Silent / Low Power hardware suggestions for new build
-
Running a SoHo router for the last half a year since my pfSense box broke. Reading about all of the vulnerabilities is making me cringe. Time for a new build. My last box was an old Lenovo M58P with a Core2Duo and 8GB of RAM. It ran solid for years prior to having an issue that I believe to be NIC related!!! I miss it.
Now I am looking to build on new hardware. This is in my home lab so noise and cost are the biggest factors.
I also run the Snort and pfBlockerNG packages.
I greatly appreciate any hardware suggestions.
-
What is the speed of your connection Mr. White?
-
DSL 6Mb download / .8Mb upload
I was just in the store and notice the least expensive option is the SG-2220. I require LAN isolation as I'll be running my home LAN w/WiFi. I have an Asus RT-N66U that I will chain in to use as an AP. My secondary LAN will be used for InfoSec projects and must be totally isolated.
Questions
1. Will the SG-2220 have enough juice for the packages that I want to run?
2. The SG-2220 only has a single WAN port. Are there any switch suggestions that can provide isolation and also a SPAN port? I'm interested in possibly integrating Security Onion for one one of the projects in which a SPAN port would come in handy. I believe I have a Netgear GS108Tv2 collecting dust somewhere. Not sure if what I want to do is possible or should I look at other options?I'm opened to other hardware suggestions outside of the pfSense store. Just thought I'd mention my findings from my initial research.
-
The SG-2440 looks pretty sweet as well and comes with the extra ports. If I could avoid having to chain in a switch that would be nice. Just curious if it is possible to configure a SPAN port directly on the pfSense box if I decided to purchase a device such as this with 4x Ethernet ports? Uuugh….the cost is rising! This is a similar theme every time I start researching hardware. LOL!
-
SG-1000.
Avoid chain in a switch? That's a weird requirement.
You could go with an AM1 amd chip and a quad intel nic to suit your needs. I have one sitting here. Name your price. :P
-
Forget about the switch comment. I will need one. Hoping to dig out the GS108Tv2 and use it.
Doubt the SG-1000 will handle the extra load for running SNORT & pfBNG
Let me look into the AM1
-
Forget about the switch comment. I will need one. Hoping to dig out the GS108Tv2 and use it.
Doubt the SG-1000 will handle the extra load for running SNORT & pfBNG
Let me look into the AM1
I doubt the memory will be enough for both Snort and pfBlockerNG. I was hitting swap with my old setup running 1GB of RAM.
SG2200 with a managed switch would be good for your connection and what you want to do. The Cisco SG300 seems to be highly recommended by several on the forum but I don't have any personal experience with it. I would also consider a real AP instead of a re-purposed router but that's entirely up to you.
-
Thanks for the suggestions. I think I am going to troubleshoot my old gear and try to get that going first. I have to consider cost. I'd love to go small and fanless, but my M58P was pretty quiet. I can easily buy SFF PC's refurbished and keep the cost at around $200. Doesn't make sense to go spend $500+.
I'd love to replace the Asus router with an Ubiquity with the hopes that it would resolve my choppy video streaming. Perhaps this will be my first upgrade once I get my setup up and running again.
-
Bandwidth requirement that low, hard to beat APU2C4.
-
APU2C4 looks promising. Thanks for the suggestion.
Will 4GB of RAM be sufficient to run IDS (Suricata/Snort)?
-
APU2C4 looks promising. Thanks for the suggestion.
Will 4GB of RAM be sufficient to run IDS (Suricata/Snort)?
Plenty. You don't need a lot of RAM when bandwidth is that low.
-
I ordered the APU2C4 kit. Found a seller nearby. $350 shipped w/ 32GB SSD
Thanks!
-
Hmm my AM1 setup would hand that thing its ass. But at your requirements it is overkill.
Glad you found some hardware.
-
How many watts does your am1 draw?