All in one UTM box at home
-
If you actually need gigabit throughput you will need quite a powerful system such as the one I linked to above. As a comparison a box based on an Atom D525 will top out at around 550Mbps.
Of course with a more powerful processor comes additional heat and hence noise but with a temperature controlled fan and a well designed case it can be very quiet.Steve
-
All those features can be found on the SuperMicro ITX boards with embedded Ivy Bridge CPU's, but they are quite expensive.
RAM is another issue, I think it must be ECC SoDIMMX9SPV-LN4F-3LE
-
All those features can be found on the SuperMicro ITX boards with embedded Ivy Bridge CPU's, but they are quite expensive.
RAM is another issue, I think it must be ECC SoDIMMX9SPV-LN4F-3LE
That motherboard looks perfect! It's expensive, but you get integrated CPU, 4 Gigabit ports and IPMI. It might be worth it, depending on the price of the RAM. I just have to figure out if there are someone that sells it in Norway and if i can use non-ECC RAM.
Edit:
From the manual, it looks like it doesn't require ECC, even if it supports it:The X9SPV Motherboard Series supports up to 16GB of ECC DDR3 1066/1333
MHz, two-way interleaved or non-interleaved SO-DIMM memoryECC Support
Select Enabled to support ECC. The options are Enabled and Disabled. -
Yeah, it's not a cheap motherboard!
http://geizhals.de/819352
Memory isn't too bad, 4 GB stick from Kingston
http://geizhals.de/848430
Similar 8 GB stick from Kingston
http://geizhals.de/848433
-
All those features can be found on the SuperMicro ITX boards with embedded Ivy Bridge CPU's, […]
X9SPV-LN4F-3LE
Any idea what the power consumption will be?
But on the other side the high price you pay for the ITX size. If you can go with m-ATX the choice will be bigger and it will be cheaper. Currently I do have in my mind the Supermicro X9SCM-F board with Intel Intel C204 chipset in combination with the low power Xeon Intel E3-1220L or Intel E3-1260L. By having full VT-d and VT-x support it would be perfect for a low power ESXi or Xen system.
-
All those features can be found on the SuperMicro ITX boards with embedded Ivy Bridge CPU's, […]
X9SPV-LN4F-3LE
Any idea what the power consumption will be?
Shouldn't be bad as it uses a laptop CPU with 25W TDP value. Also has VT-d, AES-NI and all the other goodies you might want. Only 2 cores though.
-
Shouldn't be bad as it uses a laptop CPU with 25W TDP value. Also has VT-d, AES-NI and all the other goodies you might want. Only 2 cores though.
But very pricy.
I used the chance to check the results of some reserces I did in the past. Intel S1200KP is an ITX server board suporting Xeon E3-12xx and E3-12xx V2. This combination will be cheaper than the embeded version.
Originally 4 GBit ports were requested. More NIC usually limits your choise. In most of the cases two Gbit ports and a VLAN capable Switch is a good combination.
-
It has a mobile CPU. Not as fast as a desktop processor.
For your requirements an i3 processor (maybe i5 if u really need the power) on a mini-ITX mobo should be perfect. I had an i5 system up until last month with all the features you have listed. Ensure you have at least 6 to 8GB RAM with a SSD HDD and you should be all set. If you want to go small form factor then you need to go with a decent mini-ITX case rather than the mini-box case as it wont fit your requirement of 3-4 gigabit ports as there is not much space in it to accomodate anything else than the mobo. Go with a Thermaltake Element Q Mini Tower for your UTM.
-
Thank you all for your input! I appreciate it.
Regarding power consumption: Since all is on board and a mobile processor, I can probably buy a Pico PSU, which will generate less heat inside the case and lower the noise. I just have to read up on the power consumption to size it correctly.
Regarding switch with VLAN and two NIC's: That is a good idea, but at the same time, you will limit the bandwidth on the LAN through the firewall to 1 Gbps. I want to have the NAS on a single segment to secure all my data, which means I get 500 Mbps throughput to it.
I might save some money by buying a m-ATX, but then I need a bigger case, which lowers the WAF. The server has to be visible. (Next time I buy an apartment, i will make sure I get my own server room and my wife doesn't get as large closet as she has ;).)
Regarding the case, I want as clean as possible design. So the Thermaltake Element Q Mini Tower was a good recommendation, but Lian Li PC-Q16 is what I have in mind. Nothing in front and no colors. It has a cleaner look. If i replace the PSU that comes with the case with a PicoPSU, I will only have one 14 cm fan, so it should be quite silent. The disadvantage is that there are no room for the PCI slot, but I don't think I need it.
-
Next time I buy an apartment, i will make sure I get my own server room and my wife doesn't get as large closet as she has ;)
Good luck with that. ;D
The i7 CPU is more processing power than you need. It seems very expensive. Maybe I'm just cheap!
Steve
-
The i7 CPU is more processing power than you need. It seems very expensive. Maybe I'm just cheap!
It's a mobile processor with two cores. I thought that wasn't overkill. Especially with IDS. I had the impression that Snort with a large rule set would require a lot more cpu.
-
Personally I've found running Snort on a home network to be more trouble than it's worth. It's been a while since I tried it though. I would assume you would only be sniffing traffic on your WAN connection so 70Mbps max. A lesser machine could easily handle that.
In the build thread I linked to earlier the box was built for a 1000Mbps WAN connection and handled that with ease. Though not with Snort or Squid. That uses a low end Sandy Bridge CPU, Celeron G530. Compare the two CPUs:
http://ark.intel.com/products/53414 vs http://ark.intel.com/products/65712
Both are 2 core processors running at ~ 2.5GHz but the i7 is far superior in almost everyway.
It has double the cache. It supports double the threads. It has 'turbo' up to 3.2GHz. It is built on a 22nm scale. It's way more expensive!
I can't find any benchmarks for the i7 but I'd bet it's far more powerful than the Celeron.
The i7-3517UE is a similar cpu but clocked at 1.7GHz. That scores 3817 at cpubenchmark vs 2260 for the G530.Steve
-
I will only be sniffing traffic on the WAN, so you are right! It is more than I need. I'll check if i can find any similar motherboards with a smaller CPU. Or else I'll have to convince my wife that we need to invest in a kick ass firewall cause of her reckless web browsing! :P
-
After reading through the SSD thread, I'm still thinking of buying a SSD. It seems like my installation will take much space, even with logging turned on, so probably a disk that is 64 or 128 GB.
