Yet another noob asking for hw advice for home setup…



  • Dear All,

    I've run the forums and searched the web, but before committing my hard-earned money on a purchase i'd like to have confirmation that i'm not doing anything blatantly stupid or overlooking something.

    The situation is the following: I'm in a european soho environment, home + office, 1-3 max concurrent users at the end of a crappy adsl 10/1 that might be upgraded in the future up to 30/5 top. no fiber unfortunately.

    I'd like to make the PFSense box my centralized hub for networking, plus IDS/UTM.

    so I'd like to run almost the whole circus on it:

    Snort, Squid, squidguardian, clamAV, etc… plus of course the immancable 1-2 VPNs.

    so i hope you can understand that i'm so confued about the system requirements, i've seen in th forum two reccomanded setups:

    alix boxes, maybe from european vendor http://www.applianceshop.eu/index.php/firewalls/opnsense.html

    i'd love to support a company that invest and sponsorize the pf developement. but on the other hand the boards looks underspecced for my needs? can it be?

    soekris atom board or equivalent http://soekris.com/products/net6501/net6501-30-board-case.html

    the reviews i've read are happy with them, but i haven't seen any high workload on them (i don't even know if my workload can be classified as high, so i might be mistaken) ant the atom looks like at the lower end of the spectrum...

    diy i3 -atom- hp microserver here we are at the high end of the spectrum, and if possible i'd like to avoid this road due to cost/bulk/heat considerations but if needed i'll byte the bullet.

    grab used firebox/thin client and hack my way thorugh it.  mhe, latest likely option imho.

    old laptop: got a old 17" dell ispiron 9800, but it's big, old, dusty and it is something i would like not to have in the dining room. have to get a pcmca ethernet card and haven't found anything crystal clear on compatibility. no managed swithc to assign vlans to the inboard lan. but it would be the cheapest solution, battery/ups/screen/keybord/etc...

    any comment, insight, suggestion, or scream will be mostly welcome.



  • @the_greenest_noob:

    The situation is the following: I'm in a european soho environment, home + office, 1-3 max concurrent users at the end of a crappy adsl 10/1 that might be upgraded in the future up to 30/5 top. no fiber unfortunately.

    Snort, Squid, squidguardian, clamAV, etc... plus of course the immancable 1-2 VPNs.

    I have 2xAlix at home, it will run the 30/5 just fine being a router/firewall, just not with squid/clamAV, then you want to move to the net6501 or higher (haven't seen benchmarks), maybe something like:
    http://linitx.com/product/fx5624-intel-celeronm-600mhz-6-nic-firewallrouter-platform-2xgigalan-4x10100/12508
    or
    http://www.mini-itx.com/store/~JNC9E-525 (can put in another 3xLAN card)



  • Do a search for a D2500CCE Intel mainboard on this forum. I don't own one, but I have another fanless Atom board (IM945GSE) and that is sufficient for your setup. I have run ClearOS on this board, and that is much more demanding, also in SOHO environment.

    Buy a nice case, an SSD and this is much cheaper.



  • D2500CCE might not be the perfect choice if you want to run Snort. Squid and Danguardian alone shouldn't be an issue. Snort will run on it but I presume the CPU running at 90-100% with no cycles left for other packages. I myself have been looking at Atom processors but its still not that powerful enough for processing multiple resource hungry packages.



  • @the_greenest_noob:

    old laptop: got a old 17" dell ispiron 9800, but it's big, old, dusty and it is something i would like not to have in the dining room. have to get a pcmca ethernet card and haven't found anything crystal clear on compatibility. no managed swithc to assign vlans to the inboard lan. but it would be the cheapest solution, battery/ups/screen/keybord/etc…

    Words of Wisdom
    Get a cheap level 2 managed switch or pcmca ethernet card off Ebay and dust off that old laptop!



  • @Clear-Pixel:

    @the_greenest_noob:

    old laptop: got a old 17" dell ispiron 9800, but it's big, old, dusty and it is something i would like not to have in the dining room. have to get a pcmca ethernet card and haven't found anything crystal clear on compatibility. no managed swithc to assign vlans to the inboard lan. but it would be the cheapest solution, battery/ups/screen/keybord/etc…

    Words of Wisdom
    Get a cheap level 2 managed switch or pcmca ethernet card off Ebay and dust off that old laptop!

    Ditto!



  • @asterix:

    D2500CCE might not be the perfect choice if you want to run Snort. Squid and Danguardian alone shouldn't be an issue. Snort will run on it but I presume the CPU running at 90-100% with no cycles left for other packages. I myself have been looking at Atom processors but its still not that powerful enough for processing multiple resource hungry packages.

    My N270 Atom processor runs fine with Snort VRT rules in Balanced IPS mode and some ET rules on 2.1BETA. Only starting up of Snort takes some time. If you have enough memory it shouldn't be a problem.



  • @gogol:

    @asterix:

    D2500CCE might not be the perfect choice if you want to run Snort. Squid and Danguardian alone shouldn't be an issue. Snort will run on it but I presume the CPU running at 90-100% with no cycles left for other packages. I myself have been looking at Atom processors but its still not that powerful enough for processing multiple resource hungry packages.

    My N270 Atom processor runs fine with Snort VRT rules in Balanced IPS mode and some ET rules on 2.1BETA. Only starting up of Snort takes some time. If you have enough memory it shouldn't be a problem.

    @asterix:

    D2500CCE might not be the perfect choice if you want to run Snort. Squid and Danguardian alone shouldn't be an issue. Snort will run on it but I presume the CPU running at 90-100% with no cycles left for other packages. I myself have been looking at Atom processors but its still not that powerful enough for processing multiple resource hungry packages.

    @Clear-Pixel:

    @the_greenest_noob:

    old laptop: got a old 17" dell ispiron 9800, but it's big, old, dusty and it is something i would like not to have in the dining room. have to get a pcmca ethernet card and haven't found anything crystal clear on compatibility. no managed swithc to assign vlans to the inboard lan. but it would be the cheapest solution, battery/ups/screen/keybord/etc…

    Words of Wisdom
    Get a cheap level 2 managed switch or pcmca ethernet card off Ebay and dust off that old laptop!

    thanks everyone for your insight, i'll try to test the laptop, given that the atom way looks underpowered for what i aim to do.

    any hints on a known working pmcia card would be very appreciated.



  • @the_greenest_noob:

    thanks everyone for your insight, i'll try to test the laptop, given that the atom way looks underpowered for what i aim to do.

    any hints on a known working pmcia card would be very appreciated.

    CardBus or ExpressCard?

    Used an Intel Pro/100 CardBus in DELL Inspiron 5100 until recently switched WAN to VLAN on the integrated Broadcom 440x.  LAN is native physical.


Log in to reply