pfSense recommendations
-
I am looking at improving my home network security and pfSense has been recommended on another forum.
My requirements are not that rigorous. Mainly protection verses throughput. Looking to restrict some devices from the internet (security cameras and NAS storage) while providing home use desktop and WiFi laptops with internet access (no gaming or massive data downloads required). I have a 500Mb/s fiber internet connection with my ISP.
I understand there are a couple of options such as buying an all-in-one solution like a Netgate 1100 although the cost is somewhat high.
Alternatively, a DIY solution might be less expensive albeit more effort (frustration ?).
I am not a "network" guy but don't think a DYI solution is beyond my abilities (allowing for a learning curve).
I have a few questions:
-
The pfSense documentation seems to prefer AMD processors. Would repurposed/reconditioned PC's with Intel i5 CPU’s be acceptable?
-
Does the pfSense installation replace the Windows OS or does it reside with it?
-
"high quality" NIC's (with Intel chips) are recommended. They are an important component in the solution and can obviously impact throughput however the cost of some NIC's, plus the cost of a PC can add up to approach the cost of a Netgate 1100. I can find some lower cost NIC's (such as TP-Link TG-3468) but am leery of performance. Are there "cost effective” NIC's that might be appropriate for my application?
Edit: [spam was here]
Thanks
-
-
@kanom-wan , let me start by asking back: What amount of time are you willing to invest in learning about pfSense? It is a hugely powerful tool and as such has a learning curve.
An Intel i5 should be fine in general. Things may change, however, if we are talking about VPN and/or intrusion detection. What i5 exactly do you have in mind?
pfSense runs on top of FreeBSD. So it "replaces" Windows in that sense.
Depending on where you live, a used Intel-based NIC should not be that difficult to find used and for about 30-40 bucks. I would not go for something non-Intel personally. I know from TrueNAS (also based on FreeBSD) that many people have tried that path and failed. Are you willing to spend hours to save 20 bucks?
-
@kanom-wan said in pfSense recommendations:
seems to prefer AMD processors. Would ... Intel i5 CPU’s be acceptable
It is the CPU instruction set not manufacturer which matters. amd64 is a description of the chip architecture, like x86 (or i386) was for 32-bit architectures. AMD developed and released 64-bit chips before Intel, and apparently Intel licensed the AMD technology to use in their chips.
As a result an Intel i-5 CPU will run the code in the pfsense amd64.iso
@kanom-wan said in pfSense recommendations:
"high quality" NIC's (with Intel chips) are recommended.
Again you don't have to buy the card or motherboard from Intel, just when looking for a computer or NIC, if it does not use an Intel chips then there may be a higher risk the driver has issues. May don't but if you run into troubles then that is an issue which has come up.
@kanom-wan said in pfSense recommendations:
Netgate 1100 although the cost is somewhat high
If you put a price on your time electricity to run your DIY then that will probably turn out to be a false assumption.
If playing with computers is a hobby or you use it for other things then maybe not. -
@kanom-wan I have been running pfSense for over 6 years and am quite happy with it. Initially, I ran it on a HP compact desktop computer and now on the computer described in my sig. My understanding is Intel NICs are fine, but some others not so great.
-
Just stick with Intel CPU and Intel NICs if you want to save yourself from trouble. If it`s really that hard to find Intel NICs, and if you are not sure about DIY setup, go for a genuine Netgate device. Its all up to you.
-
-
This is spam lifted directly from here. Locked.
Steve