Netgate SG-1000 microFirewall

Author Topic: SG-1000 <--> SG-3100 ..... Gap  (Read 1114 times)

0 Members and 1 Guest are viewing this topic.

Offline Gil

  • Full Member
  • ***
  • Posts: 114
  • Karma: +3/-2
    • View Profile
Re: SG-1000 <--> SG-3100 ..... Gap
« Reply #15 on: November 16, 2017, 10:59:33 pm »
From a networking view point, I certainly wouldn't argue. I'd no doubt be out of my depth in any case.
However, we don't all have the luxury of installing remote devices in racks with controlled environments and unlimited power sources.
From my perspective; pfSense provides more than an opportunity for an Enterprise level solution, but it also filters down to very hardy, small & inexpensive devices that will do incredible things.

I am interested in the comment about ADI building for PC Engines. I have no idea about who is providing the engineering for what.
I don't wish to tread on any toes regarding the politics of hardware development, I just want maximum choices & also to see the project continue through appropriate support.

11 cheers for binary

Offline ivor

  • Administrator
  • Hero Member
  • *****
  • Posts: 754
  • Karma: +156/-135
    • View Profile
    • Netgate
Re: SG-1000 <--> SG-3100 ..... Gap
« Reply #16 on: November 17, 2017, 09:00:01 am »
No, ADI doesn't build for PC Engines. We use ADI Engineering as manufacturer.
Need help fast? Commercial support:


  • Guest
Re: SG-1000 <--> SG-3100 ..... Gap
« Reply #17 on: November 17, 2017, 11:42:13 am »

However, I still have no suitable 3 port hardware replacement for the APU in the near future.
You will be able to go with the pfSense SG-2440 as you need one or two ports more! In the other way please
accept that the development and engeenering team is working hard on newer devices, but to solve them all
they are doing here and there something that all users, customers and clients will be sorted right. Please
accept this. For sure the newer ARM devices range or further series will be a first try out and yes, for small
companies this can be really different to hit the right point or value the most of us have. I am pretty sure
that they will not leace the other alone, but lokking what is going on exactly now in time I mean, is also
really urgent;
- C2000 Serie was out
- AES-NI, QAT and DPDK are on the road
- ARM support was comming and each pfSense image must be more then for other platforms matching the only
one platform due to drivers and other things, so there is no way to offer a small pfSense genric ARM image!!!
- ARM64 support is on the road
- C3000 platform is under construction and testing
- Rewriting pfSense 3.0 and totally new from the sratch

Perhaps we will see at one day something between this both units (SG-1000 and SG-3100) others vendors
as SolidRun ClearFog Base and Pro will be offering that "gap" between those units too! So it is not only able
to tend on the pfSense it selfs.

So you see it will be happen all at this time and if the pfSense version 3.0 will be done I think they will have more
time to solve other things as you and others are asking here.

For my circumstances I would be happy to accept the HDMI / Free BSD issue. But the MT devices are relatively large and only have 2 x NICs.
MT divices are coming with one or two ports and you wish to have one more then three ports, is this right?

I still believe that Netgate has a gap in supported devices, which lies between the SG-1000 and the SG-3100.
If there will be at one day a smalle ARM based unit that will be able to delivers 2, 3, 4 and 6 Ports you will be
impressed, but only because you are asking they donīt do it. And ARM64 support is also on the road!

The APU2 appears to fill this nicely, with a small form factor, 3 x NICs, and AES-NI support.
You may be able to get another different case and inserting a miniCPie card that is offering dual GB LAN Ports.

It will run the community version of pfSense (at least up to v2.5) and it seems that you can also purchase gold support for it --??
With each hardware from here or there you will be able to get a Gold membership if you are interested in! It is hardware
indipendent thing as I am right informed and will support the project.

Netgate used to sell APU devices with the Netgate brand.
When and where this was done?

This kit was sold in the netgate sjop, but as a APU1Cx kit and nothing to do with netgates
others prodcut range or hardware in their shop. Other do as well here in Germany, they were
selling products from PC Engines, Soekris and MikroTik like their customers were asking for.

Is there a reason why they could not do this with APU2 devices?
What should they do with the APU2Cx platform? You and me, if we both are running a real shop or company
will be able to call PC Engines and order perhaps >1000 units from them, to sell them then in our shop,
company or over elsewhere without any issues or hassle. They are rpoducing and selling now their own
hardware nothing more and nothing less.

Is it a commercial hurdle with PC Engines?
Why? They sell to everyone such as private or business clients without any problems.
« Last Edit: November 19, 2017, 06:01:18 am by BlueKobold »

Offline Gil

  • Full Member
  • ***
  • Posts: 114
  • Karma: +3/-2
    • View Profile
Re: SG-1000 <--> SG-3100 ..... Gap
« Reply #18 on: November 20, 2017, 04:05:45 am »
Thanks for the reply and all the info.

In answer to your question about the Netgate APU purchases, they were done as complete units - not the kit: (APU1d4)

I install this equipment in remote sites under harsh climates. The APU routers have performed very well - reaching extreme CPU temperatures that would boil water.
This is also a concern for the thermal properties of an SG-1000; there is not much room for natural air convection. Has anyone enhanced the heatsink on an SG-1000 ?

Regarding the Minnow options:
The MBT units don't have 3 ports, which means I need to add additional hardware for a second LAN port - there is very limited room in the security boxes.

My comments are not meant as criticisms, I am very impressed with the hardware that has been available and with the pfSense developments. I am simply conveying my perspective as a user (albeit - one who pushes the envelop of endurance a little).

11 cheers for binary

Offline bbrendon

  • Jr. Member
  • **
  • Posts: 52
  • Karma: +3/-0
    • View Profile
Re: SG-1000 <--> SG-3100 ..... Gap
« Reply #19 on: November 22, 2017, 01:20:33 pm »
When are new x86 models coming out. I'm concerned about being able to run only arm binaries on these new models.