1Gbps Internet connection Hardware build
-
I wanna run pfsense as router with snort+firewall for my network. I've got Google Fiber's 1Gbps internet connection (no boasting, just a fact lol) and I wanna keep it close to the mighty number. Currently, I've got a computer collecting dust with following specs:
-
Intel 4430 3 GHz Quad-Core (BX80646I54430) Processor
-
MSI H81I LGA 1150 Intel H81 HDMI SATA 6Gb/s USB 3.0 Mini ITX Intel Motherboard
-
8GB DDR3 RAM
-
265GB SSD <–Well, definitely an overkill. I see. I see.
My question is, what do you pros recommend:
-
Use a bare hypervisor like Xen or Esxi and install pfsense on it along with one or two more machines. Reap the specs. OR
-
Use the PC as sole pfsense box
-
-
I might leave it on hardware but a VM should be able to handle it also.
-
Anybody done it on Xen Center? Or do you guys prefer Esxi?
-
I'm running it on EXSi - Works well.
And plain hardware - Works well also…
-
I'm gonna start with visualization then. Could also run AlienVault OSSIM on a VM and kill two birds with one stone :)
Thanks man.
-
I've never used AlienVault OSSIM, but seems you could avoid loading alot of packages on pfsense by doing that. Notoriously troublesome packages at that.
-
A great solution is also "Security Onion"… but Ossim and SO are both an IDS, so they will not block malicious traffic. SO is free to use but Ossim is a paid service. There is a trial for it, but to get it fully integrated, you need to pay for it.
I use Security Onion behind pfSense and also have sensors in front of my Lan Servers. It's also a great event management and correlation solution.
-
Thanks guys. I meant open source (free) version of OSSIM. It's still pretty good and I'm quite comfortable with it. I'm planning to mostly use it for SIEM purposes so it being pure IDS won't hurt. I do like pfsense's integration of Snort though :) Already tested it with some nmap scans and scapy.
I've also used Security Onion before. I enjoyed with its large number of quite stable packages.
