Hardware specs for DIY appliance

cryptochrome said:

Hi,

I want to build my own appliance for the home edition. Are there any spec sheets or something similar that will tell me what kind of performance I can expect from different processors (Celeron, Atom, i3, i5 etc.)?

Specifically, my home internet uplink has 400 mbits and I run many parallel sessions that I would all like to protect with IPS, AV, SSL-decryption etc. - So I need to build an appliance that can handle the 400 mbit with all features enabled. If I were to buy a Sophos XG appliance, I would probably go for a XG105. Unfortunately Sophos don't tell the hardware specs on their site... 

Right now I am looking at a Zbox MI551 that has a 6th gen Intel i5 quad-core at 2.2 Ghz. Overkill? Good enough? I wouldn't mind some extra breathing room, I just need to avoid having a box that's too slow.

Have a look at this pdf:

http://www.infinigate.at/fileadmin/user_upload/Products/Sophos/Products/Network_Protection/sophos_xg_series_sizing_guide_sgna.pdf

You can find number of CORE and RAM to be used when a certain numbers of users is used. Use the PDF to calculate the type of users (Average, Advanced and Power) and you will find the answer.

[;)]

Excellent, thank you very much! :)

Hi Crypto,

Another thing to take note of is that the core detection for the license is only on physical cores not logical so if you have a CPU with Hyperthreading it won't count any extra cores :)

Also, with that speed of network connection for your internet, you might want to look at a faster processor, this is because Intrusion Prevention and other scanning systems will cause a network overhead if the processor isn't fast enough. That i5 does look pretty good though!

Edit: These metrics may not apply to you but if you look at the XG330 series and above throughput specs, those two boxes are the only two that quote a realworld throughput of above 400mbps. But if you're using it as a proxy, that drops to a 450 series and above! A 330 uses a Quad Core i5 at 2.9GHz and the 400 series uses Quad Core Xeons!

Also, if you're going for a home license, you're only allowed 2 cores and 4GBs of RAM maximum...that may be a stickler as that i5 in the Zbox is a quad core so you wouldn't be able to use all the cores.

Emile

Hi Emile,

that'S very good information, thank you. I haven't even looked at the realworld figures in that document. Now that you are pointing that out, it looks like I might need some more power, as I have a 400/20 (down/upstream) internet connection. And that can have sustained peaks. 

One thing confuses me in your post: You said the Home Edition is limited to 2 cores and 4GB RAM. The official site where you can request the license says it's 4 cores and 6 GB RAM. https://www.sophos.com/en-us/products/free-tools/sophos-xg-firewall-home-edition.aspx

Thanks

Cryptochrome,

your are right. 4 CPU and 6 GB of RAM. If you build a system with more resources, however XG Home License will use only 4CPU and 6 GB of RAM.

Enjoy.

Hurm...apologies for the misinformation, I don't know where I got 2c4GB from, I distinctly remember it being that.

Ignore everything in my post about the 2 core limitation, 4C6GB is correct!

No worries. Maybe the 2C4G is a limit that was enforced on older versions :)   All good. Appreciate you help guys, thank you!

Possibly it was but now i'm quite annoyed at myself as I bought a Zbox CI321 Nano as a miniature box for this and now it's under powered drastically, looks like I may need to dip into the secret account the other half doesn't know about for an upgrade, ha ha!

On a side note, the HDMI port may not work and you will need a Display Port to VGA adaptor. I did for the CI321 as the HDMI uses HDCP which XG and UTM don't have drivers for (last time I checked on Jan 2016).

Good luck and hope you get on with the unit :)

Emile

Ok, now I can see why you would be annoyed, I would be too :-) 

I've done some more research and decided to not buy the ZBox but go with a complete DIY box based on the Shuttle DH170 barebone. A very nice little machine, supposedly very quiet, supporting 6th generation Core processors. It only comes with two gigabit ethernet ports, but I will do some VLAN tagging. I am going to order the Core i5-6600 for it, which has 4 cores at a base frequency of 3.3 Ghz and can turbo boost to 3.9. This should give me plenty horsepower, equivalent to probably something in the XG330+ range. 

Thanks for the hint with the HDMI port. The Shuttle D170 comes with two DisplayPorts, so I shouldn't have a problem (and I am used to configuring systems through a serial console). 

Now all I need is some time to dig into this :)

Sounds like a nice unit, I was taking a peep at that on my last trawl. As of the latest release, you can now accept the license agreement from the console which you couldn't before. Depending on how much I can get away with I may use the Zbox as a media server which what was going to be my backup configuration for it :)

Looking forward to hearing how it goes!

Emile