The limitations for the home license of Sophos firewall XG is 4 CPU cores and has a limitation of 6Gb or RAM maximum. For your scenario it depends on how many users you will have.

There is no official hardware compatibility list, but the requirements are:

The system (motherboard) you use must support legacy BIOS and booting in legacy mode.

Intel "server oriented" NICs are recommended since they are the most compatible. Most dual port LAN PCIe cards you buy are "server grade" and will mostly work. Obviously try to avoid NICs from Realtek since these are less supported.

Some of the newer Intel NICs are not supported yet such as the i219 and i225, so be careful if using one of the fanless firewall appliances. Ultimately you may need to virtualize your firewall using KVM, Hyper-V or ESXi to run the Sophos Firewall on "unsupported" hardware. This may be difficult depending on your skillset.

The choice of hard drive is up to you, but a minimum of 64Gb seems to be the norm. A consumer 256Gb SSD is no issue.

If you are building a system yourself you will need a fast enough CPU to handle a gigabit download speed, but generally any modern dual/quad core CPU should work fine. I'd recommend any CPU 3 Ghz or faster. This is just a recommendation. Slower CPUs may work fine if you don't need too many IDS rules.

A good motherboard that seems fast enough would be a mini-ITX from Asrock, the Asrock J5040 mini-ITX, and it seems to be one of the only mini-ITX worth getting these days, as many of the older ones are very slow such as the J1900.

So it depends on if you are building your own system or wanting to go with a firewall appliance.

Hi Alan, thx for your answer . I have plan to use my old hardware, h110 chipset , i5 6500, 8gb ram, 256sdd (or m2 disk) and 4xNIC Pcie card. 
my home stuff ,2xPC, laptop, NAS, IoT, TVs, 4xmobile, promox with SPlunk and other, VPN for mobile when im outside . 

installing on proxmox is another point that can fail. that's why I opt for a standalone machine
I will install on what I have and squeeze as much as I can out of it. then I will know for sure if it is the optimal equipment for my needs

Let us know how the install goes. I hard a real hard time getting the XG to boot beyond the Grub boot menu. I had to create the bootable image on USB stick using Etcher, then boot the legacy USB option. And the boot screen is known to hang with a blinking cursor...something to do with it not supporting UEFI.

Somehow I got it to work after trying different boot methods, after disabling UEFI and secure boot.

Hi,

the i5 is an overkill. Not sure about m2 support?

Ian

the i5-6500 is a quad core 3.2 Ghz CPU it is fine for the speeds he wants to obtain. 300/50. Sometimes you have to use what you have.

If he has that fine, if he is going to purchase a new CPU then no. The i5s run a lot hotter than other processors, that is what my comment is based on.

Ian

i dont have issue when using rufus and DD -option when crating bootable usb

i also have i3-6100 and i3-7100. but i thought a 4 core processor would be a better choice.
rfcat_vk what is your suggestion  ?

• A 4 core processor is best, hyper threading does not provide the same performance . I did use an i3 for a while but it got tooo hot. I prefer the Xeon series because they don't have a very high performance video onboard.

ian

What features are you planning to use?

If your only going to use IPS + App & Web filtering any of those processor you have will be able to handle both of your Links.

Overall I recommend you to use the i3-7100, It's two years newer than the others and have a lower overall power consumption. (And higher AES-NI throughput for things such as TLS Decryption and SSLVPN.)

PS; Almost all of the i3-7100 motherboards have CSM support, if you enable It first then there should be no issues installing Sophos Firewall. (You wont need to use Proxmox.)

Prism Prism  which of xeon cpu you recomended for h110?

Prism Prism  which of xeon cpu you recomended for h110?