Hardware Suggestion for PFSense with Snort
-
Hello,
I'm running PFSense with DHCP, DNS, Snort (with VRT Rules only) and pfBlockerNg. My Internet connection is 500Mbit/s fiber, the LAN is divided in 5 VLANs with 1Gigabit. At the moment everything runs very nicely on a DELL mini pc. But the electric bill for that setup is too high.
Can you suggest a suitable hardware that will fit my requirements without performance problems and saves energy too? My first thought was a NETGATE 5100, but with 700$ it's quite expensive. Can you suggest any other hardware (Netgate or custom) that fits my needs?
Ps: I don't need a fiber converter within the router. Two network ports are enough (VLAN adressing is done by a vlan switch). No Wifi needed.
-
How much power does the Dell mini actually use? What hardware is it? How much power do you want to be using?
Steve
-
I recommend something at least in about the same hardware class as the SG-5100. You might could cobble together a generic no-name box built from various parts and pieces for a little less than the cost of an SG-5100. But with all the supply chain issues and high chip prices today due to the pandemic, cobbling together a box might be more trouble than simply buying an SG-5100. Your call on that since it is your budget.
For Snort (or Suricata) I strongly recommend at least 4 GB of RAM and a high speed Intel CPU. Snort is single-threaded, so you would want to favor higher clock speeds over core count to optimize performance when choosing the CPU. Single-threaded apps are only going to utilize a single CPU core. The tradeoff with clock speed is power consumption. Higher clock speed equals more power consumption.
Last recommendation is to be sure the box has quality Intel NICs! No Realteks, and most definitely no USB NICs.
-
I have the computer described in my sig. Works well.