Firewall dedicated hardware - request for comments



  • Hi all,

    I am new here and relatively new to pfSense in general. I plan to make a bigger investment in a firewall appliance configuration, and I'd like to hear advanced users comments and opinions.

    Purpose of the device:

    • filtering the traffic (mostly to drop packets comming from unwanted ranges) for up to 1Gbit

    • some basic, rudimental DoS protection / filtering - as much as possible by HW

    • no VPN needed

    Behind this firewall would sit several webservers.

    Upstream connection intended to protection: 1Gbps

    What I am looking at is the following barebone firewall appliance :
    CPU: i5-3570 (Quad Core 4x 3.40GHz,6MB,77W,S1155)  - supports: Sandybridge/IvyBridge LGA1155 (Celeron/Pentium/i3/i5/i7)
    RAM: 16GB DDR3 1333
    Chipset: Intel B75
    Graphics: onboard PowerVR SGX545
    LAN:
    2x Intel i350 (SPF)
    6x Intel 82583 1000M
    Storage: 60GB SSD
    Storage Interface: 3SATAⅡ  1SATAⅢ
    1RJ45 to COM + COM pin
    Expansion Slots: 2
    MINI-PCIE (for M-SATA/WIFI), 1SIM, 1CF
    USB:  6x USB 2.0  (4 onboard)

    Approximated purchasing price of all parts needed would be around US$ 800

    What do you guys think about it, will it align with my goals?

    How does full blown i5-3570 in terms of performace for filtering purpose compare to Avoton C2758 in official pfSense appliance?

    Thanks in advance for your comments


  • Netgate Administrator

    Should be fine with that.
    The i5 doesn't have quick assist which means in the long term the C2758 will likely be faster for encrypted traffic.

    Steve



  • Hi stephenw10,

    thank you very much for your comment!

    Since I'm not interested for any VPN tunnels or similar, I think I won't miss this functionality, but thanks for pointing that out.  ;)


Log in to reply