense are reporting and visibility. 

The visibility is awesome. With the visibility, you can see the data source, data destination, the source port, destination port, protocols, the most used, the malicious files that have been detected and blocked, the countries the customer has visited, and the IPs based on Suricata.

OPNsense also has ClamAV, which is a great tool.

What needs improvement?

I have some issues with OPNsense. I have created a virtual machine that I've lost connection at times and I am not able to connect to the gateway or ping the internet. When I started with OPNsense, it worked right away. It may be an issue with the virtual machine itself. I am currently setting up the protection on all of the virtual machines so they will connect to OPNsense and the internet, or anywhere they need to access.

I have tried to download some malicious files or a virus and it should dump the files and prevent the download, but I don't seem to get any notification or warnings.

It may be an issue with the configuration but I am not sure.

I would like to see improvements made to connectivity and alerting.

I wanted to deploy this solution in our organization and some of the workstations from remote sites but it's not reliable enough to do that yet.

In the next release, I would like to see real traffic monitoring and more visibility. Also, for the antivirus, I would like to see the files protected by ClamAV. 

I would like to see intelligence in OPNsense and have the option to apply it or not.

They need a threat intelligence tool similar to the one they would find with Cisco. It will show you the file hashes, all of the IFCs, the niches, the address information, and more.  With all of this information, you can be proactive and block the malicious file hashes, all of the malicious IP addresses, and the public IP addresses. It should help you be proactive.

It would be helpful to have OPNsense be one of the plugins, and they should include traffic capturing. With Palo Alto, you can monitor and specify which interface you want to monitor, the source IP, or you can specify the network and see the traffic that is coming from the VLAN, the destination, and any files being transferred over the network.

If you apply security profiles you can see the signatures.

For how long have I used the solution?

I have been using OPNsense for five months.

What do I think about the stability of the solution?

There are issues with stability and reliability.

I set up two different virtual machines. I used a virtual box, I installed it and configured higher visibility for both. One was a master and the other a standby. 

I had a virtual machine installed on Windows 10 and put the gateway for it as OPNsense, which was the master. 

I tested and shut down the first one, which is the master. When I check to see if the second one would take over, it failed. 

I couldn't connect to the internet or any destination.

What do I think about the scalability of the solution?

We have not explored the scalability. We are only a small lab with two to three workstations.

I have a colleague working with me, together. We meet weekly to share the progress we have.

I use the enterprise version daily. It's scalable, stable, they have proper documentation and support. We get daily updates from the vendor.

OPNsense is a great tool but it lacks information that you need before deploying it.

How are customer service and technical support?

I have reached out to the community for support, but they haven't seen anything like the issues that I am experiencing. 

I have not contacted OPNsense directly.

How was the initial setup?

The initial setup was straightforward and easy.

It took 30 to 45 minutes to set up and deploy OPNsense.

What about the implementation team?

I did not use a vendor to implement this solution, I did it myself.

What's my experience with pricing, setup cost, and licensing?

OPNsense is a well known open-source tool.

Which other solutions did I evaluate?

I am currently evaluating and searching for open-source enterprise firewalls and doing a comparison of the features between all of them. I am assessing the pros and cons of vendors. 

I am looking for something that will give me a report on the comparison of features, capabilities, the different vendors, and the different open-source solutions that are available.

I am also doing a comparison on Palo Alto, Cisco Firepower, and Fortinet Fortigate.

What other advice do I have?

I don't have any information on the bandwidth and what it can handle, or how many workstations can work with it. This information is very important, but I can't find any resources for this information.

The reporting is amazing. You can export reports, you can set the parameters, and export reports based on your needs.

I would rate this solution a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
HP
Senior Network Architect at Virtua Technologies
Real User
Top 5
Cost-effective with good reporting and firewall capabilities, but the SD-WAN needs to be enhanced

Pros and Cons

  • "The most valuable features are reporting, the Sensei plugin, and firewall capabilities."
  • "I would like to see better SD-WAN performance."

What is our primary use case?

I am currently working with OPNsense to see if I can learn it. This product is used in small to medium-sized businesses for security, UTM, and other similar operations. We are a solution provider and this is one of the security solutions that we implement for our clients.

How has it helped my organization?

Offering this solution has provided some of our clients with firewall protection and UTM, which basically just protects them from the internet.

What is most valuable?

The most valuable features are reporting, the Sensei plugin, and firewall capabilities.

What needs improvement?

The vendor should offer compatibility-approved boxes, or at least stock one with OPNsense already installed. This would make it a one-stop-shop, and people would not have to worry about sourcing the hardware separately.

I would like to see better SD-WAN performance. I think that could be a very good bonus because SD-WAN is all the rage these days. That is probably the big thing that people need to improve upon, in terms of combining two, three, or four links.

The interface should continue to improve, which would make things a bit easier. For me, it was already easy, but nonetheless, it is quicker to install a FortiGate firewall.

For how long have I used the solution?

I have been working with OPNsense for approximately one year.

What do I think about the stability of the solution?

This is a very stable product and I've had no issues with it.

What do I think about the scalability of the solution?

This product is very scalable. I always buy hardware that can handle a lot of connections and a lot of users. So, in terms of scalability, all you have to do is upgrade your hardware. Or, it is especially scalable if you use the VM version because you only have to provision more resources.

We regularly have between 20 and 50 users, although sometimes it is as little as 5 or 10.        

How are customer service and technical support?

I have not been in contact with technical support. So far, everything has been good because I just use Google to find all of the answers and all of my solutions.

Which solution did I use previously and why did I switch?

I primarily work with FortiGate, but I am currently dabbling in OPNSense to see if I can learn it. I've also installed Cisco in the past, as well as Sophos.

FortiGate is a better firewall but that is commercial software that you have to buy a license for. OPNsense is suitable for small to medium-sized businesses. FortiGate is definitely quicker to install because you just buy the appliance. It's also more user-friendly.

If you dabble a bit with OPNsense, it can do about 90% of what FortiGate can do, but FortiGate is more user-friendly. Of course, with OPNsense being open-source, it will always beat FortiGate on price.

I think that with FortiGate, it is easier to log a support call. I haven't really needed technical support for OPNsense, but I know that FortiGate has the score logging facility, whereby you can just quickly log a call. There's also support in South Africa and I know company people that I can just call for help with FortiGate. But with OPNsense, I haven't really had a complicated setup, so for me, it has been okay and it hasn't been an issue.

The SD-WAN is also better on FortiGate. I think that they are heavily focused on security, so they might have better application profiles and other things, such as application threat detections.

Although about 80% of our clients ask for FortiGate, some of our clients ask for Sophos instead. For example, there are some banks and commercial institutions that ask for Sophos.

How was the initial setup?

The initial setup is straightforward and quite simplified. I work in a Linux environment so for me, it will be a bit easier.

What's my experience with pricing, setup cost, and licensing?

OPNsense is an open-source solution and it is free to use. You need only purchase the hardware.

What other advice do I have?

The suitability of this product often depends on the size of the company, although sometimes there are clients that just want FortiGate and they're not open for negotiation. Personally, I like open-source and it's always a bonus if I can get stuff for free.

I would rate this solution a seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Learn what your peers think about OPNsense. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
543,424 professionals have used our research since 2012.
CA
Owner and business consultant at networks srl
Real User
Top 5
It allows me to assess our network traffic and has the best user interface

Pros and Cons

  • "The VPN server feature is the most valuable. It is integrated with Radius and AAA for doing accounting and authentication. Insight view is also an important feature for me at this time. It allows me to assess our network traffic. I also like the firewall feature. The BSD kernel has a packet filter. It is one of the most solid frameworks for firewalls. Its user interface is one of the best interfaces I have used."
  • "The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform."

What is our primary use case?

It is the main firewall for one of our locations. We use it for intrusion detection and prevention. We are using the latest software version, but the hardware is not the latest.

What is most valuable?

The VPN server feature is the most valuable. It is integrated with Radius and AAA for doing accounting and authentication.

Insight view is also an important feature for me at this time. It allows me to assess our network traffic. I also like the firewall feature. The BSD kernel has a packet filter. It is one of the most solid frameworks for firewalls.

Its user interface is one of the best interfaces I have used. 

What needs improvement?

The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform.

For how long have I used the solution?

I started to use OPNsense about three years ago.

What do I think about the stability of the solution?

It is stable, but for us, it is not yet so reliable. Our server is an old DL120 HP Server, which is from the year 2006. We have ordered another appliance. After we receive the new appliance, it would be more stable for us.

What do I think about the scalability of the solution?

It scales well for our needs. I haven't tried any horizontal or vertical scaling so far.

How are customer service and technical support?

I did not need any technical support.

Which solution did I use previously and why did I switch?

I used pfSense two years ago, but I was not so happy with our system protection. I have also previously used Cisco ASA appliance. It was a 5505 model, but it failed because of the hardware issues. It was prone to hardware failure, and in one month, we lost both firewalls. It was also not so easy to see traffic with Cisco ASA. I could not easily identify traffic issues. 

How was the initial setup?

The initial setup was straightforward. I also have experience with BSD services, so I had no issues at all. It took us half an hour to deploy it for 250 users.

What about the implementation team?

We deployed it ourselves. There was no need for a consultant for the deployment. We have two engineers for its deployment and maintenance.

What's my experience with pricing, setup cost, and licensing?

It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source.

What other advice do I have?

We plan to continue using this solution. Right now, we are settling our networks. We plan to expand its usage, but I don't think it will happen until 2022.

It has a good user interface. Its configuration is simple but requires a little planning. It is much simpler than the Cisco ASA configuration.

I would recommend this solution. I would rate OPNsense a nine out of ten. I am happy with it.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Faris Khan
Support Engineer at Techaccess Pakistan
Real User
Top 20
User friendly and easy to deploy but doesn't have next-generation firewall capabilities

Pros and Cons

  • "The solution is good for a basic firewall for a small business or for home use."
  • "The solution would not be suitable for anything large-scale."

What is our primary use case?

The solution is primarily used as a basic firewall. I'm running my WiFi through it.

What is most valuable?

The solution is very user-friendly.

It's easy to manage and deploy.

The solution is good for a basic firewall for a small business or for home use.

What needs improvement?

The solution can't compete with next-generation firewalls.

The solution would not be suitable for anything large-scale.

For how long have I used the solution?

I've been using the solution for a year or two.

What do I think about the stability of the solution?

There are issues with the VPN availability, but overall, the is a pretty smooth connection.

What do I think about the scalability of the solution?

We have two people running the solution and another 50 to 80 people using the solution, so we have a relatively small setup.

The solution is scalable and can be deployed to multiple VMs.

How are customer service and technical support?

I've never reached out to technical support. If I run into problems, I tend to Google queries in order to find solutions.

Which solution did I use previously and why did I switch?

I was not at the company when they had a different solution, so I am unsure as to what it was.

Currently, I'm looking for another firewall and I am working on upgrading. We may use an Ignition firewall in the near future.

I've also deployed a couple of different firewalls in the past, including Huawei.

How was the initial setup?

The solution wasn't too complex, but the VPN setup isn't so reliable. It sometimes misbehaves or malfunctions or breaks down automatically. Occasionally it disconnects and you can't transfer the data from it.

Deployment took about a day or so. It takes maybe five or six hours to get everything up and running.

Since it's a simple firewall, anyone who has basic firewall knowledge can run and maintain it.

What about the implementation team?

I had some help internally from our network team when I was implementing the solution. However, I did not need outside assistance from a consultant or integrator.

What's my experience with pricing, setup cost, and licensing?

We are using a free version of the solution.

What other advice do I have?

I'm just a customer. I'm not a partner or reseller.

I'm not sure which version of the solution our organization is currently using. I understand that it is the most up-to-date version. I updated it two months ago.

The solution is good for a small business or home. I'm not sure what the paid version offers or if it has more security features that would be suitable for larger businesses. The version I'm using works well and is simple. It's more reliable than a router.

I'd rate the solution seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
FF
Cloud and Infrastrcture manager at a venture capital & private equity firm with 1,001-5,000 employees
Real User
Top 20
Easy to scale, easy to setup, and reasonably priced

Pros and Cons

  • "OPNsense is easy to scale when running on the hardware."
  • "The interface needs to be simplified. It is not user-friendly."

What is our primary use case?

We upgrade our clients when they are ready for the newer versions of OPNsense.

We are one of the local cloud providers in Indonesia. We implement OPNsense for the VPN and IPSec. We also collaborate with Zerotier to provide SD-WAN.  

Our customers have solutions that integrate between on-premises and our cloud.

We provide this solution for several clients, in multi-location offices. We have several retail customers in the city and we provide OPNsense with plug-in remote access. 

We also use OPNsense for remote access, and IPSec gives them access to a cloud environment as well as on-premises.

What is most valuable?

OPNsense is easy to scale when running on the hardware.

What needs improvement?

The interface needs to be simplified. It is not user-friendly.

The bandwidth management is easy to use, but very hard to implement. The multi-provider internet is protected by OPNsence but the features are limited, and not stable.

The high availability feature is not feasible when the hardware fails.

For how long have I used the solution?

I have been working with OPNsense since 2008.

Internally we are using the latest version. 

What do I think about the stability of the solution?

The stability of OPNsense needs improvement.

What do I think about the scalability of the solution?

OPNsense is commonly used in large enterprise companies.

How are customer service and technical support?

We have not yet contacted technical support. All of the technical issues are resolved within our company.

Which solution did I use previously and why did I switch?

We are also using pfSense.

How was the initial setup?

The initial setup is straightforward. It's an easy process.

It takes one hour to deploy.

We provide maintenance for our clients at a cost, however, 90% of our clients are familiar with the product and able to maintain the solution themselves.

What about the implementation team?

We are implementors, and we provide this solution for our clients.

What's my experience with pricing, setup cost, and licensing?

As an appliance, it's in the medium price range.

What other advice do I have?

OPNsense is suitable for Small to Medium-sized companies.

I would recommend this solution to others who are interested in using it.

I would rate OPNsense an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Flag as inappropriate
FiorindoDi Agostino
System Administration Specialist at a tech vendor with 1-10 employees
Real User
Top 20
An open-source security option that is easy-to-use and has a nice user interface

Pros and Cons

  • "The graphic user interface is very good and it is user-friendly which makes the product easy-to-use."
  • "The ability to set the VPN IP address would be a welcome addition."

What is our primary use case?

We have primarily been using it for testing at our company, but the normal primary use for the product is as a firewall.  

What is most valuable?

The most valuable thing about this product is that it is very easy to use. The graphic user interface is very good and it is user-friendly.  

What needs improvement?

The feature that I would like to see in the next release, I think, would be to improve the VPN (Virtual Private Network) selection. Specifically, I would like to improve the section where you can set the VPN IP address to high availability.  

For how long have I used the solution?

We have been using OPNsense [Stands for: "Open (source) makes sense."] for about one year.  

What do I think about the stability of the solution?

The stability of OPNsense is actually very good.  

What do I think about the scalability of the solution?

The scalability of OPNsense is also very good.  

How are customer service and technical support?

Our experience with technical support has been good. We have a few issues, and if we do we have been satisfied with the support.  

How was the initial setup?

The initial set up was pretty easy. The total time for deployment took just one or two days.  

What's my experience with pricing, setup cost, and licensing?

OPNsense is open source software so at this time it is free for us to use.  

What other advice do I have?

On a scale from one to ten where one is the worst and ten is the best, I would rate OPNsense between and eight or nine-out-of-ten. If I have to choose I would pick nine because it is practically a perfect solution for us.  

I definitely recommend the product to other people who are considering using this as a solution to use it because it is a good solution.  

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
JL
Director at a comms service provider with 11-50 employees
Real User
Top 20
Inexpensive solution with a host of valuable features for SD-WAN protection

Pros and Cons

  • "We have found pretty much all the features of the solution to be valuable."
  • "The solution could be more secure."

What is our primary use case?

We use the solution for an SD-WAN firewall.

What is most valuable?

We have found pretty much all the features of the solution to be valuable.

What needs improvement?

The solution could be more secure. 

For how long have I used the solution?

I have been using OPNsense for upwards of ten years. 

What do I think about the stability of the solution?

The solution is very stable.

What do I think about the scalability of the solution?

The solution is scalable. 

As we have in excess of 2,000 solutions deployed in the field, there is no need for us to increase its usage. It is already sufficiently increased. 

Which solution did I use previously and why did I switch?

In the past we used pfSense. We have also used Sophos and Palo Alto Firewall but have replaced many of these solutions.

How was the initial setup?

Our initial setup was more on the straightforward side.

It did not take a long time, although this can hinge on what needs to be accomplished. 

What about the implementation team?

We handled the deployment on our own. 

The technical team required for deployment and maintenance purposes is small, probably around five people for every 100 devices.

It consist of a combination of managers, administrators and engineers.

What's my experience with pricing, setup cost, and licensing?

The choice of a license on a yearly or monthly basis is optional. 

The solution is not expensive. 

What other advice do I have?

There are several hundred users in our organization who are utilizing the solution. 

I would absolutely recommend the solution to others who are contemplating its implementation.

I rate OPNsense as a ten out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Neil Wurzel
Senior Solution Manager at a comms service provider with 501-1,000 employees
Real User
Top 20
Excellent support, easy to use, and straightforward installation

What is our primary use case?

I am using OPNsense as a security platform at work but am currently working from home and using it for network access.

What is most valuable?

I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed.

What needs improvement?

The logging could improve in OPNsense.

For how long have I used the solution?

I have been using OPNsense for approximately one year.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

OPNsense is scalable.

How are customer service and technical support?

I have contacted the support for the…

What is our primary use case?

I am using OPNsense as a security platform at work but am currently working from home and using it for network access.

What is most valuable?

I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed.

What needs improvement?

The logging could improve in OPNsense.

For how long have I used the solution?

I have been using OPNsense for approximately one year.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

OPNsense is scalable.

How are customer service and technical support?

I have contacted the support for the Open Source plugin and the company has been really supportive. Within approximately an hour or two I was receiving a response, I was really impressed with the support.

There is fantastic community support available online.

How was the initial setup?

The installation was straightforward.

What other advice do I have?

I have been very happy with the solution.

I rate OPNsense an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Product Categories
Firewalls
Buyer's Guide
Download our free OPNsense Report and get advice and tips from experienced pros sharing their opinions.