New PFSense user

jdhutton

hello,

Looking to start a new build this weekend. This will be the first time using PFSense. Looking for everyone opinion on the hardware

Use case: home FW (filtering / Snort / Malware mitigation / VPN (1 user)) (may be other features I find worthwhile or educational)

Home environment: 3 windows PC's, 6 Tablets / Phones, 2 Tivo Romios, 4 Tivo mini's, 2 network Printers, 1 HyperV server (2016), 2 Server VM's, 1 Linux appliance VM's (AV management) 3 Windows workstation VM's, few other odd ball items im probably forgetting.

ISP: Spectrum (formally TW) 100 / 5

PFSense Hardware: Supermicro 113M-5 (8 hot swappable sas/sata) with a  X8DTL-3F MB, (1) e5620, 4 gig of mem, (1) Crucial M500 MLC 240gb SSD, Intel 350 4 port nic,

Is this enough HD space, Ram and Processor?

I have extra 4 gig sticks to fully populate it in single or dual processor configuration. I also have an extra e5620 I can add to it for dual procs but wont unless you think its warranted (4 core 8thread@ 2.4ghz). I would prefer to run one as they are 80w TDP.

Your thought / recommendations?

JD

whosmatt

@jdhutton:

Is this enough HD space, Ram and Processor?

It's way more than enough.  Enjoy getting to know pfSense.

pfBasic

That is incredible overkill.

My system cost about $130 used on eBay and it would almost certainly yawn at what it looks like you're trying to do.

jdhutton

I figured it was a bit overkill but was what i had laying around.  I wanted something rack mountable as I have an enclosed half rack in the home office. I think my biggest issue will be seeing if I can keep the fans down to a low hum in the 113. I may swap out the 4 SM 40mm fans to 6 Sunon 40mm maglevs.

My hyper v server is a supermicro 846 which I have quieted down enough to be on the phone without the other side hearing which if anyone is familiar with that beast knows is a difficult thing. I did that with all stock SM fans from other model chassis.

Hoping to kick off the PFbuild later tonight as I am doing some ssd upgrades to the hyperv server first.

how much storage do I need for logging?

I will be setting up a vitualized syslog at some point. kiwi most likely. still need to do a lil research on that was well. my linux is a bit rusty.

whosmatt

@jdhutton:

how much storage do I need for logging?

I will be setting up a vitualized syslog at some point. kiwi most likely. still need to do a lil research on that was well. my linux is a bit rusty.

Depends on how much logging you will be doing.  At the default level, not much.  If you use that 240GB SSD you can log to your heart's content.  But yeah, if you really want to get into heavy duty logging a second system will probably provide much better utility.  I'm not familiar with kiwi, but currently using logstash @ work and previously have used Splunk as well.  Both are good for large volumes of logging, and more importantly, visualization and searching of those logs.

Guest

Use case: home FW (filtering / Snort / Malware mitigation / VPN (1 user)) (may be other features I find worthwhile or educational)

A router only device is not needing this Hardware, a Firewall needs some more horse power and a fully odr nearly UTM device
is taking with each Point the packets are passing more and more away from the entire throughput! So it is even more interesting
what do you expect form that device after processing all things such as IDS (Snort), ClamAV (AV Scan) Proxy (Squid,) pfblockerNG
and other packets.

If you have or own that hardware it is really nice, but if want to buy new hardware you should be have a look on more common and
less powerful hardware if that will fit your needs too.