Hardware Recommendation for PFSENSE
-
Hello. Looking for suggestions on hardware to get for a specific setup. We have a Comcast connection with 150mbs
We primarily have roughly up to 300-400 users at a time on a wifi network composed of ubiquiti Ap pros throughout our building.
They will be on a public/guest vlan with Snort and Website restrictions
There will also be private vlan for less users roughly 50-60 with a higher priority
Basically there will be web browsing and file downloads for about 1 -5 mb by the users on the private/guest network and large files up to 350 mb from the private network. These are just assumptions and not all users will be downloading at the same time
Im looking at the following as a good starting point as cheap and realiable for this particular use
Any thoughts?
Supermicro X9SCI-LN4F Motherboard
- E3-1270 V2 CPU TDP 69W Quad Core 8 Thread
- 16GB RAM (4x 4GB 2rx8 ECC REG Unbuffered)
- 160GB Intel 520 Series SSD 2.5" flash Drive installed
4x 1GBE LAN via intel i350 onboard
-
That would do it. Overkill for a 150Mbps connection though. Allows room for a WAN upgrade I guess.
Steve
-
You can do this with an APU. Or an SG-1000. Or the SG-3100. Or any random internet of things toaster. Or any china box as long as you put them in HA mode and buy two.
-
The SG-1000 would probably not cut it at 150Mbps. And definitely not if you need to run Snort and Squid.
Steve
-
The SG-1000 would probably not cut it at 150Mbps. And definitely not if you need to run Snort and Squid.
Steve
Oops, didn't see the IDS/IPS part. Gonna need i5 power or better for that, 8GB RAM and perhaps a small SSD as well.
-
@johnkeates:
The SG-1000 would probably not cut it at 150Mbps. And definitely not if you need to run Snort and Squid.
Steve
Oops, didn't see the IDS/IPS part. Gonna need i5 power or better for that, 8GB RAM and perhaps a small SSD as well.
I run the older SG-2440 with Snort, ntop and 200 MBPS down. Its cutting it close but if you moved to the SG-4860 you would have room for growth. All for less than 20w!
Infact, I installed on for a site with about the same specs, less users but more bandwidth consumption (lots of BIG PDFs 20MB+ being emailed in and out). We also did offsite backup replication over VPN granted that was limited to 40mbps by the remote site.. We never had issues with performance.