Team pfSense® continues to move the world’s largest Open Source firewall forward with the completion of development and upcoming release of pfSense version 2.4. This is a short overview of brand new features and changes we’re excited to bring forward to the community. The full feature list is available as always on our wiki.

New login page!

For many years the login page was left unchanged, so we concluded it was time for an improvement. Users can pick from number of background colors and can add hostname for easier identification. Apart from the new login page, you will notice the new pfSense logo in all its glory. We made an announcement about the logo change previously, you can read about it here.

WebGUI improvements

Good thought leadership in the networking and security space requires the pfSense team to spend time looking at underlying technologies, advances in tools and changes to use cases. There were many reasons we moved our GUI to Bootstrap in pfSense 2.3, including the ability to more easily support different screen sizes and provide better security for users. With pfSense version 2.4, we continued to make behind the scenes improvements with a revamped and optimized WebGUI. The navigation bar is now a lot more intuitive, allowing more control over previously visited pages. Many pages are better organized and offer more detailed information.

OpenVPN 2.4.3 and AES-NI speed improvements

pfSense version 2.4 brings the latest OpenVPN 2.4.3 with many improvements and the latest security patches. Thanks to this, OpenVPN on pfSense can use AES-NI acceleration for AES-GCM tunnels, improving the tunneled traffic throughput between 30% and up to 50%!

Multi-language support

pfSense 2.4 is available in 9 different languages! Thanks to over 250 translators signed up on Zanata, pfSense has been translated to 8 languages with many more coming soon! We are extremely grateful to every single translator who has helped us out! To show our gratitude, we rewarded several of our translators with Gold subscriptions and even a SG-1000 microFirewall. Find out more about our rewards program for translators here!

x86 32-bit and NanoBSD support is no more!

Back in November 16th, 2016. we announced the end of Intel x86 32-bit system support. Intel has not sold a 32-bit system for many years. The technology has changed so much, with lower power processors capable of providing a faster experience with a lower total cost of ownership. It made sense for us to stop developing for, testing on, and supporting 32-bit Intel systems. For similar reasons we have depreciated the NanoBSD images starting with pfSense 2.4.

pfSense goes ARM!

With the arrival of SG-1000 microFirewall, pfSense officially supports ARM architecture! This was quite a large undertaking, which allows us to expand our ARM appliance family in the near future. All relevant ARM work was contributed to FreeBSD. We would also like to thank everyone who purchased SG-1000, helping us to complete the ARM development. Our SG-1000 is only our first ARM appliance, we are working on the second ARM appliance, SG-3100 which we introduced in May.

New pfSense installer

As part of our technology evaluation and desire to streamline development and test, we have also moved to incorporate the standard FreeBSD installer starting with pfSense 2.4. This means the setup process is slightly different, but still very easy to, well, set up. It also means more options during the setup, like being able to install pfSense on a ZFS file system for increased reliability.

FreeBSD 11.0-RELEASE and ZFS

pfSense 2.4 is running on the most current stable FreeBSD version, 11.0-RELEASE. Among many security and stability improvements, with the pfSense version 2.4 release, pfSense now supports ZFS! ZFS is an advanced file system used in critical infrastructures around the world. ZFS is available as a option during pfSense installation.

And a lot more!

Beyond the big features mentioned above, there are many other improvements such as a completely new wireless stack, CSR signing in the certificate manager, the work to automatically mitigate XSS attacks, and completely rewritten IPFW code for Captive portal! For a full list of changes please visit here.

As we are preparing for the pfSense 2.4-RELEASE we would like to thank our numerous contributors, from developers to testers and translators who helped us complete the pfSense 2.4 development.

Thank you!