4. Hardware for new PFSense box question

Hardware for new PFSense box question

  • T

    Hi @ll

    I am planning to buy new hardware for our PFSense installation :

    Came across a Supermicro 5015A-EHF-D525 Dual-Core Atom D525 Barebone. I'd like to
    fit it with a 60 G SSD, 2 Gig RAM and 4 Intel 82574L Gig Ethernet Adapters.

    Here's what it should do :

    LAN 1 : LAN with 40 Worstations and 5 Servers
    LAN 2 : Captive Portal for up to 500 Clients/Devices
    DMZ : Security Surveillance Cams
    +WAN

    Will the machine above fit these requirements ? Does anyone have experiences with
    a similar configuration ?

    Thank you all in advance

    thafener

    0
  • Netgate Administrator

    The number of clients or machines on a network is not the limiting factor in pfSense (no per machine licence!)  rather the required bandwidth through the box.
    You haven't mentioned what your internet connection is. However it looks likely you will want to access data between local interfaces, DMZ to LAN1 for example, so that will probably be your limiting factor. The D525 is capable of firewall/NAT around 500Mbps. Perhaps more with some tuning.

    Of course if you need to run VPNs or Snort this value will be lower.

    Unless you want to run Squid you won't need a 60GB drive.

    See: http://forum.pfsense.org/index.php/topic,42853.0.html

    Steve

    0
  • T

    Thank you Steven, at this time our Bandwith is 50 MBit/s but we're planning to get 100 MBit/s.

    As we are a Hotel with 200 rooms we need the Proxy and are already using it.

    The big task for us is that every the guests often have a Laptop, a Tablet and also a Smartphone
    and so I am plannign for this big number of clients.

    Regarding VPN I have 1 or 2 roadwarriors using VPN

    Regards

    Thafener

    0
  • Netgate Administrator

    You'll get 50-60Mbps VPN throughput but that will max out the CPU. Thus you can have, say, 25Mbps or VPN and 250Mbps of other throughput.

    With that many clients you will need to use some form of bandwidth limiting to ensure everyone gets something.

    You should at least consider a Core i3 based machine. They are often around the same price and with similar power consumption but far higher computational ability.
    See: http://forum.pfsense.org/index.php/topic,45452.0.html

    Steve

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy