Netgate Store

Author Topic: Gigabit Internet with quite a few packages enabled  (Read 215 times)

0 Members and 1 Guest are viewing this topic.

Offline tufozt

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Gigabit Internet with quite a few packages enabled
« on: May 16, 2018, 08:46:16 pm »
I have been reading up for the past few days to find users who can verify CPU/RAM requirements that have enabled all IDS IPS Snort packages AND achieved gigabit WAN-LAN speeds.  And if they turned on other packages like Suricata, VPN, AV scanning and/or SquidGuard, it wouldnt affect their gigabit internet speeds at their home with 50 to 60 various devices.

In your reply, please note the hardware specs you are using and which packages are turned on and what LAN-WAN-LAN speeds are you getting?  In other words, are you able to fully utilize your gigabit speeds while you have all those fw/IDS/IPS/AV packages turned on?

(I would like to turn on (Snort/Suricata, pfBlocker, OpenVPN, HAVP, SquidGuard, pfBlockerNG, Darkstat) and still be able to fully utilize my gigabit Internet connection)

Please dont just say i5 AES CPU and 4GB should work.  I am looking for real world experiences.

Thanks!

Offline tufozt

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Gigabit Internet with quite a few packages enabled
« Reply #1 on: May 17, 2018, 09:21:20 am »
Is there no one with gigabit internet connection and IDS/IPS plus a few other packages turned on AND able to utilize their gigabit internet without issues?

Offline Conz

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: Gigabit Internet with quite a few packages enabled
« Reply #2 on: May 17, 2018, 10:13:03 am »
I am actually in this same position ...
I have 500/500 internet with a reasonable chance it will go up to 1/1 Gbps in the not so distant future.
Everywhere I look it's setup's for 'high speed office connections' and  then you look and it's not even 100Mbps.

I was looking at the Sophos UTM as well and there's people over there with this problem too. The problems start when you want to enable the 'whole shebang' in features, more specifically the IDS/IPS functionality because that's a resource hog.

If you leave that out then the requirements go down drastically.

Offline stephenw10

  • Administrator
  • Hero Member
  • *****
  • Posts: 12491
  • Karma: +506/-15
    • View Profile
Re: Gigabit Internet with quite a few packages enabled
« Reply #3 on: Yesterday at 08:19:48 am »
The problem with this question is that it becomes difficult to get any sort of meaningful result when you start running packages like that.

You can't just run a test against speedtest.net and expect it to reflect real world throughput.

Even if you did it's difficult to compare that with anyone else since there are so many variables in a package like Snort.

The biggest restriction you have listed there though is OpenVPN. Are you wanting to use that for your full 1Gbps? Because that requires a much higher power cpu.

Steve