pfSense Gold Subscription

Author Topic: SG Series desktop appliances  (Read 2457 times)

0 Members and 1 Guest are viewing this topic.

Offline ivor

  • Administrator
  • Sr. Member
  • *****
  • Posts: 586
  • Karma: +134/-125
    • View Profile
    • Netgate
SG Series desktop appliances
« on: March 04, 2017, 03:16:35 pm »
PAGE UPDATE IN PROGRESS

SG series desktop appliances at-glance. You can purchase official pfSense appliances from our store.

SG-3100

- ARM v7 Cortex-A9 @ 1.6 GHz with NEON SIMD and FPU
- 2GB DDR4L
- 8GB eMMC Flash
- 2x 1 Gigabit Ethernet Ports, configured as dual WAN or one WAN one LAN. Four-port 1 gbps Marvell 88E6141 switch, uplinked at 2.5 gbps to the third port on the SoC for LAN.
- SOHO / remote worker application



SG-4860

- Intel Atom 2.4 GHz 4-Core
- 8GB DDR3L
- 32GB eMMC Flash
- 6x Intel 1GbE
- Small and Medium Business / Gigabit speeds



Ask any questions you may have about these units!
« Last Edit: September 22, 2017, 12:41:54 pm by ivor »
Need help fast? Commercial support: https://www.netgate.com/support/

Offline paftdunk

  • Jr. Member
  • **
  • Posts: 48
  • Karma: +6/-2
    • View Profile
Re: SG Series desktop appliances
« Reply #1 on: June 02, 2017, 09:38:10 pm »
What the heck is going on with Netgate pricing in the past few months? The 2220 and 2440 both doubled in price to $887 and $1137 respectively. The prices were premium before, but this is just absurd.

Offline ivor

  • Administrator
  • Sr. Member
  • *****
  • Posts: 586
  • Karma: +134/-125
    • View Profile
    • Netgate
Re: SG Series desktop appliances
« Reply #2 on: June 03, 2017, 05:09:22 am »
What the heck is going on with Netgate pricing in the past few months? The 2220 and 2440 both doubled in price to $887 and $1137 respectively. The prices were premium before, but this is just absurd.

It's because of bundled support, select community support for old pricing!
Need help fast? Commercial support: https://www.netgate.com/support/

Offline gjkjunk

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: SG Series desktop appliances
« Reply #3 on: September 11, 2017, 11:22:50 am »
I see the new SG-3100 is coming out.  Is this compliant with the v2.5 AES-NI requirement?  From what I can find, it isn't, but I would like to confirm before purchase.  Thank you!

Offline ivor

  • Administrator
  • Sr. Member
  • *****
  • Posts: 586
  • Karma: +134/-125
    • View Profile
    • Netgate
Re: SG Series desktop appliances
« Reply #4 on: September 11, 2017, 02:43:09 pm »
I see the new SG-3100 is coming out.  Is this compliant with the v2.5 AES-NI requirement?  From what I can find, it isn't, but I would like to confirm before purchase.  Thank you!

Yes, it's compatible. All Netgate / pfSense hardware has AES-NI or its own cryptographic accelerators required for 2.5.
Need help fast? Commercial support: https://www.netgate.com/support/

Offline aus_guy

  • Newbie
  • *
  • Posts: 16
  • Karma: +2/-0
    • View Profile
Re: SG Series desktop appliances
« Reply #5 on: October 07, 2017, 12:20:38 am »
will the SG3100 show all interface as assignable in software or 3 interface with the 3rd only acting as a dumb switch. not worried about the bandwidth limitation if they are assignable.

Offline ivor

  • Administrator
  • Sr. Member
  • *****
  • Posts: 586
  • Karma: +134/-125
    • View Profile
    • Netgate
Re: SG Series desktop appliances
« Reply #6 on: October 07, 2017, 05:21:47 am »
Each port can be assignable, switch supports VLAN's.
Need help fast? Commercial support: https://www.netgate.com/support/

Offline alex_london

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: SG Series desktop appliances
« Reply #7 on: October 16, 2017, 02:45:36 pm »
Each port can be assignable, switch supports VLAN's.

Sorry for the naive follow-up, I haven't used pfSense in ages and have recently been looking to return; does this mean the 4 switched ports can be used as individual ports/networks (e.g. LAN, DMZ1, DMZ2) and traffic can be routed via firewall policies between them?

Also, is the SG-3100 capable of handling synchronous Gigabit traffic? I'm asking about basic NAT/PAT traffic, anything encrypted (IPsec) will be restricted to around 30-40Mbps as that's all the remote side would be capable of.

Thanks,
-Alex

Offline ivor

  • Administrator
  • Sr. Member
  • *****
  • Posts: 586
  • Karma: +134/-125
    • View Profile
    • Netgate
Re: SG Series desktop appliances
« Reply #8 on: October 16, 2017, 02:59:57 pm »
Code: [Select]
Sorry for the naive follow-up, I haven't used pfSense in ages and have recently been looking to return; does this mean the 4 switched ports can be used as individual ports/networks (e.g. LAN, DMZ1, DMZ2) and traffic can be routed via firewall policies between them?
Yup!

Quote
Also, is the SG-3100 capable of handling synchronous Gigabit traffic? I'm asking about basic NAT/PAT traffic, anything encrypted (IPsec) will be restricted to around 30-40Mbps as that's all the remote side would be capable of.

Yes, device can do up to a gigabit synchronous. IPsec maxes out around 300mbps, while OpenVPN throughput is up to 95Mbps.
Need help fast? Commercial support: https://www.netgate.com/support/

Offline alex_london

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: SG Series desktop appliances
« Reply #9 on: October 16, 2017, 04:53:04 pm »
Excellent, thanks... I think I'll be placing my order soon enough!

Offline ivor

  • Administrator
  • Sr. Member
  • *****
  • Posts: 586
  • Karma: +134/-125
    • View Profile
    • Netgate
Re: SG Series desktop appliances
« Reply #10 on: October 17, 2017, 10:42:26 am »
Thank you!
Need help fast? Commercial support: https://www.netgate.com/support/

Offline MervinCM

  • Jr. Member
  • **
  • Posts: 64
  • Karma: +2/-0
    • View Profile
Re: SG Series desktop appliances
« Reply #11 on: October 19, 2017, 02:08:17 pm »
Considering SG3100. Is it only a single core CPU? (thought it was a dual/quad core)

What do I need to know about the factory Gold version in a year when it expires? I would not be renewing the Gold subscription, but would want to continue to use the hardware, and I would want to continue to be able to apply incremental patches and even whole version (2.5) upgrades after that 1 year period. Would I have to wipe and install the community version? Does it just drop functionality to community version? Does it stay at the current version and no further patches / upgrades will apply?

thanks!
 


Offline ivor

  • Administrator
  • Sr. Member
  • *****
  • Posts: 586
  • Karma: +134/-125
    • View Profile
    • Netgate
Re: SG Series desktop appliances
« Reply #12 on: October 19, 2017, 05:33:31 pm »
The SG-3100 will have a recovery partition which will allow you to always reinstall your SG-3100 without downloading images. You will always be able to use the factory version, not Community Edition.
Need help fast? Commercial support: https://www.netgate.com/support/

Offline MisterGlass

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: SG Series desktop appliances
« Reply #13 on: October 20, 2017, 09:55:08 am »
Currently I'm running a test vm on a host that is overkill and want to replace it. I'm looking for new hardware and I don't want to build it. It has to be fanless and low power. I want to buy something that is future-proof and can't figure out what packages you can run.

I've read that the ipsec vpn throughput of the SG-3100 is about 300 mbps. I'm not sure if this is a Netgate statement or confirmed in an actual test. My internet is 200 mbps down, but looking to upgrade to 400 mbps.

I want to install these packages:
  • VPN ipsec (all outbound traffic)
  • pfBlockerNG
  • snort or suricata
  • Freeradius2
Optional package:
  • HAVP
Would these packages work on a SG-3100 without loss in performance?
Or should I get a SG-2440/SG-4860? Any other suggestions?

https://www.netgate.com/support/supported-pfsense-packages.html
  • snort SSD/HDD is strongly recommended
  • suricata SSD/HDD is strongly recommended

Do I also need a mSATA?

Thanks!

Offline ivor

  • Administrator
  • Sr. Member
  • *****
  • Posts: 586
  • Karma: +134/-125
    • View Profile
    • Netgate
Re: SG Series desktop appliances
« Reply #14 on: October 20, 2017, 10:15:19 am »
Yes, those IPsec numbers are correct. SG-3100 seems like a great choice for you. As for SSD, it's recommended but not "a must". We don't sell M.2 'B' SSD options for the SG-3100 just yet (but we intend to). I suggest you try running Snort or Suricata first off internal eMMC, I doubt you will have issues.
Need help fast? Commercial support: https://www.netgate.com/support/