Micro / inline / single slot firewall?

whiteknight

I have a requirement to add a firewall to individually protect a couple of servers but it needs to be a 0u solution. (i.e. take no additional rack U space or, ideally, power sockets)

While I am aware the constraints limit what is possible, I am wondering if there is such a thing as a micro / inline firewall that still runs pfSense?

Alternatively, Is anyone aware of a single slot PCI Express card embedded or single board computer that can go inside the servers and will run pfSense as a stand alone firewall?

Ideally it needs to be capable of NAT / PAT at around 100mbit, so the tiny inline devices probably wont cut it, but the embedded option may work.

Guest

I have a requirement to add a firewall to individually protect a couple of servers but it needs to be a 0u solution. (i.e. take no additional rack U space or, ideally, power sockets)

Solutions like this are easy to find on the market and also capable to to handle such load with ease.
Picture
Innominate vendor of this cards

This will be mostly better then arts and crafts or tinker something alone together at home.

While I am aware the constraints limit what is possible, I am wondering if there is such a thing as a micro / inline firewall that still runs pfSense?

In former days this cards was a solution to run VMs in a server, but as today the modern CPUs are coming
sorted with more CPU cores and HT technology, it would be making more sense to set up pfSense in a VM
to use such a card or using this modern CPUs with registers and functions to support the virtual machines
better then this older cards.

deally it needs to be capable of NAT / PAT at around 100mbit, so the tiny inline devices probably wont cut it, but the embedded option may work.

This will be done by the Innominate PCIe cards, they do SPI/NAT and are VPN capable.

whiteknight

I did spend some time searching  before posting, but didn't find anything so thanks for that.

I also have considered doing a VM.  It may be the more cost effective route, but I would prefer a physical device over a VM solution as i want to protect the host, as well as the VMs.  Also a physically separate firewall means that if there is a software issue on the server in question I can still manage the firewall for local diagnostics (ping etc).  Lets me tell if its the hosting company, vm, or physical server that's faulty before having to visit site.

Are there any other options besides the Innominate cards?  They look quite cool, but they seem to be aimed primarily at industrial machinery applications, and no-one lists prices.

Guest

but I would prefer a physical device over a VM solution as i want to protect the host,

But on the PC on PCI(e) cards comes often without any storage, so where you want to connect the
storage device for holding the pfSense system? If you have a special card, please post a link or a
photo, so we could see if there are any connectors for storage devices.

Are there any other options besides the Innominate cards?

They are working well and out of the box without any issues, so there is no need to
tinker the wire new. You could be also interesting in a Cloud based pfSense firewall.

They look quite cool, but they seem to be aimed primarily at industrial machinery applications, and no-one lists prices.

And for co or home workers with a outside locked company PC or server where is a need only to get
rid of any other things such you were asking for.