Best Hardware for PfSense 2020

(Last Updated On: November 7, 2020)

PfSense, based on FreeBSD is an open-source firewall or a router computer software. It, however, can be installed on a machine or a computer to make a firewall or a router. Since configuration & up-gradation is no more a problem as through a web-based interface, you can easily be able to alter the FreeBSD system.

C. Buechler & S. Ullrich worked on this PfSense project in 2004 & released the first project in 2006. The Packet filtering tool gives its name to the product. Netgate had been employing the domain opnsense.com to dishonor the OPNsense & also obliged Netgate in transferring the domain to Desico as a competing open firewall source. We have compiled some of the best hardware for PfSense in the article. We suggest you have a look at them.

Here are some of the feature considerations for PfSense, however this feature might not be affected with hardware but still hardware utilization is an important factor. Considering the VPN usage, we must consider that using a VPN will increase the CPU requirements. Hence the AES-NI acceleration here can decrease the CPU requirements significantly. Captive Portal users will also need more power of CPU. Another feature State Tables also affect the hardware (CPU) usage. Generally, 1 KB of RAM is needed for a single state table. For example, consider a RAM of 1 Gigabyte. A firewall of 1GB RAM will need a 100 MB of RAM available for all the state tables. So adequate RAM must be available for the proper working of all the state tables in a large environment comprising of thousands of connections.

We are providing some of the minimum requirements for the hardware needed for PfSense 2.x. however, these are just the minimum ones & not appropriate for all the environments & can slow down the whole system.

GENERAL REQUIREMENTS
MinimumCPU- 500 MHz / RAM-512 MB
RecommendedCPU- 1GHz / RAM- 1GB
SPECIFIC REQUIREMENTS
Full InstallationCD-ROM or USB / 1 GB hard drive

Network Card Selection is also an important hardware selection factor. Network cards (NICs) is of significant importance as it is vital for performance. The reason behind this is, that inexpensive NICs can drench your CPU & then cause difficulty in handling. Network cards on Intel chipsets are more effective & efficient in working when they are used in conjunction with PfSense.

Also, the CPU selection is an important factor as we have described the usage of CPU above in detail. We have gathered some information & presenting it to you. However, these stats can be increased or decreased slightly. For 10 to 20 Mbps the recommended modem is Intel or AMD clocked at 500MHz. while for 21 to 100 Mbps the recommended modem is 1.0 GHz Intel. And next is the category 101 to 500 Mbps & a modem of at least 2.0 GHz is needed. The final category is 500+ Mbps & multiple cores at 2.0+ GHz are necessary for this. Hence throughput must be considered well in order to secure your Wireless network with PfSense. Here is the list of the best hardware for PfSense.

Best Hardware for PfSense (Comparison)

NameDimensionsWeight 
Protectli Intel Celeron E3865U6 x 5 x 2 inches2.2 PoundsCheck Price
Protectli Intel Celeron J19005.3 x 1.4 x 4.9 inches2.65 PoundsCheck Price
QOTOM-Q190G4-S025.3 x 5 x 1.9 inches1.98 PoundsCheck Price
SG-51008.5 x 5.5 x 1.8 inches3 PoundsCheck Price

 

Firewall Micro Appliance Intel Celeron E3865U (Protectli)

The body is fan-less, solid & small designed for a firewall router. The E3865U device is compatible with a number of open-source firewall developments. However, this vault has been undergone many of the tests to examine the compatibility with many of the famous open firewall source software.  The FW6A-0 barebone version often comes without RAM & mSATA storage for buyer’s convenience, so that the buyer can easily select the option that meets the needs of the application.

Its compatibility hence includes PfSense CE, VyOS, OPNsense, Untangle, & Windows. Some of the listed hardware specifications are Intel Celeron Dual-Core CPU E3865 & 64 bit, 1.8 GHz 2MB smart cache. Also, AEI-NI hardware supports the 6X Intel 82583V NIC ports. Hence this device is featuring the 6X Intel Gigabit Ethernet NIC ports. Hardware support for up to 32 GB DDR 1866/2133 MHz RAM. There are four USB ports 3.0 & 1x RJ-45 COM port & 1x HDMI port. For smooth & easy functions this device has been equipped with Power Button LED, Power LED, & HDD activity LED. This has a Power supply of 15 watts approximately employing US cord runs and also a 15W wireless card kit is available. The card can be fixed easily in the already drilled holes of USB communication. The ideal operating temperature for this is 14 to 122 degrees Fahrenheit. The aluminum enclosure is a giant heat sink which keeps the CPU cool.

ProsCons
Efficient & silent operationDoesn’t have a watchdog timer
Compatible with many open source software distributions
Decent design

Conclusion

This Firewall Micro Appliance Intel Celeron E3865U is solid & efficient for silent & effective functioning & compatible with a number of Open Sources Software Distribution. It comes with a maximum of 6 ports. The 6 network port design that leverages a low power, but versatile Intel Celeron 3865U CPU. It is quite sturdy & has a fanless silent operation because the vault is fanless this is why it has no moving parts. It easily runs on approximately 15 Watts under moderate load.

 

 

Firewall Micro Appliance Intel Celeron J1900

The Firewall Micro appliance is a tiny PC that can be used as a firewall/router. This is produced & marketed by Protectli. Protecli is a California based firm that has a vast range of firewall devices of 2,4 & 6 ports. FW1 is 4 port network device with Intel Celeron J1900 processor which is  64-bit, 2.0 GHz & 2 MB L2 Cache.

It includes 1x USB 2.0, 1x USB 3.0 ports. There is an mSATA slot& DIMM slot. The mSATA slot is used for a boot device& it comes with preinstalled 8GB mSATA SSD. The DIMM slot uses DDR3L Ram which is easy to source& it has a 4GB DDR3L Ram. There is also a PCIe port where you can fit the optional wireless card & these cards are available from Protectli. It has predefined holes in it for the wifi antennas.

It provides you the liberty to use different open source firewall software like PfSense & Netgate. It is compatible with the different operating systems. But there is no HDMI port. For the home users, this is a bit disadvantage but in the traditional environment, VGA port works best. The vault uses regular Intel components (Network ports) that result in incompatibility with a number of operating systems, containing a variety of open sources firewall projects.  This vault is also fanless so it also has no moving parts, which results in an incredibly durable platform that can be used in less than ideal environments.

ProsCons
Fan-less productIntel AES-NI Not Supported
4 processor coresNo HDMI, only VGA
Integrated Intel HD Graphics
Compatible with many open source software distributions

Conclusion

The absence of moving parts along with no fan makes this device durable & environment-friendly. Protectli designed its aluminum case very intelligently because it works as a giant heat sink, keeping the CPU cool. The ideal temperature for this also is 14 to 122 degrees Fahrenheit. It runs on approximately 10 Watts under moderate load with 18W max.

 

 

QOTOM-Q190G4-S02

Shenzhen Qotom Technology Co., Ltd is a China-based firm that was established in 2004. QOTOM has a wide range of mini pcs & mainboard. Q190G4 has Intel Celeron Processor J1900(Quad-Core 2M Cache,2 GHz, up to 2.41 GHz).

It comprises 3x USB 2.0, 1x USB 3.0 ports. It’s good to have too many USB ports options.  There is an mSATA SSD slot & DIMM slot. But there is no installed Hard drive & RAM. You have to install these by yourself. Its memory slot Support 2G/4G/8GB 1333/1600MHz DDR3 SO-DIMM Memory. It has predefined holes in it for the wifi antennas but the same is the case with these holes. You have to install by yourself. You can run it on any available operating system like Windows 7,8 & 10. It has no pre-installed operating system on it. There is a good opportunity for you to buy it & customize the storage, memory & operating system according to your needs. It can be used with firewall software but pfSense v2.5 requires AES-NI which Q190G4 doesn’t support; therefore v2.5 & future versions of pfSense are NOT supported. The good thing about this mini Pc is that it comes with a year warranty and tested by the company itself before they deliver to the customer. If the customer is not satisfied with the configuration he can return the product right after they receive it. This is real peace of mind because not many manufacturers give such an offer.

ProsCons
The best option for customizationNo RAM & SSD storage
Low-cost deviceNo Wi-Fi & No Operating System
Fan-less quite operationIntel AES-NI Not Supported

Conclusion

Mini PC QOTOM- Q190G4 can act as a host by applying to the home & office, library, hospital & restaurant, bank & almost of where need a computer. The good thing is, it is a fanless device & works quietly without making noise. You can easily run tons of applications with this. Highly recommended.

 

 

SG-5100 NetgateSecurity

The SG-5100 comes as the first and only pfSense software device which lets you enjoy the utmost unique features. The elegant and exceptional GUI made it more exciting to use this security gateway appliance for configuring or managing your Firewall, VPN, Router, Gateway, Cloud Edge networking, and many more platforms. Another unique attribute is the already in-built VPN wizard which enables it to connect the VPN connections securely with Amazon EC2.

Considering the compatibility and versatility, this Netgate device is supportive towards IPsec, OpenVPN, IPV6, NAT, BGP, and many more formats. The device employs the Intel Atom CPU Quad Core 2.2 GHz which is providing you with utmost high performance and enhances the AES-NI performance effectively.  AES-NI features make sure that all the data you’re sending via the device is safe and encrypted. Also, it makes sure that nobody hassle with sent or received data. You can even attain the speeds of 3.8 Gbps/ 1.3mbps quantity using your six ports on the device which are supported by the DDR4 RAM. You don’t need to unbox it and perform a setup as t comes with a built-in pfSense software;  which is functional right from the unboxing. The passive cooling system of the device makes it more convenient for long time use.

ProsCons
DD4 RAMNo novice-friendly
AES-NI technology
Intel Atom CPU Quad Core 2.2 GHz

Conclusion

The SG-5100 device can be used right out of the box. The construction of the device is amazing because of its passive cooling system which is completely fanless and keeps the device safe from overheating.

 

 

Overall Conclusion

pfSense is an open-source firewall or router computer software distribution based on ‘FreeBSD’. PfSense is pretty flexible & can easily be adapted to many applications ranging from a normal home router to a firewall for a large corporate network. This system is very easy to install & maintain offering a very useful web-based user interface. PfSense contains many features that are often only found in very expensive commercial routers. The above-listed vault/devices are the best hardware for pfSense.

 

 

Recommended Readings (Best Choices)

Leave a Reply

Your email address will not be published. Required fields are marked *