The limitations for the home license of Sophos firewall XG is 4 CPU cores and has a limitation of 6Gb or RAM maximum. For your scenario it depends on how many users you will have.

There is no official hardware compatibility list, but the requirements are:

The system (motherboard) you use must support legacy BIOS and booting in legacy mode.

Intel "server oriented" NICs are recommended since they are the most compatible. Most dual port LAN PCIe cards you buy are "server grade" and will mostly work. Obviously try to avoid NICs from Realtek since these are less supported.

Some of the newer Intel NICs are not supported yet such as the i219 and i225, so be careful if using one of the fanless firewall appliances. Ultimately you may need to virtualize your firewall using KVM, Hyper-V or ESXi to run the Sophos Firewall on "unsupported" hardware. This may be difficult depending on your skillset.

The choice of hard drive is up to you, but a minimum of 64Gb seems to be the norm. A consumer 256Gb SSD is no issue.

If you are building a system yourself you will need a fast enough CPU to handle a gigabit download speed, but generally any modern dual/quad core CPU should work fine. I'd recommend any CPU 3 Ghz or faster. This is just a recommendation. Slower CPUs may work fine if you don't need too many IDS rules.

A good motherboard that seems fast enough would be a mini-ITX from Asrock, the Asrock J5040 mini-ITX, and it seems to be one of the only mini-ITX worth getting these days, as many of the older ones are very slow such as the J1900.

So it depends on if you are building your own system or wanting to go with a firewall appliance.

Hi Alan, thx for your answer . I have plan to use my old hardware, h110 chipset , i5 6500, 8gb ram, 256sdd (or m2 disk) and 4xNIC Pcie card. 
my home stuff ,2xPC, laptop, NAS, IoT, TVs, 4xmobile, promox with SPlunk and other, VPN for mobile when im outside . 

That should be fine. But know that the home version of the XG firewall can only use up to 6Gb or ram. Good luck, it shoulds like you already know what you're doing. I have been using the UTM for about 6 years and just switched to the XG home firewall yesterday. Some ways of doing things is odd compared to the UTM but the XG appears to be pretty solid once you get used to the idea of zones.

I have an HP Deskpro PC with that same CPU but I'll be damned if I didn't try for days to get the XG or the UTM to boot from it. I was so close to installing the XG on Proxmox but I don't know how secure Proxmox is, being exposed directly to the internet like that. 

installing on proxmox is another point that can fail. that's why I opt for a standalone machine
I will install on what I have and squeeze as much as I can out of it. then I will know for sure if it is the optimal equipment for my needs

Let us know how the install goes. I hard a real hard time getting the XG to boot beyond the Grub boot menu. I had to create the bootable image on USB stick using Etcher, then boot the legacy USB option. And the boot screen is known to hang with a blinking cursor...something to do with it not supporting UEFI.

Somehow I got it to work after trying different boot methods, after disabling UEFI and secure boot.

Hi,

the i5 is an overkill. Not sure about m2 support?

Ian

the i5-6500 is a quad core 3.2 Ghz CPU it is fine for the speeds he wants to obtain. 300/50. Sometimes you have to use what you have.

If he has that fine, if he is going to purchase a new CPU then no. The i5s run a lot hotter than other processors, that is what my comment is based on.

Ian

i dont have issue when using rufus and DD -option when crating bootable usb

i also have i3-6100 and i3-7100. but i thought a 4 core processor would be a better choice.
rfcat_vk what is your suggestion  ?