Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SG-2100 suricata - good performance?

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 3 Posters 921 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      worldHopp
      last edited by

      Has anyone here had experience running Suricata on a SG-2100?

      I'm thinking of running and tweaking suricata but from some posts I've seen on these forums/other sites some say the 2100 is not good enough for Suricata and that it will throttle the system?

      Anyone have any experience using it on the 2100?

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @worldHopp
        last edited by

        @worldhopp I would say it's highly dependent on your Internet speed. If you look at the specs Suricata/Snort is going to drop speeds from the listed numbers. Just running IDS isn't an issue as we have set it up on multiple locations, but not at 1 Gbps download for example.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          @worldhopp said in SG-2100 suricata - good performance?:

          the 2100 is not good enough for Suricata and that it will throttle the system

          Any system will have it's throughput reduced by Suricata or Snort. What matters is if that reduced level is still higher than your available WAN bandwidth.
          It's also very hard to put any definitive numbers on it because performance can vary wildly depending on what signatures you have loaded and the detection engine settings.

          Steve

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.