For home use I'd reccomend starting at the following basic specs:
CPU: Intel i3 or i5 RAM: 8GB NIC's Intel or Broadcomm.
CPU wise, stay away from Atoms for all but the smallest of installations. If you decide to turn everything on, and have a decent internet link (15Mbps or better), the Atom will slow you down. When picking an i3/i5, GHz matters more then core count. IPS and A/V scanning are single threaded so core speed will speed things up more then core count. Core count only really comes into play when you have a lot of users (such as in an office). Power isn't so much of an issue now as the newest Intel i Series CPU's have power draws very close to that of the Atom family.
RAM I'd say stick with 8GB. 4GB is a practical minimum for 9.2 but doesn't leave much room to grow. RAM is cheap so the extra 4GB gives some headroom. More then 8GB is overkill for home use so don't waste money there.
NIC's it's best to stick with Intel or Broadcomm if the choice is there. Those two are the choice of major server vendors globally and have proven solid under heavy use. Realtek's are okay for home use so don't worry if the onboard NIC is realtek, chances are it will work fine.
If you can find a 'small enough' mini-ITX case with a half-height PCI slot, then it's easy: socket 1155 Motherboard with 1 Intel NIC (Gigabyte or AsRock or Jetway) Haswell CPU RAM Half-height dual-port PCIe Intel NIC (should be under $150, maybe less)
If you need something smaller than that, it gets much more expensive. There's some pre-built systems, or there's a couple mini-ITX boards such as this one: AnandTech | GIGABYTE Server Launches New C2750 Mini-ITX and 2P ATX LGA2011 However, I would be wary of the Atom CPUs unless you don't have a high-bandwidth connection.
Supermicro and others make small rackmount boards/systems with faster CPUs, but they're going to be very noisy.
The Drew is mentioning what I am aiming at; Intel I3 CPU and 4 or 8GB RAM. BarryG is pointing at very interesting hardware. I have 100 Mbps Internet speed and I want to have good flow thorugh the http proxy (as well as SSL) so a Atom CPU is maybee not the best?
It is strange that no motherboard manufacturer has develop av ATX or mini ATX with four Intel nics and Intel I3 CPU support?
Today I am running my setup on ASUS P8H77-V H77 S-1155 ATX IVY, INTEL CORE I5 3470S 2.9GHZ SMB S-1155 IVY and 16GB RAM. The setup is Mythbuntu 14.04 as the KVM host and a virtualized Sophos UTM 9.2 (using virtio network drivers).
I am investigating how I can run the Sophos UTM on a dedicated hardware since I believe this setups have IO bottlenecks concerning network bandwidth. I am using three Intel nics:
External - 100 Mbps connection to Internet
Internal - 1000Mps connection to the internal copper LAN where the host is also a samba file server
Wireless - 1000 Mps connection to the access points with serveral wifi-nets (using VLANS)
The host has also a rocketraid 2710 controller and a [FONT="]TBS6984 [/FONT]DVB S2 quad satellite card. The CPU load have never caused no problems, but I have poor network performance which could be a consequence of high PCI bus load?
The UTM is configured to use 2 CPU:s in KVM. Please also note that KVM are running the VM:s in a separate process on the host os (ubuntu), so I cannot dedicate CPU to a KVM host, such as vmware can.
I have not selected to user vmware esxi since vmware does not support the rocketraid hptraidconf admin software.
considering that rocketraid isn't a real hardware raid but a softraid using a propritary driver that could be your bottleneck. Check here. If you are running Raid anything on this kind of fakeraid card you are putting your system bottlenecked on the card. How many drives? If you ahve 4 i would highly consider removing the fakeraid card..and using the built in MDRAID of the linux kernel. Setup a RAID 10 array it will be much faster than the fakeraid card you are running now.
As far as the hypervisor VMWARE doesn't support fakeraid cards...so if it won't run under Vmware it's either fakeraid or simply ancient. VMware doesn't do MDRaid though so you would need a different raid card.
In your scenario dedicated hardware for your utm is the best option.
Rocketraid driver supports vmware,no problems with that. It is the admin toll that not support vmware. Hptraidconf has either a CLI or web gui and must, as far as I know, run on the host itself.
Now this thread is about to derail, it was supposed to discuss small form factor hardware [:)]
