Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 14 replies
  • Subscribers 31 subscribers
  • Views 3814 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Looking for Hardware Recommendations for FiOS Gigabit

Brian Santomauro

Hi eveyrone,

 

    Hi everyone. I have wanted to try out Sophos XG for a while now. The only thing that has stopped me is that I was worried that I wouldn't be able to sustain my Verizon FiOS Gigabit Down/UP connection with the hardware limitations in the Sophos XG home edition. I am currently running pfSense on this hardware. It has an Intel Atom C2758 2.4Ghz 8-Core CPU, 16 GB RAM, and a 120gb SSD.

 

Now I know the sophos xg home is limited to 4 cores / 6gb of RAM. After posting on Sophos reddit the other day, it looks like a high cpu clock rate is just as, if not more, important than the amount of cores. I have searched around but am having a hard time finding something that will work. Can you guys recommend an appliance that will fit the bill here? I plan to eventually turn on all the features (IPS, AV Scanning, Web Filtering, SSL Decrypt, etc.) I preferably would like something rack mountable but a mini pc or something like that would be ok too. I am looking for something built or barebones. I am trying to avoid building this from scratch. The best I have come with so far is a Dell R210 ii with a xeon e3 chip in it which clocks around 3.1 - 3.3 ghz base. Not sure if that is a high enough clock rate or not. What are you guys using for this type of scenario? Thank you for your help.



This thread was automatically locked due to age.
  • 0

    Hi,

    The CPU speed and real cores are essential for home use. Just to clarify the home use edition is the same software used in the XG hardware and software sold to businesses.

    The E3 should more than adequately meet your requirements. The E3 in my signature is the same as used in the XG430 series hardware. The only item I cannot determine is what the NICs are and are they supported by Sophos. Do not get Intel 219 series as they are not supported.

    Ian

  • 0 in reply to rfcat_vk

    Hi Ian,

     

        Thank you for your reply. So I think I definitely want to go with an e3 now. Did you buy some sort of barebones appliance or did you build it from scratch? If from scratch, what did you put the hardware in? I don't think I can get an e3 v5 in the r210 so I would need to find something else. Thank you again for your help

  • 0 in reply to Brian Santomauro

    Hi Brian,

    my unit is built from scratch using a ASUS server MB, SSD, 8gb and the E3-1225 v5.

    Your choice of the R210 with the E3400 series will be more than adequate, the only issue really would be power and heat generation from my point of view.

    Ian

  • 0 in reply to rfcat_vk

    Hi Ian,

     

         Ok thank you. I will look into and see how I want to do this. Your custom built unit, do you have it in a regular tower case or rackmount case? If rackmount which case did you use for that? Does your mobo have multiple NIC's or did you buy an Intel Quad NIC card? Sorry for all the questions. Thank you for your help.

  • 0 in reply to Brian Santomauro

    Hi Brian,

    my unit is a Mini ITX, the case is a little larger than I wanted, but my smaller cases power supplies died. The MB comes with 2 onboard NICs and I bought an Intel based dual NIC server card. For my purposes the 4 NICs is enough. Once you equip your XG with 4 NICs and want to perform restores to a newer smaller build you can't you always must have the4 NICs or do a fresh configuration.

    I do a lot of experimentation with my unit that is why I have the higher performing CPU. CPU doesn't really go above 20% on my 50/20mb/s link.

    Ian

  • 0 in reply to rfcat_vk

    Hi Ian,

     

        Thank you for your help. Sorry to bother again but I have a couple more questions. So, the past couple days I have been looking around for hardware based on your recommendations. I was going to go with the r210 II but I read a bunch of posts here on the sophos forums (and 1 on reddit) about people having issues with Sophos XG not booting after the initial install. So that kind of shied me away from that. What I'm currently thinking of buying is the following:

     

    Supermicro SYS-5019S-ML - 459.99 on Amazon

    Intel E3-1230 V6 - 269.99 on Amazon. Processor Base Clock is 3.5Ghz and can turbo up to 3.9Ghz

    Timetec 8GB DDR4 RAM - 51.99 on Amazon

    Samsung 970 EVOPlus 250GB M.2 SSD - 69.99 on Amazon

     

    This is a little pricier than the R210 but I am hoping with less compatibility problems. The R210 was probably going to run me around $365 which would have included everything but the HDD and I also would have had to buy a quad intel nic card because the dual nics the r210 comes with are Broadcoms.

    First question would be this should be sufficient for what I am trying to achieve, correct? Does Sophos XG support M.2 NVME SSD's as far as you know? Would it be better to just buy a couple regular SATA SSD's and Raid 1 them for a tiny bit of redundancy assuming Sophos XG supports raid configurations?

    Thank you for your time.

  • 0 in reply to Brian Santomauro

    Hi Brian,

    glad to help.

    That Amazon setup looks good. The only question about it does the onboard display work without having the display function in the CPU?

    Your RAM choice sold be your weak point, an unknown brand?

    I wouldn't worry about complicating a home unit trying to get raid working. If you take regular backups then go with the single disk.

    I am not sure about the M.2 SSDs while nice probably don't add much if any to the performance and the support might be a bit flakey.

    That configuration will be more than adequate for a home user. As I advised at the start the e3-1225 I have is used in one of the bigger XGs eg over a 1000 users on high speed links.

     

    Ian

  • 0 in reply to rfcat_vk

    Hi Ian,

     

         Ok reconfigured the setup a bit. Same SuperMicro bare bones unit and processor as before. I checked on SuperMicro's site. It comes with onboard graphics (ASPEED AST2400). I have this same onboard graphics on my current supermicro with the Atom processor and the Atom processor definitely does not support any Graphics features so I should be ok there. I switched out the RAM and SSD to the following:

     

    RAM - I put the SuperMicro motherboard in the Crucial Compatibility Checker and it says this stick is compatible.

    SSD - It is an enterprise SSD which should give me some extra protection and it is really not that expensive and I do backups monthly at a minimum right now on my current firewall which I will continue to do with Sophos XG.

     

    Also, one more quick question. Could you recommend a compatible Intel Dual and Quad NIC Cards? The supermicro comes with 2x Gbe Intel I210 AT NICs on board but I may want to add some more NICs in case I want to play around with like a DMZ network or something like that. Thank you again for all your help with this.

  • 0 in reply to Brian Santomauro

    Hi Brian,

    I used a dual port intel server card. I have searched for a similar card and found them to be about $200AUD. A four port is about $400 or more.

    Stay away from realtek based cards, Intel and broadcom should be okay. I have stayed with the intel series chips except the i219 series.

    Ian

  • 0 in reply to rfcat_vk

    Hi Ian,

     

         Thank you for your response. So these should be ok, right?

     

    Dual Port

    Quad Port