@BlueKobold: i have an intel atom n270 1.6 ghz single core (with ht) based system using nano bsd off of my kingston 4gb old usb better to use a hdd or ssd with a full install it has 1gb ddr2 ram .. 2 GB - 4 GB should be fine pending on the traffic i have ppoe connection 4 Mbps. is above system capable of running snort ? Perhaps yes, perhaps not, this will be also pending on the by you awaited throughput that you need. It might be running but then please have a look to the throughput that you are getting out. its a home setup .. 5-6 users at most .. One user can smash this or take all power and 50 don´t, this is also pending on what they are doing! i jsut want to learn it .. Then don´t ask and try it out but as before declared with a full install on a HDD or SSD. well i have setup things on it .. usign 4 wireless ssids (just for testing … later will do some usefull stuff with them ). snort is working fine after some sleepless hours.. ssd is ordered waiting of it to arrive .. so if snort doestn survives reboot how can i ensure it should . can i just copy the /var to some other location and when system is rebooted recopy them ?

@Keljian: What packages are you running? Installed packages: bandwidthd darkstat mailreport nmap nut OpenVPN Client Export Utility pfBlockerNG Remark: internet connection is now 500mbit (up&down) FTTH

Also, thank you for posting your results, it's actually encouraging to see that other atoms on a similar platform perform at a level that I can reason with. To be honest I was almost worried there was something that I was missing and that some subset of new intel procs had magically figured out how to parallelize CBC… lol

I've used both the Cisco SG200-08 (Model #: SLM2008T-NA), and Netgear GS108T (Model #: GS108T-200NAS). Like the Cisco SG200-08 more.

Thanks for your help. I went with system I posted above and added a 32GB SSD and 8GB of RAM. I ended up buying it directly from MITXPC vs. Amazon. Looking forward to getting it. I noticed in your CPU comparison, you didn't specific the Celeron N2930. Where does that fit in the list?

Need more details regarding how you're running iperf. tcp? how many streams? udp? to pfSense? from pfSense? through pfSense? what NICs? what's the desktop? what's the switch?

Lenovo TS140 or Dell T20 mini-tower SMB servers are often found on sale <=$300 with E3 v3 xeons (12x5 = haswell quads @ 3ghz+). You will need to add at least 1 NIC for ports, fortunately duals and quads are quite cheap on fleabay ($10~50), I suggest 82571 intel chipset versions or anything intel really. These machines are powerful enough to do pretty much anything a home firewall would want, even if you are lucky enough to have 1Gbit. I would keep an eye out for really good deals soon as the holiday sales start up and intel just released the E3 v5 skylake platform* so vendors will be probably be looking to unload current stock faster than usual. I intend to give them a hand ;) *don't let the v5 vs v3 bother you: skylake is only a tiny bit faster than haswell and didn't add anything of note for pfsense purposes, v4 broadwell release was 99% vapor, 1% obscure.

The board is GIGABYTE GA-AM1M-S2H. Thank you sir for the speedy reply! ::) There is a so called serial com port and you will only need a null modem cable for ~$6.00 or you might be using the USB Ports by taking a serial to USB adapter for ~$10.00 - $25.00  ;)

I'm trying to use pfsense as a firewall/router/web filter/IDS. Nearly a really UTM without AV scanning, or? For how many users this pfSense box must be running well, please? 200, 400 or 1000 users? A greater or newer model should be used Witch other services do you use that are "eating" the CPU power? Perhaps something like DPI? Another CPU would be fine Do you use Squid as a proxy? Perhaps a SSD will help speeding things up? Processor: 2.40 GHz Dual-Core Xeon (3060) - 800/4MB Available for ~$10 at eBay Memory: 8GB - (4 x 2GB) - DDR2 - DDR2 ECC Ok Hard Drive #1: 80GB - SATA II - 7200RPM A mSATA or SATA III SSD would be fine and would be speeding up caching using Squid. PCIe Card #1 (FH): Dual Port Gigabit NIC - PCIe Can be all, please tell us the vendor or upgrade this against a Dual or Quad Port card from Intel. There are many options for you: Upgrading the existing box with a SSD and an Intel server NIC (2 or 4 Port) If this not is helping out, you could use this as spare parts for another one! Intel Celeron J1900 pfsense Box Box 1 Box 2 SG-2440, SG-4860 or SG-8860 units from the pfSense store Self made box based on Supermicro Intel Atom C2000 (Rangeley) Boards Axiomtek NA342, NA342R, NA361, NA361R appliances Xeon E3-1241 Quad Core CPU starting @3,0GHz Intel Xeon D-1540 For sure not only for the 50 MBit/s WAN throughput but more tended to the other services you run on the box and perhaps the number of users this box is serving.

@Gimli: Thanks Corvey. I ended up finding some else's guide while you were writing this up but it's pretty much what I did. After downloading the tool you have in section 1 of your post I followed the following guide, except I used a DOS boot usb stick instead of what's in there, but the commands are the same: http://support.bull.com/ols/product/platforms/bullion/bullionExtendedMemory/dl/no-frmf/g/adapt_fw/FW-I350_X520/Ethernet_Intel_I350-X520_PreBoot_ReadMe.pdf My i350-T4 works great with FreeBSD and pfSense now. ;D Cool, Gimli.  I researched and figured it out myself and made some quick sloppy directions on the way I did it, but that link you posted is probably better and more detailed to get the job done.    Someone had to post a how to  ;D  so now there are multiple sources to choose from!

@boygrunge PC Engine APU Board APU1D4 would be a budget suggestion, but that runs for sure pfSense with ease Jetway NF9HG-2930 Thin mini-ITX Network Motherboard Board only option for self assembling Jetway NF9HG-2930 Intel Celeron Quad Core ready to go box and powerful enough for a long time

Interesting, I've had no problem with the builtin Broadcom's on my boxes, most of them run as the WAN interface. I do make a point of trying to bring those boxes up to the latest BIOS version available as they typically come as repurposed servers that haven't seen updates in forever. Maybe I've just been lucky? As always YMMV  ;)

Well, clearly the image got either miswritten, or your SD is too small for 4GB to fit on it. Try with 2GB one instead.

That was supposed to be a joke. Pliant was bought by SanDisk.

I'm running both snort and suricata.  Depending on settings they will eat all 8gb ram and 16gb of swap. I think you've (partially) answered your own question. Depending on how much work you're willing to do to manage your Snort/Suricata setup you'll either be fine or will never have enough RAM  ;) I'd move the discussion over to the IDS/IPS section and see what the current best practices/expectations are.

@BlueKobold: But the price includes 19% VAT (net: 541,00 EUR) For sure they do, if I am buying a SG-2440 unit here in Germany as an end user and this means, a home or private user and not business user, I have to pay ~645 € for a SG-2440 unit. RCC-VE 2440 is 476,00 EUR with VAT https://shop.voleatech.de/en/shop/rcc-ve-2440/  (net: 400,00) SG-2440 is 629,51 EUR with VAT https://shop.voleatech.de/en/shop/sg-2440/  (net: 529,00)

We recently updated some of our PFSense boxes and went with the APU.1D4 board for the Gigabit Ethernet ports. Sorry if this sounds now a little bit hard to you, but there are no Intel GB LAN Ports on the PC Engines APU1d4 only the new boards from them will be sorted with Intel GB LAN Ports! (APU2B2 i211AT / APU2B4 i210AT) We are monitoring the entire network with PRTG in our company, its working fine together with the APC USV, Kentix sensores and pfSense also on Alix & APU Boards. To have a workaround you might be spending money for a small RaspBerry, Banana or Orange PI and install Linux on them together with CACTI and MRTG you might monitor this PC Engines APU device much better as now.