QuickAssist and Snort/IDS



  • It is my understanding QuickAssist will not now or ever help in processing rules as Intel abandoned the codebase to do so.

    It will still work for VPN encryption, though.

    I am a home user who does a bit of downloading and media playing.  I assume the SG-2220 is sufficient but I was also looking at the 2440 if QuickAssist would eventually support Snort/IDS.

    Is it true that QuickAssist will not get implemented for Snort/IDS?  I don't use a VPN but as a tinkerer I do like the IDS/IPS stuff.

    Thanks!



  • Hello,

    in the early beginnings Intel´s QuickAssist technology (QAT) sgould be speeding up the following
    tasks and functions, IDS/IPS like snort and suricata, encryption tasks like VPN, de-compression tasks.

    It is my understanding QuickAssist will not now or ever help in processing rules as Intel abandoned the codebase to do so.

    Yes and after doing this the Intel QAT is now only for de-compression and encryption tasks and not for
    more likes before. It is a shame and really ugly but it is also a fact.

    It will still work for VPN encryption, though.

    And decompression and compression tasks like increasing the throughput also on not encrypted tasks.
    The only hint is, that then on both sides the Intel QAT must be working!

    I am a home user who does a bit of downloading and media playing.

    Then the AES-NI function will be more interesting for you.

    I assume the SG-2220 is sufficient but I was also looking at the 2440 if QuickAssist would eventually support Snort/IDS.

    It can´t support Intel QAT because this code was,like you said, abandoned from the code database.

    The AES-NI and QAT will be only speeding up some smaller SoCs or CPUs, the real goal you would be reaching
    and/or hitting with the Intel based QuickAssist Server Adapters

    So it is not placed to the pfSense side as you can imagine, more then on the Intel side.
    And if you are planing to deal massively with DPI or IDS/IPS tasks you should be looking
    more for another device with an other CPU inside, likes the Intel Atom C2758, Xeon D-1540
    or Xeon E3-1276v3 that would be really better.



  • Reminds me of my crappy Intel Turbo Memory card collecting dust somewhere (Intel didn't support it long). ::)

    FYI- the torrent box is another box on the internal network.

    So you're saying AES-NI would help with, say, torrent clients that support protocol encryption, hypothetically speaking?  And, if so, would my torrent client have to be on the pfSense box to utilize the AES-NI or would it serve to encrypt the data for the torrent client on another computer in the internal network?



  • Reminds me of my crappy Intel Turbo Memory card collecting dust somewhere (Intel didn't support it long). ::)

    This might be but with the QuickAssist accelerator cards Intel could be more targeted the server market
    or only small SoS based platforms.

    FYI- the torrent box is another box on the internal network.

    I really don´t know what you are talking from or about? I can´t anything about torrent in your
    opening thread. Ans based on the information that you are a home user and doing some media
    streaming or playing AES-NI would be more the target for you, because Intel QuickAssist isn´t
    integrated at this time in pfSense, but the SG-xxxx units comes with AES-NI and QuickAssist
    hardware support. So AES-NI is more for the encryption tasks like VPN and the QuickAssist
    would be if it is entered in the code line of pfSense more for decompression or compression
    as I see it right.

    So you're saying AES-NI would help with, say, torrent clients that support protocol encryption, hypothetically speaking?

    No never I would do so! Once more again the AES-NI would be more interesting for you as a home user as
    the AES-NI can be used at this time, but the QuickAssist can´t be used.

    And, if so, would my torrent client have to be on the pfSense box to utilize the AES-NI or would it serve to encrypt the data for the torrent client on another computer in the internal network?

    AES-NI = cryto work or encryption
    Is enabled and ready to use at this time in pfSense!
    QuickAssist = decompression or compression and encryption
    Is not inserted in the pfSense code and not ready to use at this time!



  • Dude, chill out.  You switched the subject brought up AES-NI.  I was just trying to figure out why I would want that.

    You brought up media playing.  If AES-NI is indeed for encryption/decryption I have no idea why AES-NI would help with playing media.  It isn't like I'm streaming encrypted videos on my network.

    Since you switched the subject to AES-NI, what are you saying AES-NI would do for me.  I'm just trying to figure out if it's worth considering more hardware than an SG-2220 for a home network if I expect my maximum use would be for video streaming, torrent downloading yet I want to run an IDS/IPS on the box.


  • Banned

    @jawz101:

    I want to run an IDS/IPS on the box.

    And what's exactly stopping you? You can do that now, without any QA or any other quick Intel backdoors.



  • I wanted to know if any of the additional features of the SG-2440 would offer improved performance for Snort/Suricata and typical home user media downloading and streaming versus the SG-2220.



  • I wanted to know if any of the additional features of the SG-2440 would offer improved performance for Snort/Suricata and typical home user media downloading and streaming versus the SG-2220.

    They are nearly identically, the SG-2440 comes only with 2 GB RAM and 2 LAN ports more.


  • Netgate

    The 2220 uses a SoC without QAT.
    The 2440 adds m-SATA (2220 has m.2) and has 2 minipcie (2220 has one)
    2440 has additional SATA port.
    2440 has cmos / tod backup battery
    2440 has 4GB ram (2220 has 2GB, we could build a 4GB variant. MOQs apply)
    2440 has 4xi350 Ethernet (2220 has 2xi350)


Log in to reply