I would greatly appreciate any suggestions for a home firewall that can handle 1 Gbs fiber to the house.
My current setup is a Zyxel USG 20 to a Cisco Sg500 switch.
I have two ports free on the SG500 for uplinks (I use only one, but I can run LAG if needed - though this seems extreme a 1 Gbs).
I currently run VLANS only on the SG500 in level 3 mode (isolate IOT devices like thermostats, sprinkler system etc, NAS, guest wireless network, etc).
Primary use is a source for hosting interactive university online classes, general web use and higher bandwidth multimedia (4K feed - Amazon, Netflix etc, internet radio).
So nat performance is very important and I would like to have some headroom above wire speed.
I have no real need for wire speed VPN bandwidth, but I am looking for the option to do some packet inspection etc.
Here is what I have narrowed it down to what I think can handle the above:
Group 1 running pfsense, opnsense or untangle on one of
1. A kaby lake ULV-series series low power pc (like a Shuttle DS77Ux series)
2. protecli fanless also with Kaby lake ULV-part (like the FWB6x series)
Sadly, I do not have any older pc's hanging around to re-purpose.
Group 2 dedicated hardware
1. Ubiquiti ER-4
2. Cisco Rv340
3. Mikrotik ?
I like the concept of pfsense etc, though I as unsure of the hardware requirements needed relative to routing/firewall performance in my group 1 approach above.
I would like to avoid doing a whole lot of software development (it has also been a while since I did BSD unix kernel development or built a BSD kernel+system from source), but I would not consider that a showstopper if that is what is needed.
Thank you in advance for your time
Keith
My current setup is a Zyxel USG 20 to a Cisco Sg500 switch.
I have two ports free on the SG500 for uplinks (I use only one, but I can run LAG if needed - though this seems extreme a 1 Gbs).
I currently run VLANS only on the SG500 in level 3 mode (isolate IOT devices like thermostats, sprinkler system etc, NAS, guest wireless network, etc).
Primary use is a source for hosting interactive university online classes, general web use and higher bandwidth multimedia (4K feed - Amazon, Netflix etc, internet radio).
So nat performance is very important and I would like to have some headroom above wire speed.
I have no real need for wire speed VPN bandwidth, but I am looking for the option to do some packet inspection etc.
Here is what I have narrowed it down to what I think can handle the above:
Group 1 running pfsense, opnsense or untangle on one of
1. A kaby lake ULV-series series low power pc (like a Shuttle DS77Ux series)
2. protecli fanless also with Kaby lake ULV-part (like the FWB6x series)
Sadly, I do not have any older pc's hanging around to re-purpose.
Group 2 dedicated hardware
1. Ubiquiti ER-4
2. Cisco Rv340
3. Mikrotik ?
I like the concept of pfsense etc, though I as unsure of the hardware requirements needed relative to routing/firewall performance in my group 1 approach above.
I would like to avoid doing a whole lot of software development (it has also been a while since I did BSD unix kernel development or built a BSD kernel+system from source), but I would not consider that a showstopper if that is what is needed.
Thank you in advance for your time
Keith
