Best Firewall for Remote Updates for long distance client?

Hi all, what Firewall OS would you recommend if I have a client that is long-distance that has a small office (less than 7 persons), and wants a secure firewall OS that can be updated with reliable updates by offsite IT remotely?

After reading the PFSense & OpnSense documentation it seems that they promote offline, physical access for major release upgrades which would not work for this situation.


  • Open Source OS is preferred such as OpnSense, PFSense.
  • Proprietary OS is optional such as Untangle, if the needs are not met by Open source OS.
  • Hardware preferred is Protectli, Netgate, Qotom
  • Updates need only be legacy or most dependable ones, no new features required.
  • Office has less than 7 persons, Internet browsing & Saas use for business software, minimal graphics usage (video/images)
  • Long Distance = 3+ hrs one-way commute.
  • QOS, not very important as most use mobile phones
  • VPN, important for remote access to office devices when working remotely
  • 50 mbps / 50 mpbs internet plan up/down fiber
  • IDS is needed, IPS is optional
  • Client is Non Profit so they have budget limitations.

Thanks in advance for any tips, recommendations you can provide as I am open to suggestions!

Netgate hardware such as the SG-3100 has been very reliable with doing updates remotely as long as you follow the upgrade procedures. Same goes for Untangle (which is open source with some closed source add ons) running on their hardware. I don’t use OPNsense but they have much more frequent updates than pfsense.

1 Like


Thanks Tom for the repy, I think your suggestion is good as they are a non-profit w/ a tight budget so I will look into those 2 solutions (Pfsense via Netgate & Untangle).

1 Like