Is there any speed/performance advantage in have a Server Motherboard with four (4) NIC's (one (1) NIC for WAN and the other three (3) NIC's for LAN)? I have a tendency to do 'overkill' builds. Example: https://www.newegg.com/Product/Product.aspx?Item=N82E16813182996 Also, this CPU is probably 'overkill', but it is what I would get for the above Motherboard along with 4GB or more of RAM: https://www.newegg.com/Product/Product.aspx?Item=9SIA2F84D69076
Advantage compared with what? It has 2 LAN Chipset Intel I210-AT The processor power depend on what you plan to do with Sophos: traffic filtering, IDS IPS, the bandwidth... But for home use you won't need a powerful one. The advantage of the Apollo lake motherboards is the power consumption 10W they include the processor and are quite cheap. For home use it should be more than enough If you plan to spend that much money I would buy a normal motherboard with a better and more efficient processor in other to have Sophos and a server both virtualized, to run a NAS or whatever you want, so you can invest money on hard disks or whatever.
I was looking at the different AsRock Apollo Motherboards in the link and they have PCI Express x16's and/or x1's. Is the Intel I350 NIC a PCI Express X4?
Yes the I350 is PCIe x4, you would need to get the asrock J3455M and use the x16 slot. In any case you can always use the PCIx1 lanes for another gigabit nic, and you can always have more physical ports by using a switch for devices that doesn't require bandwidth, although anyway most of them use wifi. It depends of what you need, for home use should be enough I think, and is really cheap and very efficient 10W. https://www.sophos.com/en-us/products/unified-threat-management/tech-specs.aspx The Sophos SG 105 has an Intel Atom C2358 https://ark.intel.com/es-es/products/77978/Intel-Atom-Processor-C2358-1M-Cache-1_70-GHz https://community.sophos.com/produc...47/real-world-performance-on-new-sg100-series https://community.sophos.com/produc...formance-tests-hardware-benchmarks-unofficial Keep in mind the limitation of 4 cores and 6gb of memory of Sohphos XG firewall free. I guess you will try this one and not the UTM version. One of the most consuming things is the IDS/IPS, but the 98% (guess) of rules are intended for Linux and windows servers, apache, tomcat, webspere, radius... tech that belongs to servers and enterprises, so probably you would need only to activate a few rules so the performance impact will be little. Think about your requirements: bandwidth, users, services that are going to be active, etc first.
I forgot that there are two free Home choices from Sophos: 1. Sophos UTM Home Edition 2. Sophos XG Firewall Home Edition Once I decide on the hardware, which one should I use? Are the CPU/RAM limitations the same for Sophos UTM Home Edition (4 Cores/6 GB)? Thanks.
I would use XG since soon or later UTM won't be develop anymore and it has an additional limitation of 50 IP The HW limitations are the same for both.
It would be nice if Sophos made Sophos Sandstorm free to XG Home users. https://blogs.sophos.com/2016/12/21/sandstorm-comes-to-xg-firewall/
This Server Barebones looks tempting. It is being sold for around $350. Once memory is added, along with a SSD/HD, the price would be somewhere around $500. The CPU Benchmark of the Intel N3700 CPU is roughly double the CPU Benchmark of an Intel Atom D525. However, I would like more CPU 'Muscle' (even though I probably don't need the extra CPU 'Muscle'). http://www.supermicro.com.tw/products/system/Mini-ITX/SYS-E200-9B.cfm Is there any advantage in having those four NIC ports (Quad Gigabit Ethernet LAN ports with Intel® I210-AT)? Thanks in Advanced. Comments: The CPU Power Consumption is shown as 6 Watts. I don't see any chipset heat sink(s), but since it is a low wattage system maybe they are not needed.
I finally got some good comparisons on how much CPU/RAM are needed for Sophos UTM Hardware. Sophos SG 125 Appliance: Intel Atom C2358 (CPU Benchmark = 961) RAM = 4 GB Firewall throughput = 3.1 Gbps VPN throughput = 500 Mbps IPS throughput = 750 Mbps Antivirus throughput (proxy) = 200 Mbps Sophos SG 210 Appliance: CPU: Intel Celeron G1820 (CPU Benchmark = 2779) RAM: 8GB Firewall throughput = 11 Gbps VPN throughput = 1 Gbps IPS throughput = 2 Gbps Antivirus throughput (proxy) = 500 Mbps SuperMicro SuperServer E200-9B: CPU: Intel Pentium N3700 (CPU Benchmark = 1876) RAM: 8GB (Limited to 6 GB by Sophos UTM Free Version Licensing) http://www.supermicro.com.tw/products/system/Mini-ITX/SYS-E200-9B.cfm Conclusion from the above: The SuperMicro SuperServer E200-9B with 8 GB of RAM should be more than adequate for my future Home Network UTM Firewall. My biggest concern was the throughput with Antivirus scanning enabled. Even if I cut these throughputs in half, I should still be OK. Sources: https://www.sophos.com/en-us/medialibrary/PDFs/factsheets/sophos-sg-series-appliances-brna.pdf https://community.sophos.com/produc...29824/sophos-hw-appliance-tech-specs-detailed Edit: Maybe I need to dig a little deeper. I found some documentation that shows that adding other features such as Application Control, IPS, Web Filtering, etc. can really cut the throughput down.
Looks like they are going to keep both products utm and xg firewall. https://news.sophos.com/en-us/2015/11/09/sophos-utm-9-is-still-alive-and-kicking/
No, that post is from 2015, UTM will slow down its development until they will just maintain it and then probably kill it, Sohos XG Firewall will be the main and "only" product in the future. At least this is what I read in the forums, if they prolong the life of UTM is due to its user base and some limitations in features of XG
