Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 21 replies
  • Subscribers 13 subscribers
  • Views 38997 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Specs needed for a build for a google fiber WAN using HOME use version"?

chriswise
I am going to be getting Google fiber at my house soon and would like to put together a server build to run the home version of Sophos that will be able to handle the full gigabit of up and down speed I will have while still using the antivirus and intrusion prevention features. I currently have a 100 Mb connection and am using an older sonic wall but even this goes down to 70 MB whenever I turn on the gateway antivirus and intrusion prevention so there is no way it will handle my new connection.


This thread was automatically locked due to age.
  • 0
    Basically.
    1/. very fast CPU way over 3ghz (dual core will be adequate, quad core if that is all you can get) i3, celeron, e3, i5 if desperate.
    2/. 8gb ram
    3/. Intel, Broadcom NICs (there is a third one)
    4/. no hyper threading

    That should allow to use all features, at this stage the intrusion software is still single threaded and will be your bottle neck. But with high ghz cpu shouldn't limit too much and will your receiving devices be able handle that amount of data at that speed?

    All the best and all I can do is dream that one day I might get a 100mb/s service.

    Ian
  • 0 in reply to IanMorehouse
    how about something like this? I can get a good deal on this used dell rackmount online
    Processor (CPU): Intel Xeon i3-2100 Dual Core 3.10GHz 3MB 5.0GT/s 65W

    Memory (RAM): 8GB (4 x 2GB) DDR3 RAM
    Supports up to 32GB

    Hard Drives: 2 x Used Dell 1TB 7.2K 3.5in SATA Enterprise

    Optical Drives: Optical Drive Not Included
    (
    Network Card (NIC): Two embedded Gigabit Ethernet ports
    Storage Controller: Software based SATA (RAID 0, 1)
  • 0

    That's fine. It'll minimize the hit you'll take to perceived speed, but there will still be a hit. As Ian said, Snort, which UTM uses for IPS, is single-threaded.  Makes it near impossible to get full throughput at gigabit speed.

  • 0 in reply to chriswise
    I think that setup would be just fine. Make sure to turn off Speedstep technology in the BIOS if it has it (Xeon boards usually do) and check the NICs, make sure that they are Broadcom and/or Intel based chipsets. Dell usually uses Broadcom based NICs in their hardware. If they are Realtek, avoid it, or don't use the NICs and get your own.
  • 0 in reply to Scott_Klassen
    Does the commercial version of the software do something different to be able to achieve higher throughput of the ips?
  • 0
    Nope, exactly the same. Only difference is license details. Paid licensees have to cope with the same issues.
  • 0 in reply to Scott_Klassen
    so how does something like the SG 310 get 5 gig?
    SG 310
    Firewall throughput 17 Gbps
    VPN throughput 34 Gbps
    IPS throughput 5 Gbps
    Antivirus throughput 1.2 Gbps
  • 0

    @Chriswise:  Because those numbers are from marketing, created through benchmarking in a highly controlled, closed, test lab. The difference with real-world performance numbers and the marketing numbers can be significant.  The value is as a point of comparison between different appliance models, NOT as a direct reflection of the performance you'd see in the real-world. 

  • 0 in reply to Scott_Klassen
    Interesting.
    I was also considering getting 2 of the commercial versions of these UTM for my medical practice (I have 2 offices now with a total of ~70 employees that each have older sonicwalls also) but if the specs are all hype maybe I will reconsider. What kind of hardware does the, since I already used that example, SG 310 have that it can, even in a test lab, get those spec'd numbers?
  • 0
    SG310: 180GB SSD HD, 12 GB RAM, Intel Core i3 4330 CPU.