Need help sizing for 250 user buisness firewall
-
#1 I requested a SLC SSD, but they wont change the standard setup.
#2 Yep, I use OpenVPN.
Any good suggestions on hardware? -
You require the full 100/100Mbps of VPN traffic?
Are you running hungry packages like Squid or Snort?Steve
Edit: typo
-
@Aze:
Looking to upgrade our old pfsense box running on a 1U Proliant DL160 G1 server.
Thanks
/azeWatch carefully what Steve says; he's always right in these matters ;D
-
I'm pretty often wrong I just try not to say it out loud. ;)
Steve
-
I'm usually wrong - so you probably can't trust this device or industrial SSD drives…
-
#4 - No, people are just using VPN to work on documents and mails from laptops, no heavy trafik or heavy packages installed.
Someone in another thread mentioned this bastard, but I'am not able to find any supplier: http://www.lannerinc.com/products/x86-network-appliances/x86-rackmount-appliances/fw-8894 -
You don't need anything anywhere near that powerful. The fw-7551 would easily handle your requirements. That is sufficiently powerful that it will push the full 100Mbps of vpn or run packages if you want to.
Steve
-
You don't need anything anywhere near that powerful. The fw-7551 would easily handle your requirements. That is sufficiently powerful that it will push the full 100Mbps of vpn or run packages if you want to.
Steve
Thanks Steve… I'am going to get myself two of these http://store.pfsense.org/c2758/ and let one of them stand "cold" as backup/redundans. Go big or go home.
/
-
Why buy one when you can two for only twice the price right?
You may be able to configure these to fail over automatically unless you don't like running 2 simultaneously?
-
Well you'll certainly be future proofed with that. :)
Steve
-
http://www.supermicro.com/products/motherboard/Atom/X10/A1SRM-LN7F-2758.cfm
i would go with this and build around it.
-
If you have money enough for that box and you want it 100% bullet proof, have them put a couple of industrial SLC SSDs in it. It will outlast your business.
However, technically speaking. Good MLC SSDs with trim should last years longer than you want to use the router. Talk to them and see what they will do for you.
And what is in the box is a good->great Intel 120GB SSD, http://www.intel.com/content/dam/www/public/us/en/documents/product-specifications/ssd-530-sata-specification.pdf which is one of the best at avoiding write amplification, and the 120GB is vastly over-provisioned for a pfSense workload. (and yes, we enable TRIM.)
Sigh… people on the internet who think that the solution is always "SLC" in non-industrial temp conditions ...
As for the bandwidth, this thing can handle it - no problems. Its future proof unless you get faster than 1 gigabit drop.
You'd be surprised how fast they'll actually go. We use several of these in the lab for testing.
-
You know why I like SLC? Because I've never had even 1 single failure with those. Not 1.
Doesn't mean the MLC in this unit isn't also great.
