Hardware Available at the pfSense Store
-
Isn't The C2758 Product page @ http://store.pfsense.org/c2758/ Misleading?!?!?!
It clearly states "No additional usage or feature based pricing. Unlimited users, firewall rules, VPN connections, etc."
However, the Quick Start Guide @ http://support.netgate.com/index.php?/Knowledgebase/Article/View/18/9/where-can-i-find-the-c2758-quick-start-guide, on page 7 states "One year of pfSense Certified software updates and bug fixes
One year of Netgate’s pfSense Certified premium add-ons for pfSense 2.1"Obviously there is some editing to do.
Which in my mind at least, tells me there is feature based pricing.. At least in that there is a renewal for whatever 'premium add-ons' are included. Shouldn't mention of this appear in the fine print of the product page?
See above.
Also, since I'm bound to be starting a mess here, can clarification be added on Netgate/ESF for these purchase? The documentation clearly states in numerous places, that this is a Netgate firewall, yet, that is left off the pfSense page, leading one to believe this is an ESF product. This seems deceptive.
I understand Netgate is now a majority? share holder of ESF, but ESF != Netgate and Netgate != ESF. It seems you have two separate companies by design, yet you are merging the two or using them like they are one.
Your "understanding" is flawed. Netgate is not a majority shareholder of ESF, but the principals of Netgate are the majority shareholders of ESF.
You are correct when you state "ESF != Netgate and Netgate != ESF". That said, the two companies are co-located in the same office space, and I tend to use what people and resources are available for the tasks at-hand.
Who's collecting the money from this purchase directly? ESF? or Netgate?
Is ESF directly reselling Netgate equipment (Netgate is a supplier)? or am I buying Netgate directly, who then in turn makes a donation to ESF? Who's responsible for the warranty?
In answer to both of your questions: Which store did you buy it from? There is your answer.
I am probably not the only one wondering about this last set of questions, and I don't mean to be creating problems, I'd just like clarity. If I decide to buy one of these, I'd like to know who is it truly benefiting from the purchase.
-
@gonzopancho:
I'm not sure what they mean by "connections / sec".
No, seems odd for a firewall.
Perhaps the nearest thing might be state table inserts per second? Or maybe state table searches per second?
See this thread for some big numbers:
https://forum.pfsense.org/index.php?topic=72810.0Steve
-
Note that all of our equipment is suitable for US power standards. If you live outside the United States, be aware you may need to find a different power adapter / power supply to use your equipment.
(from http://store.netgate.com/International-Order-Payment-W9C111.aspx)
Can someone comment it? Do I need to buy additional power supply if I want to use it in Europe?
-
Almost certainly not.
The vast majority of computer equipment are using switching power supplies with 90-250V input so you can use them in Europe or the US. You may need a different power lead to connect the PSU to the wall socket but these will be easily available locally to you.
There are some exceptions to this though (some laptops and similar power bricks for example) so best to ask about the exact product.Steve
-
Gents, one thing that would really help is more detail on the performance.
I'm looking for a box that will give about 25MBPS on AirVPN:
-
4096 bit RSA keys size
-
AES-256-CBC Data Channel
-
4096 bit Diffie-Hellman keys size
-
HMAC SHA1 Control Channel
-
TLS additional authorization layer key: 2048 bit
-
Perfect Forward Secrecy through Diffie-Hellman key exchange DHE.
Can you advise me? I posted this here instead of just emailing as I thought the reply might be useful for others too.
-
-
Gents, one thing that would really help is more detail on the performance.
I'm looking for a box that will give about 25MBPS on AirVPN:
-
4096 bit RSA keys size
-
AES-256-CBC Data Channel
-
4096 bit Diffie-Hellman keys size
-
HMAC SHA1 Control Channel
-
TLS additional authorization layer key: 2048 bit
-
Perfect Forward Secrecy through Diffie-Hellman key exchange DHE.
I'm assuming you likely mean Mbps (bits). The VK-T40 and C2758 platforms we sell will both do well upwards 25 Mbps with those parameters. The 2D13 is the only system we sell that would struggle to reach 25 Mbps across a VPN with those parameters.
You may have issues reaching 25 Mbps with VPN providers along those lines for reasons entirely unrelated to your firewall. 25 Mbps probably isn't too difficult to reach, but that depends on what kind of load the provider's servers and network are under, how far away you are from the VPN server, and how far the ultimate destination of your traffic is from the VPN server. The higher latency makes it more difficult to achieve high throughput (see "long fat pipe") depending on how high it is. Some providers also significantly over-subscribe their networks and/or servers and hence perform poorly during peak times. I'm not familiar with that provider in particular so not sure what you can expect.
-
-
What is the difference between the VK-T40E and the Netgate APM4? They seem to be identical. We want to begin to replace the old watchguards at all of our satellite sites. thanks.
-
They are identical.
You may want to wait for RCC-VE.
-
Hello,
The pfSense store states the routers come with one year of 'ESF Premium Software Support'.
Is this phone support or e-mail support, etc.?
-
The bundled support is primarily handled via ticket system / e-mail / chat, but may include a phone call initiated by a support representative if circumstances dictate that it's necessary.
-
Hey,
So I am very excited to see the new hardware options on the pfsesne store.
The question I have is with a 1G up and down and a desire to run Suricata which would one be better off with, the SG-2440 or the SG-4860? No VPN traffic at all.
-
Hey,
So I am very excited to see the new hardware options on the pfsesne store.
The question I have is with a 1G up and down and a desire to run Suricata which would one be better off with, the SG-2440 or the SG-4860? No VPN traffic at all.
SG-2440
Dual Core Intel
Atom
C2358 1.7 GHz, with AES-NI and Intel QuickAssistSG-4860
Quad Core Intel Atom C2558 2.4 GHz, with AES-NI and Intel QuickAssistThe SG-4860 comes with a higher CPU frequency, more cores and more RAM
so it would be the better appliance.Overall let us not only taking at the todays CPU performance, but more at QuickAssist.
For some applications with Intel QA using code, it will be changing and one of the common
applications QuickAssist works for at this time is snort, so for those using Rangeley as a UTM
or firewall appliance, it is a major consideration as I see it right. So perhaps you should find out
at next if suricata also benefits from Intel´s QA or not and then what you have to do for activating
in snort for using the Intel QA option to speed up the entire performance. :o -
Intel removed the version of firmware that would accelerate Snort.
Read: don't believe everything you read on the Internet.
The firmware for QAT these days will accelerate crypto and compression.
-
Hey,
So I am very excited to see the new hardware options on the pfsesne store.
The question I have is with a 1G up and down and a desire to run Suricata which would one be better off with, the SG-2440 or the SG-4860? No VPN traffic at all.
You'll want more cores.
Someday I'll turn my attention to Snort/Suricata, DPDK and multi-core regex (probably with AVX/AVX2 acceleration.)
Today is not that day.
-
Hi There
Do you have a supplier in China or Hongkong for the PFSense devices that you mention on this forum… if you do, what is that shop name and contact, willing to bought some of it for my network..Appreciate asap reply...
-
OK, the new website is saying that:
'Bundled' and 'Incident' support is for ticketing system/e-mail support, 24 hour response SLA
'Professional Services' is for consulting via telephone, e-mail, etc.
Is this correct?
What is the pricing of Professional Services?
-
OK, the new website is saying that:
'Bundled' and 'Incident' support is for ticketing system/e-mail support, 24 hour response SLA
'Professional Services' is for consulting via telephone, e-mail, etc.
Is this correct?
What is the pricing of Professional Services?
Professional services is for more involved projects, usually on a fixed fee basis with a specific scope. It's described in more detail here:
https://portal.pfsense.org/professional-services.phpCost is dependent on the project, starts with a 2 hour minimum at $250 USD/hour, so $500 minimum. Email professional.services (at) pfsense dot org with the specifics of your project and we'll get you a quote.
-
Also why are there only rates for vpn without AES-NI?
-
I no longer see any devices on http://netgate.com that are labeled 'pfSense Certified Hardware with bundled support'.
I'm assuming ESF has pulled the plug on the Certified Hardware program?
-
Hardware pre-loaded with pfSense is all listed on the pfSense store now, https://store.pfsense.org/
