What Netgate appliance should I choose?
-
Hi, I want to purchase a new official Netgate hardware appliances (https://www.netgate.com/products/appliances/) but I don't know which model is corrent for me. My infraestructure:
- 1 Gbps WAN Internet
- 4 rack mount servers
- About 100 users (Office and external users accessing to our internal website)
- L2TP VPN established between hosted website and our file server.
- OpenVPN to connect to users with laptops.
I will only use Squid or Liquidsquird.
Thanks!
-
I would reach out to them direct to be honest
https://store.netgate.com/About-Us.aspx
We're happy to help you with pre-sales questions and post-sales information. The best way to reach us is via emailPhone: +1 (512) 646-4100
Fax: +1 (509) 267-2368
Email: sales@netgate.comYour 1 gig wan is symmetrical? What are you expecting with openvpn speeds for road warriors?
Do you have any budget limitations... Please do not say cheap as possible, since that is not actual answer ;)
-
Yes, contact sales directly for the best recommendation.
Does the firewall need to be rackmount?
Steve
-
Yes, 1 Gbps symmetrical. And is no needed to be rack mounted. I will prefer under 1000 €
-
I'd go for the SG-5100 then.
-Rico
-
Yes, that's what I would choose in that situation. But our sales guys can discuss your requirements in more detail if you contact them.
Steve
-
I thought you would recommend me the XG-7100..
-
The XG-7100 is a great device as well, both the XG-7100 and SG-5100 run with the same CPU.
In my eyes the main difference is that the SG-5100 got 6 separate GbE Ports, the XG-7100 2x 10 GbE and 8x GbE Switch Ports.
You just have to check which one fits your requirements best. :-)
And the SG-5100 is $100 cheaper then the XG-7100 desktop version.-Rico
-
@rico said in What Netgate appliance should I choose?:
The XG-7100 is a great device as well, both the XG-7100 and SG-5100 run with the same CPU.
In my eyes the main difference is that the SG-5100 got 6 separate GbE Ports, the XG-7100 2x 10 GbE and 8x GbE Switch Ports.
You just have to check which one fits your requirements best. :-)
And the SG-5100 is $100 cheaper then the XG-7100 desktop version.-Rico
If in the future I go for 10GBe connected switches.. better go for the XG-7100, true?
SWITCH1----10GBe----SWITCH2----10GBe-----FIREWALL
-
I don't know that "switch ports" are.
-
@apena said in What Netgate appliance should I choose?:
SWITCH1----10GBe----SWITCH2----10GBe-----FIREWALL
From your drawing when both switches reside in the same subnet behind the firewall you don't have essentially go for 10 GbE Ports... only when you really want or need to route 10 Gb Traffic.
@apena said in What Netgate appliance should I choose?:
I don't know that "switch ports" are.
Exactly what the name implies, it's a build-in 8 Port Switch. No big deal because you can discrete them in pfSense with VLANs when needed, just for your reference because the ports are not physically separate.
-Rico
-
Thanks a lot man!
-
Yes, the on-board switch in the XG-7100 is nice if you have a soho style setup where you would otherwise need an additional switch. But you cna also separate ports out into discrete interfaces using internal VLANs.
If you ever need to route traffic between subnets at greater than 1Gbps then you will need 10GbE ports. If the firewall is only between your switched internal network and your internet connection though it only needs to pass whatever bandwidth that can provide.Steve
-
And.. If I could find a Dell/HP 1U rack for the same price?
- Basic Xeon
- 8 GB Ram
- HDD SATA
Will be better?
-
Well obviously not better for us / the project.
Steve
-
No prob not.. How much power that going to use? Does that HP support the company that makes the OS your running... etc..
-
Yes you are right!
I’ll go for the SG-5100... if my customer want to expend that money!
Now is running on an old Compaq server!
-
If you can get Hardware+Software from the same producer it's always the best choice, they work 100% together and you'll get good support.
With HP for example you will have problems with the Gen10 because there are no working FreeBSD drivers yet. I tried myself with some ProLiant DL360 Gen10 for testing ~3 months ago and could not even get through the pfSense 2.4.3-p1 Installer...
If you want some 100% reliable out of the Box pfSense without tinker just get one Netgate appliance and be happy. :-)-Rico
