Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 28 subscribers
  • Views 10288 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Chinese mini PC J1900 + 4 Intel NIC

Pavol Vesely

Hi fellow Sophos users. I am thinking to upgrade from UTM Free license running on UTM 110/120 rev.5 to the XG firewall.

I already know, that the Atom in the old appliance will not handle the home use (4 people with laptops and mobiles, Internet connectivity 80/20 Mbit)

Can someone confirm I can install the XG on a Intel Celeron J1900 + 4x Intel NIC based generic Mini PC with good performance?

I plan to use Web filter, firewall rules of course, NAT (port forward) rules, VPN server, antivirus.

Thanks in advance for reply.

I plan to buy this cheap Chinese thing or maybe the Quotom one - though a bit more expensive:

https://www.aliexpress.com/item/Celeron-J1900-Mini-pc-free-shipping-micro-sd-two-usb-and-four-lan-laptop-overwatch-Computer/32794678352.html?spm=a2g0s.8937460.0.0.57592e0ejFKjsc



This thread was automatically locked due to age.
  • 0 in reply to nd

    What do you see in the IPS tab of the GUI during your testing?

    Ian

  • 0 in reply to rfcat_vk

    In the live log file for ips?

    2019:04:03-21:04:37 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1048740 bytes (client queue). 192.168.4.103 57995 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007
    2019:04:03-21:04:37 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1048780 bytes (client queue). 192.168.4.103 57997 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007
    2019:04:03-21:04:38 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1048660 bytes (client queue). 192.168.4.103 57993 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007
    2019:04:03-21:06:36 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1051540 bytes (client queue). 192.168.4.103 58028 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007
    2019:04:03-21:06:36 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1051300 bytes (client queue). 192.168.4.103 58026 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007
    2019:04:03-21:06:36 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1056760 bytes (client queue). 192.168.4.103 58030 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007
    2019:04:03-21:06:39 sg210 snort[5056]: S5: Session exceeded configured max bytes to queue 1048576 using 1067000 bytes (client queue). 192.168.4.103 58036 --> 84.116.34.253 8080 (0) : LWstate 0x9 LWFlags 0x6007

    in the shell i tried to increase the queue length but same result:

    cc set ips queue_length 8192

     

    the cpu usage while downloading with above speeds is very low: <15%

  • 0 in reply to rfcat_vk

    So deactivating IPS completelly eliminates the bottleneck of both firewalls; same for a SG115 device:

    IPS on, WP / AV Proxy on = 109MBit/s

    IPS off, WP / AV Proxy off = 295MBit/s (300mbit/s connection)

     

    for that SP115 device this is like that what the official whitepaper says about the performance.

    But what about I am a little bit confused is the CPU load which is on all devices (with activated IPS, WP, AV) very low?? The SG115 was round about 50% on ~100MBit/s.

    Where exactly is the bottleneck? I thought this depends on the cpu ability and load?

     

    sorry for that offtopic talking, but the j1900 device is also a chinese device and I am comparing some devices (SG210, SG115, SG125, ChineseBox J1900, AMD GX-415 GA, etc)