Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Will Hacom Mars III pfSense 1U enough for my office?

    Hardware
    6
    11
    2827
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kossel last edited by

      Hi.

      I having looking for a pre-built pfsense appliance and found Mars III pfSense 1U from hacom. http://hacom.net/catalog/mars-iii-pfsense-1u-server

      Since I have never used pfsense in production, I don't know if this hardware fits our.

      the offices has around 200 people.
      we use email alot
      we use citrix application alot
      one WAN port will be in vpn with our HQ
      we want to use content filter and traffic shape
      we want to block p2p programs

      eventhough hacom says it can handle 50-200, I wish to hear your opinions. if you have experience with Hacom please comment too

      thanks

      1 Reply Last reply Reply Quote 0
      • stephenw10
        stephenw10 Netgate Administrator last edited by

        I should think almost certainly.  :) The specs on that box (2.9GHz i5, 4GB ram) should be able to handle anything you throw at it. However all my experience is with much lower end hardware so you may want a second opinion. I'm sure Hacom could advise you.

        What is your WAN connection? Do you need to saturate it with VPN traffic?

        Steve

        1 Reply Last reply Reply Quote 0
        • C
          cmb last edited by

          We work a lot with Hacom and have for many years, they've always been good to work with. The support they include with their hardware is provided by us, beyond basic things they handle internally.

          I think that particular platform would be a good fit for what you're looking to do.

          1 Reply Last reply Reply Quote 0
          • K
            kossel last edited by

            thank you very much for the advice!

            1 Reply Last reply Reply Quote 0
            • J
              jasonlitka last edited by

              @kossel:

              Hi.

              I having looking for a pre-built pfsense appliance and found Mars III pfSense 1U from hacom. http://hacom.net/catalog/mars-iii-pfsense-1u-server

              Since I have never used pfsense in production, I don't know if this hardware fits our.

              the offices has around 200 people.
              we use email alot
              we use citrix application alot
              one WAN port will be in vpn with our HQ
              we want to use content filter and traffic shape
              we want to block p2p programs

              eventhough hacom says it can handle 50-200, I wish to hear your opinions. if you have experience with Hacom please comment too

              thanks

              It's likely more than enough hardware unless you've got a REAL fat pipe coming in, but I wouldn't buy it, not with the Realtek NICs anyway.

              I can break anything.

              1 Reply Last reply Reply Quote 0
              • K
                kossel last edited by

                @Jason:

                It's likely more than enough hardware unless you've got a REAL fat pipe coming in, but I wouldn't buy it, not with the Realtek NICs anyway.

                why you wouldn't buy it? because Realtek NIC? I've read pfsense works better with intel NICs, and that's what I'm going to choose

                1 Reply Last reply Reply Quote 0
                • J
                  jasonlitka last edited by

                  If you're getting the Intel NICs then it's fine, though pricy at $2K.

                  I just posted about a similar config over here where I was looking into a new pair of 1U boxes for my main office.  I was looking at less than $3K for two boxes.  Those don't include support though (aside from these forums) so you're looking at another $600 (part of which goes to the project) for 5 hours of support (I haven't used mine very often, but it's been good when I've needed it).

                  http://forum.pfsense.org/index.php/topic,58987.msg317108.html#msg317108

                  It all depends on how much you value having a product you can just bolt into a rack, power on, and go.

                  I can break anything.

                  1 Reply Last reply Reply Quote 0
                  • C
                    cmb last edited by

                    @kossel:

                    @Jason:

                    It's likely more than enough hardware unless you've got a REAL fat pipe coming in, but I wouldn't buy it, not with the Realtek NICs anyway.

                    why you wouldn't buy it? because Realtek NIC? I've read pfsense works better with intel NICs, and that's what I'm going to choose

                    It is a pricey option to go with the Intels vs. Realtek.

                    Realtek chipsets have gotten a bad name from companies who do a poor job of implementing them on their hardware, and end up creating an unstable NIC or one where certain things don't work. Of course recently, one can say the same with Intel with the "packet of death" issue, not a problem in Intel's hardware, but a misprogrammed EEPROM by the motherboard vendor that caused a major problem with the Intel NICs.
                    http://www.h-online.com/security/news/item/Intel-Packet-of-Death-not-Intel-s-problem-1801537.html

                    I haven't personally tested this platform, so I can't tell you how good, bad or otherwise those particular Realteks are, but I would have confidence that Hacom would stand behind the product.

                    1 Reply Last reply Reply Quote 0
                    • N
                      n2qcn last edited by

                      RTL8111C has known TCP segmentation offloading (TSO, TSO4, TSO6) issues that "seem" to be fixed in newer RTL8111E designs. This feature is turned off by default, so you are safe anyway.

                      I have no direct knowledge (FUD warning!) but my guess is an intel i350 board with be better/cheaper than the i340 (82580 design) offered as an upgrade as the high production world has moved from PCI Express v2.0 to PCI Express v2.1.

                      1 Reply Last reply Reply Quote 0
                      • J
                        jasonlitka last edited by

                        @cmb:

                        @kossel:

                        @Jason:

                        It's likely more than enough hardware unless you've got a REAL fat pipe coming in, but I wouldn't buy it, not with the Realtek NICs anyway.

                        why you wouldn't buy it? because Realtek NIC? I've read pfsense works better with intel NICs, and that's what I'm going to choose

                        It is a pricey option to go with the Intels vs. Realtek.

                        Realtek chipsets have gotten a bad name from companies who do a poor job of implementing them on their hardware, and end up creating an unstable NIC or one where certain things don't work. Of course recently, one can say the same with Intel with the "packet of death" issue, not a problem in Intel's hardware, but a misprogrammed EEPROM by the motherboard vendor that caused a major problem with the Intel NICs.
                        http://www.h-online.com/security/news/item/Intel-Packet-of-Death-not-Intel-s-problem-1801537.html

                        I haven't personally tested this platform, so I can't tell you how good, bad or otherwise those particular Realteks are, but I would have confidence that Hacom would stand behind the product.

                        Hacom's support is a good point, but I still wouldn't buy it with the Realtek NICs.  It's the same reason why I pay for the Broadcom -> Intel upgrade on most of my Dell servers.  No matter how good the competition gets, Intel NICs have always worked the first time, the second time, and every other time, without any special workarounds or tinkering.

                        I can break anything.

                        1 Reply Last reply Reply Quote 0
                        • ?
                          A Former User last edited by

                          for us , we use Certain supermicro motherboards cause they use intel Nics and have
                          a proven track record and stand behind there hardware…

                          the packet of death on that particular intel nic was the vendors fault for a messed up
                          EEPROM, but could happen to any Vendor... and whos gonna make it right if somethings
                          wrong?

                          that said , we still pay for the Systems we do and we have No problems with the hardware...
                          and its with INTEL Nic's.

                          NO Realtek junk

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post