Hardware Died - Opinions needed for new hardware
-
Hi gurus,
Our main perimeter pfSense firewall system died over the weekend so I am in need to purchase something new to run pfSense on to get back up. There are so many options out there for what you can use so I thought it best to see what you guys think is best to get. All we had before was an old server running pfSense. It was a pretty good server though - Pentium D 3.0 Ghz, 4GB ram - 250GB 7200 drives in Raid 0. I am sure it was major overkill for what we really needed though.
Here are some stats that might help you guys offer some suggestions:
Computers on LAN - 30 - 20 staff + 10 servers
3 Remote workers who dial in by PPTP VPN and / or RDP to a Microsoft Terminal server
Average Daily bandwidth usage: Down: 10GB, UP: 3GB
Services running on LAN that had port forwarding through the firewall:
- Exchange Server 2007, HTTP, HTTPS, POP, SMTP, IMAP, HTTP over RPC
- Windows Update Services
- Vipre Antivirus communication ports
- Microsoft SharePoint (barely used)
- Web Development server using Apache on 80 and IIS on 800I have been thinking about some of the offerings from Hacom so far. Any other suggestions definitely welcome!
Thanks.
-
i forgot to mention our network and internet…
- LAN is all gigabit
- WAN is cable internet with 5 static IP's. 12 Mbit down / 2 Mbit up
Also, the 3 main packages I run are: Snort, NTop & Country Block. I run nearly all snort and emerging rules and enable all of the top 10 spamming countries.
-
I would recommend a small factor mini-ITX system. An Atom (dual core) based mobo-CPU combo (passively cooled) with 4GB RAM. Checkout mini-box.com and get one of those space saving enclosures with pico PSU. It's space saving, less power consuming and kinda green.. lol
Though I have an i5 (over over over kill) system right now, I had an i3 system earlier which is a few bucks more than an Atom based system. I made an i3 (1156) system for about $400 (was lucky with some good deals at MicroCenter). If you are not worried too much about power consumption and heat, i3 would be great.. will be future proof for some years in the least. I have to stick with i3/i5 system as I need to add in 8GB RAM for the apps (Snort, Squid, HAVP..etc) I run for a 30+ user network with extremely heavy usage.
-
250GB 7200 drives in Raid 0
Don't put drives in RAID 0 for any critical system. If you need better I/O performance then invest in faster drives.
-
I have a similar machine that I'm replacing with an i3 2100. Went from 140W at idle to 40W.
-
Woops, sorry about the Raid 0… I meant Raid 1. :)
Thanks for the suggestions. I will check some of those out.
I am leaning towards the offerings from Hacom right now but am not set on them.
-
What do you guys think about the Dell PowerEdge r210? Do you think pfSense will work with that server?
I know it is a bit overkill but I am willing to pay a bit more for a really good system that will last for many years.
-
In my opinion.. build a system rather buying something from Dell or an other company. You can make a system double the speed and performance for half of the price, if you know where to shop for the parts. Warranty is pretty much the same for the parts, typical 1 year.
I usually like silent/space saving/green enclosures. Not a big fan of rack mounted stuff which are extremely loud with their fans and power hoggers.
-
I can get a good price from Dell as we are premium partners. I can get a R210 with 4GB Ram, 2 250GB drives in Raid 1 and an I3 processor for $900.
I don't think I can build a decent server we can rely upon for 3-5 years for that… but I don't know part prices these days or even where to get them anymore.
-
i'm using devices from portwell.com. two boxes have almost 600 days uptime on them, no probs so far.
-
I can get a good price from Dell as we are premium partners. I can get a R210 with 4GB Ram, 2 250GB drives in Raid 1 and an I3 processor for $900.
I don't think I can build a decent server we can rely upon for 3-5 years for that… but I don't know part prices these days or even where to get them anymore.
Following prices taken from MicroCenter. I do all my shopping from there. They match all NewEgg prices and most of the times are much better in prices. Plus they apply just 3% tax.
Intel Core i3 2100 LGA 1155 3.1GHz Boxed Processor - $99.99
GA-H67N-USB3-B3 LGA 1155 H67 mini ITX Intel Motherboard - $104.99
4GB DDR3-1333 (PC3-10666) CL9 Desktop Memory Kit (Two 2GB Memory Modules) - $19.99
Barracuda 1TB 7,200 RPM SATA 3.0Gb/s 3.5" Internal Hard Drive ST310005N1A1AS-RK - 49.99 x 2 = $99.98Enclosure, extra dual port NIC ~ $150 (Microcenter, Newegg, eBay…)
Total ~ $475 (less than 500 with taxes) <---- Do the math. Pretty much half the price. Dell is $900 plus tax
-
I can get a good price from Dell as we are premium partners. I can get a R210 with 4GB Ram, 2 250GB drives in Raid 1 and an I3 processor for $900.
I don't think I can build a decent server we can rely upon for 3-5 years for that… but I don't know part prices these days or even where to get them anymore.
Assuming you mean with the SAS6/iR controller (this is the only RAID controller available on the R210 that works with pfSense), that's a bit steep and you should push for a larger discount. I just whipped up something spec'd like that on my Dell Premier page and came out $100 lower. I typically target 40% off their US list price and consider anything better than 35% (except within 2-3 weeks of end-of-quarter) a win.
-
I can get a good price from Dell as we are premium partners. I can get a R210 with 4GB Ram, 2 250GB drives in Raid 1 and an I3 processor for $900.
I don't think I can build a decent server we can rely upon for 3-5 years for that… but I don't know part prices these days or even where to get them anymore.
Following prices taken from MicroCenter. I do all my shopping from there. They match all NewEgg prices and most of the times are much better in prices. Plus they apply just 3% tax.
Intel Core i3 2100 LGA 1155 3.1GHz Boxed Processor - $99.99
GA-H67N-USB3-B3 LGA 1155 H67 mini ITX Intel Motherboard - $104.99
4GB DDR3-1333 (PC3-10666) CL9 Desktop Memory Kit (Two 2GB Memory Modules) - $19.99
Barracuda 1TB 7,200 RPM SATA 3.0Gb/s 3.5" Internal Hard Drive ST310005N1A1AS-RK - 49.99 x 2 = $99.98Enclosure, extra dual port NIC ~ $150 (Microcenter, Newegg, eBay…)
Total ~ $475 (less than 500 with taxes) <---- Do the math. Pretty much half the price. Dell is $900 plus tax
… and with that you have no RAID. Part of the cost in the Dell system is the hardware RAID controller, the rest is the on-site warranty for when it breaks.
-
So get a RAID mobo for a few bucks extra. The above config is a typical user config (small form factor). You still can't beat the price by buying Dell. Dell onsite warranty is nothing but parts replacement for one year… it's practically the same with any hardware warranty. You fry the mobo.. the company looks at the warranty and replaces it. Not as smooth as I describe it here but you get what I meant.
-
Have you looked at Lanner?
http://www.lannerinc.com/x86_Network_Appliances/FW-7565
Have not run this model, but have run others.
PF 1.2.3 and 2.0 -
So get a RAID mobo for a few bucks extra. The above config is a typical user config (small form factor). You still can't beat the price by buying Dell. Dell onsite warranty is nothing but parts replacement for one year… it's practically the same with any hardware warranty. You fry the mobo.. the company looks at the warranty and replaces it. Not as smooth as I describe it here but you get what I meant.
What "RAID Mobo" has a hardware RAID controller that is only a "few bucks extra"? Some SuperMicro & Tyan boards come with LSI SAS controllers onboard but they tend to be in the $300+ area.
As to Dell warranty, for the $900 above, at least by my pricing, that includes next day, on-site service for 3 years.
-
A simple google search can give you all the answers.
GA-H67N-USB3-B3 - mini-ITX.
SATA 6Gb/s - 2 x SATA 6Gb/s
SATA RAID - 0/1/5/10http://www.newegg.com/Product/Product.aspx?Item=N82E16813128484
Just 79.99 after rebate.
I am using this mobo with an i5 CPU. I don't need raid.
You wanted an opinion for new hardware.. I provided mine. If you are leaning with Dell then go for it. I am a person who doesn't like to pay someone if I can do it on my own for less.
Good luck !!