Blog

Enhancing Cloud Security and Networking: The Power of pfSense Plus Software

Written by TJ Scholand | June 19, 2023

Cloud computing means different things to different people. You might have significant experience with cloud platforms, networking and computing, or you might be feeling like you should learn more about “the cloud.” At its essence, the cloud is simply someone else’s computer. 

Security on the cloud is less understood than cloud computing itself. Many people assume that the cloud “is secure”, but what does that mean exactly? Why should you care about security in the cloud? Secure access to cloud resources is often overlooked. The Amazon Web Services (AWS) Shared Responsibility Model makes it clear that AWS is responsible for “security of the cloud,” while the customer is responsible for “security in the cloud.” This responsibility model means that ultimately the customer is responsible for the security of their data. By migrating workloads to the cloud, your company has greatly increased its attack surface.

You are probably familiar with pfSense Plus software and its many robust, cost-effective applications in on-premises deployments.  However, did you know that pfSense Plus software is available for secure networking in cloud instances as well?  We offer pfSense Plus on the Amazon AWS and the Microsoft Azure platforms to fully secure and protect your cloud infrastructure.  

If you are still curious about pfSense Plus software on the cloud - and how it can benefit you and your organization - read our white paper after this. 

Top Reasons to Use pfSense Plus Software on the Cloud

  1. Widely-recognized Firewall for Cloud-hosted Products - pfSense Plus software is often used for its firewall capabilities to “connect and protect” on-premises networks to the cloud, by ensuring secure networks for your business and users.
  2. Site-to-Site VPN Concentrator - Using OpenVPN, IPsec, or WireGuard, pfSense Plus software can be used as a Virtual Private Network (VPN) Concentrator. This allows businesses to connect their remote locations with secure, encrypted tunnels to the cloud.
  3. Mobile Client VPN -  pfSense Plus software is a remote-access VPN solution using OpenVPN, IPsec, and WireGuard. This allows businesses to connect their remote workforce to private resources within the cloud.
  4. Load Balancer - pfSense Plus software can be used as a load balancer for servers running in your cloud environment. This is advantageous for ensuring business continuity during peak traffic times.
  5. IP/DNS-based filtering -  pfSense Plus software is available with pfBlockerNG, which can block or allow traffic based on geographical location. This is useful for businesses that wish to restrict access to internal resources based on geographic region.
  6. Cost-effective - pfSense Plus offers more features for less operating cost than competing solutions, including those provided by Azure and AWS themselves. Please contact us to discuss specific pricing.

Pricing for pfSense Plus software starts at $0.08 per hour on Azure and $0.01 per hour on AWS. The price varies depending on the instance size required. There is also a 30-day free trial available, and the software offers robust support for multiple routing protocols, VPN capabilities, and next-generation firewall features, making it a flexible and powerful platform for network administrators in a wide variety of environments.

Let’s take a closer look at some of the commonly used capabilities of pfSense Plus software.

Common Capabilities

Any organization - business, educational institution, government agency, or service provider - that wants to run a workload or application on Azure or AWS should always consider three secure networking use cases, which can be thought of as follows:

  • “I need to connect our on-premises network to the cloud, securely.”
  • “I need to secure our cloud environment from outside attacks and unauthorized access.”
  • “I need to provide secure access to a remote and/or mobile workforce.”

If those needs sound familiar, pfSense Plus software is the most powerful, easy to use, cost-effective, and feature-rich solution on the market.

pfSense Plus software has robust support for multiple routing protocols, policy-based routing, dual-stack IPv4 and IPv6 support, has support for zero-trust mesh networks like Tailscale, and much more. pfSense Plus software is a highly integrated and feature-rich platform that meets the needs of network administrators in a wide variety of environments. 

VPNs are essential for securing traffic between endpoints/networks. pfSense Plus software has widely used VPN capabilities, including operating as a VPN concentrator, performing as a VPN endpoint with any remote edge router, and even serving mobile-client VPN needs. pfSense Plus software can be configured to use IPsec, OpenVPN, or WireGuard protocols. These are the three most widely used VPN protocols today.

pfSense Plus software's greatest strength is as a firewall; it is an extremely flexible and powerful firewall, able to cover next-generation firewall features, including stateful packet inspection, IP/DNS-based filtering, captive portal, time-based rules, connection limits, and a rich set of attack prevention features, including IDS/IPS, block listing, and more.

Finally, the product is rounded out by a full complement of network services - like Dynamic DNS, Dynamic Routing via BGP/OSPF, Authentication Management for RADIUS, integration with existing LDAP and RADIUS environments, DNS Resolver/Forwarder, and much more.

The above features are not necessarily unique to pfSense Plus software. You can find some or all of them in other cloud-secure networking offers. But what is special here is that everything mentioned herein - and much more - is included 100% at whatever size instance you choose - for an all-in price per Azure and AWS instance. There are no up-charges for additional features. There are no connection or capacity charges. There are no hidden or extra licensing fees. You simply find Netgate’s pfSense Plus software in the cloud marketplace (AWS or Azure), and order it with the instance size you desire. The ONLY thing that can vary your price is the size of the instance or the addition of one of our Technical Assistance Center (TAC) offerings. 

Use Case

Here is a good example of an Azure customer who leverages pfSense Plus software to address its cloud-secure networking needs.

ECS Tuning - a $21M automotive supply chain company serving major German car brands - needed both robust BGP edge routing fronting its e-commerce cloud workloads and scalable IPsec VPN connection handling due to worker spread as a result of the pandemic.

pfSense Plus software gives them an easy-to-deploy, easy-to-scale, reliable and cost effective solution with no IT hassle - allowing them to focus on their e-commerce back end - assured that their cloud router and VPN performance needs would be covered. See our video on using pfSense as your cloud firewall, VPN and router solution.

Pricing

As mentioned above, customers can get started on Azure for as low as $0.08 per hour or AWS for as low as $0.01 per hour, with the advantages of being able to try it risk-free for 30 days and the ability to scale your cloud instance capacity in alignment with your changing needs.

There are a wide range of Azure and AWS virtual machine instances optimized for compute/memory/networking that can meet even the most demanding cloud performance and throughput needs.

About Netgate and pfSense Plus software

pfSense Plus software is an open-source driven firewall, VPN gateway, and router solution that can be easily deployed at any edge network location - virtual private cloud, home, remote/branch office, corporate headquarters, and data center. With over 7 million software installations since 2017, pfSense software has gained widespread adoption, including installations in prominent US government agencies such as the FBI, Department of Health and Human Services, Department of Homeland Security, and NASA. While this blog focuses on the cloud, you may have other secure networking needs and want to deploy a single, easy to use, firewall/VPN/router solution, network-wide.

Netgate has been the project’s steward and primary developer of pfSense software. No one knows the software code better than we do. Netgate provides the only official, tested, branded pfSense software available on the cloud.

Conclusion

As a quick recap, here are seven key benefits to you as an Azure or AWS solution customer:

  1. pfSense Plus software is the #1 open-source based, most cost-effective secure networking solution in the world
  2. The product has been proven worldwide for 16 years running with over seven million installations since 2017
  3. It is easy to install, configure and manage
  4. It is fully-featured, with no hidden fee structure
  5. It is extensible from Azure and AWS to any location needed by customers
  6. Netgate offers stellar-rated support options for customers who need it

We are here to help you. Our TAC engineers are outstanding, and our customer satisfaction rating is exceptional. While pfSense Plus software is easy to use and reliable, sometimes things happen. And when they do, you don’t want to be caught without help 24x7. Take advantage of one of our TAC support subscriptions.

We hope this overview has given you a better understanding of why pfSense Plus is the ideal choice for any firewall, router and VPN solution for almost any AWS or Azure cloud need. With its ease of deployment and powerful feature set, pfSense Plus software is the perfect solution for any network. Give it a try today! pfSense Plus software on AWS pfSense Plus software on Azure