You could try sophos XG, its a full UTM the only limits are 4 cores and 6gb of ram. Depending on the cores you should get the throughput you want, has a lot of features included for free.
Free Firewall for Home Users | Free Home Security Appliance Download | Sophos XG Firewall
It will only use 4 processors, if you install it on something that has more than 4 it just wont use them, or you run it as a vm. The E3 line of xeons are quad cores.What kind of processor would you run there? 4 cores pretty much cuts out most of the Xeons. Something like a 7700K means no RDIMMS, I suppose an i3 and reg mem?
Looking at the higher end big name devices, they seem to include quite a bit of processing power.. I thought I might dump these 4655v3's or a set of 2643V4's in there..
Current PFSense vm is hosted in a 44 core server... trying to get it out of a virtualized environment.It will only use 4 processors, if you install it on something that has more than 4 it just wont use them, or you run it as a vm. The E3 line of xeons are quad cores.
hmm.. yeah make sure not to put tons of rules etc on if you want to push 1g full duplex. Wont handle that very well iirc.If you're just looking for a firewall, even the $79 EdgeRouter can manage full Gb. It's not going to consume a ton of power for a stateful firewall. It's all of the other features that will start to increase your hardware requirements.
On pfsense, if you use snort, it is still a single threaded process so you're limited in what it can filter and analyze through that single thread. YOu could use surricata for multi-threaded performance.
As a point of reference, I'm running a Sophos XG home edition UTM at home. It is running as a VM with 4 vCPU, 6GB RAM, 100GB SSD and 2 NIC ports. The hardware it is running on is a Dell R230 with a E3-1240v5, 64 GB DDR4 RAM, a 4 port Intel Gb NIC card and a 400GB SSD.
My home connection is sadly only 940Mbps but I've been able to fully utilize the bandwidth with everything turned on (full UTM including AV, IPS...etc). The Sophos CPU utilization doesn't go higher than around 30% when downloading at full throttle and memory utilization hovers around 45% mark with 61 devices including 15 hosted web servers for various applications.
If you want a full UTM, then based on this, the R230's specs may fit perfectly, just exchange the NIC for a 10G card I suppose.
Are you referring to the EdgeRouter or Sophos? I can see the EdgeRouter crapping out if there are a ton of rules.hmm.. yeah make sure not to put tons of rules etc on if you want to push 1g full duplex. Wont handle that very well iirc.
EdgerouterAre you referring to the EdgeRouter or Sophos? I can see the EdgeRouter crapping out if there are a ton of rules.