pfSense® software is a free, open source customized distribution of FreeBSD specifically tailored for use as a firewall and router that is entirely managed via web interface.
In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution.
Why pfSense Software?
Thousands of businesses, educational institutions, government agencies and non-profits - on all seven continents, and for years - have come to rely upon pfSense software for their secure networking needs. For organisations in search of sub-10 Gbps performance, flexible 3rd-party application options, traditional management mechanisms, proven reliability, and access to business assurance support options, pfSense software is the perfect answer.
Features
Firewall and Router
VPN
Intrusion Prevention System
Stateful Packet Inspection (SPI)
GeoIP blocking
Anti-Spoofing
Time based rules
Connection limits
Dynamic DNS
Reverse proxy
Captive portal guest network
Supports concurrent IPv4 and IPv6
NAT mapping (inbound/outbound)
VLAN support (802.1q)
Configurable static routing
IPv6 network prefix translation
IPv6 router advertisements
Multiple IP addresses per interface
DHCP server
DNS forwarding
Wake-on-LAN
PPPoE Server
IPsec and OpenVPN
Site-to-site and remote access VPN support
SSL encryption
VPN client for multiple operating systems
L2TP/IPsec for mobile devices
Multi-WAN for failover
IPv6 support
Split tunneling
Multiple tunnels
VPN tunnel failover
NAT support
Automatic or custom routing
Local user authentication or RADIUS/LDAP
Snort-based packet analyzer
Layer 7 application detection
Multiple rules sources and categories
Emerging threats database
IP blacklist database
Pre-set rule profiles
Per-interface configuration
Suppressing false positive alerts
Deep Packet Inspection (DPI)
Optional open-source packages for application blocking
Enterprise Reliability
User Authentication
Proxy and Content Filtering
Optional multi-node High Availability Clustering
Multi-WAN load balancing
Automatic connection failover
Bandwidth throttling
Traffic shaping wizard
Reserve or restrict bandwidth based on traffic priority
Fair sharing bandwidth
User data transfer quotas
Local user and group database
User and group-based privileges
Optional automatic account expiration
External RADIUS authentication
Automatic lockout after repeated attempts
HTTP and HTTPS proxy
Non Transparent or Transparent caching proxy
Domain/URL filtering
Anti-virus filtering
SafeSearch for search engines
HTTPS URL and content screening
Website access reporting
Domain Name blacklisting (DNSBL)
Usage reporting for daily, monthly, etc.
Configuration
System Security
Reporting & Monitoring
Web-based configuration
Setup wizard for initial configuration
Remote web-based administration
Customizable dashboard
Easy configuration backup/restore
Configuration export/import
Encrypted automatic backup to Netgate server
Variable level administrative rights
Multi-language support
Simple updates
Forward-compatible configuration
Serial console for shell access and recovery options