Re: [pfSense Support] PFSense advocacy

Wed, 02 Dec 2009 13:49:41 -0800
Start with cost. There is no cost per seat with pfsense. You don't have the up front cost of an expensive PIX or other Cisco Security product plus the license fees. You don't pay extra for extra features either. 


It will run quite nicely on a dual core atom based supermicro server 
from New Egg at about $350.00 bootable from a USB key vs having to pay 
gobs of money for RAM for a Cisco router if you're running lots of VPN 
tunnels.



Ease of configuration.  You still SSH in and get a command line if you 
want, but the GUI works very well and is very fast.  If you can redirect 
users to an internal proxy server, if you wish.



Its BSD, its secure (except for VPN password storage in plain text in 
the XML config file).  You can edit the config file by hand and upload 
it if you wish.



It has lots of nice features such as auto failover (CARP), etc.  Tons of 
plugins available for the download.  It even handles SIP proxy, etc.  
Its a very nice solution without all the added cost that you'd have to 
purchase from Cisco.  You can get paid support if you need it.   There's 
a large community of security conscious developers working on it so it 
has a lot of code review.  Its very stable and has a small footprint.  
The one I use the most has been up for 114 days and was only down 
because the power company's last outage lasted longer than the battery.



One of the last required updates I saw was due to an instability that 
occured when there were more than x thousand tunnels running sinultaneously.



It supports VPN standards and standard clients rather than requiring 
CIisco's proprietary client.


Hope this helps a little,
Curtis

Ron García-Vidal wrote:

I realize this is a support forum, so if there is a better place to 
post this, I will take it there.



So, I'm trying to get a pfsense box in the shop because I've enjoyed 
working with it on my own setup.  The boss is fairly open-minded and 
open to a healthy discussion on the topic, but in the end, he wants to 
know why this would be preferable to a Cisco solution.



Since I've never worked extensively with Cisco, can someone give me a 
few salient points to throw at him. I already used the cost argument, 
he wants more.


Thanks.





---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org























					Reply via email to