Netgate SG-1000 microFirewall

Author Topic: Off the shelf box < $300  (Read 1381 times)

0 Members and 1 Guest are viewing this topic.

Offline johnkeates

  • Hero Member
  • *****
  • Posts: 844
  • Karma: +60/-1
    • View Profile
Re: Off the shelf box < $300
« Reply #15 on: January 20, 2018, 09:28:00 am »
I wouldn’t buy a qotom if you’re concerned about security.

Can you expand on this please?

He was probably referring to the fact that they are chineese-made. But pretty much everything else is too, so it doesn't really matter as much as people think it does.

Another angle I find to refer to myself is the fact that due to their location they have no incentive to update their firmwares and microcode or supply post-sales support. In practise, they seem to be reasonable (a few people on this forum had DOAs and got successful RMAs, no failed post-sales support yet) and they do supply dedicated EMEA, North America and BRIC support contacts on their site. It appears they care enough about their brand name to not just drop hardware all over the world and leave it at that.

Depending on where you are in the world, some other issues might arise like shipping times, taxes and your nation's stance regarding China, but that's just politics and non-product specifics and will very between all countries and vendors all the time. (i.e. the APU2 in the USA is a good choice, but outside it's not that easy to get or cheap at all)

For home use, the good China ODM/OEM boxes are not a bad choice, for business use you'll probably want to keep a private stock of replacement units or use EU or USA vendors instead. Keep in mind that not all asian sales are equal in quality and finding the good ones isn't very easy. So far, at least on this forum, we have identified Qotom and MiniSys as somewhat 'true' vendors (they make their own stuff instead of rebranding white label crap) but there are a ton of resellers just slapping their own brand name on those boxes and pretending they are the manufacturer instead (while not adding any value and asking 100-400 more for the same stuff).

Ideally, we'd manage to get one of the good ones from China to get a deal with pfSense/Netgate/whoever to supply cheap non-commercial-use boxes, but so far I have no clue if either party wants that or is looking for that ;-) Since the ARM-based hardware is already in the Netgate store, I'm not so sure they'd be willing to undercut themselves for a possibly inferior (but cheaper) product. At the same time, Qotom is trying to use the pfSense brandname/trademark/whatever-legeal-definition/copyright to sell their hardware faster, which isn't something that netgate/pfSense wants (makes sense, probably something USA law prohibits as well since you have to defend your claim to trademark/copyright in order to retain it). Normally a vendor would make a deal with the owner of the name to be an official vendor, but that isn't likely to happen in China due to cultural and legal differences.

TL;DR: for home use it likely makes no difference, for business use, you would have to do internal validation before integrating random china hardware.

Offline jusjay

  • Newbie
  • *
  • Posts: 16
  • Karma: +3/-0
    • View Profile
Re: Off the shelf box < $300
« Reply #16 on: January 20, 2018, 09:46:29 pm »
Thank you for the detailed reply John - much appreciated.

Offline jusjay

  • Newbie
  • *
  • Posts: 16
  • Karma: +3/-0
    • View Profile
Re: Off the shelf box < $300
« Reply #17 on: January 20, 2018, 11:32:08 pm »
I want a small off the shelf box which either comes preinstalked with pfsense or pfsense can be installed on without complication and that is fast enough to provide > 70mbps. I am aware that pfsense no longer supports pptp and hence it would have to be openvpn.

I'm using the APU2c4 in Australia and get up to 95 Mbps with OpenVPN. I note that one user recently reported some difficulties with pfSense installation - see https://forum.pfsense.org/index.php?topic=141618.msg . That said, I did a fresh installation 2-3 days ago from usb stick with pfSense-CE-memstick-serial-2.4.2-RELEASE-amd64.img and all went well. My bios details:

Vendor: coreboot Version: 88a4f96 Release Date: Mon Mar 7 2016

The APU2c4 with a case (but no SSD) cost about $US 160 delivered to Australia from PCEngines in Europe in 2016.
« Last Edit: January 20, 2018, 11:35:59 pm by jusjay »

Offline johnkeates

  • Hero Member
  • *****
  • Posts: 844
  • Karma: +60/-1
    • View Profile
Re: Off the shelf box < $300
« Reply #18 on: January 21, 2018, 08:30:02 am »
The APU will probably work fine in this case. Only remaining issue is that it would be utilised 100% directly from the start; if the ISP decides to give you more speed in the future, you'd need faster hardware to use it with the VPN. If upgrades are unlikely in the coming 3-4 years, the APU is the way to go.

Offline ivor

  • Administrator
  • Hero Member
  • *****
  • Posts: 736
  • Karma: +154/-135
    • View Profile
    • Netgate
Re: Off the shelf box < $300
« Reply #19 on: January 21, 2018, 02:46:25 pm »
Locking this thread in order to prevent another QOTOM promotion.
Need help fast? Commercial support: https://www.netgate.com/support/

Offline jwt

  • Administrator
  • Sr. Member
  • *****
  • Posts: 370
  • Karma: +104/-34
    • View Profile
Re: Off the shelf box < $300
« Reply #20 on: February 08, 2018, 04:01:28 pm »
I wouldn’t buy a qotom if you’re concerned about security.

Can you expand on this please?

He was probably referring to the fact that they are chineese-made. But pretty much everything else is too, so it doesn't really matter as much as people think it does.


Having the board made in China, and having China load the firmware and software present on your machine are different things.

Are most (volume) CMs based in China: Yes.

Do you have any assurance of what you purchased: No.

Qotom doesn't care about after the sale.

Moreover, the primary means of funding the continued development of pfSense is via appliance sales.