What kind of Intel CPU is capable to handle the workload?

Hi,

the fastest 4 (real) cores you can find, something like a xeon is better and more power efficient. The overall load will depend on fthe number of firewall rules and policies you put in place. There is no benefit from using PC type CPUs because none of the functions are used.

Ian

Hi, thanks for replying. I am bit confused on your last statement: 

There is no benefit from using PC type CPUs because none of the functions are used.

Can you elaborate more on your last statement? Are you recommending me to look for server type CPUs?

I have a Xeon at home, I can't remember the model number, it is a socket 1150, 4 cores 4 threads CPU.

Hi, thanks for replying. I am bit confused on your last statement: 

There is no benefit from using PC type CPUs because none of the functions are used.

Can you elaborate more on your last statement? Are you recommending me to look for server type CPUs?

I have a Xeon at home, I can't remember the model number, it is a socket 1150, 4 cores 8 threads CPU.

The intel PC CPU come with a number of built in functions eg maths coprocessors which are not used by the XG firmware.

My VM is running a XEON, one of the newer versions. My previous home hardware used XEON 4 core. XEONs ar usually cheaper than the i series CPUs.

Ian

May I know what Xeon model that you are currently running?

Yes, I fully agree. My 4th gen. Xeon that I have now cost a lot less than i7 of the same gen.

Partly due to the fact it has no built-in GPU.  

If the software is running on this hardware, it may be enough.
I run the Sophos Firewall onto "old" SG210 and an additional hypervisor.  It is enough for 100MBit full protection and 5-10 people.
Only a few 25% CPU spikes.
I would just try it if the hardware is there. At home, you can migrate to newer/more performant hardware later.

Hi, my Fibre internet connection at home currently is 30/30 Mbps. 

I dug out old forum link with the help from Google and I found this:

https://community.sophos.com/sophos-xg-firewall/f/discussions/115815/recommendation-hardware-cpu-for-home-use/419601

That post gave some idea of what kind of CPU need to buy to give extra headroom in the future, when more people will be using the internet and upgrade my internet connection to 100Mbps.

Thank you.

My current link id 1000/50 and my XG115W struggles to reach 600mbs.

My VM based XEON does not have issues.

ian

Ok, thanks for sharing 

The Core 2 quad which is only a 45 watt CPU (no hyperthreading) will be fine for XG Home. It will be even better if you don't use HTTPS decryption, and limit your IPS rules. You would have nothing to worry about. It would be on an older motherboard supporting legacy mode BIOS, so you could run the firewall bare-metal without needing to virtualize it with Proxmox, ect. If you have between 4 to 8Gb or RAM, you will be fine, the home version is limited to 6Gb or RAM even if you have more. Any Intel CPU 9th gen or lower will be OK as long as you are using a retail motherboard (not HP) since it can be supported by the firewall, otherwise any current or older gen CPU would be fine if you want to virtualize through Proxmox, VMware, ect.

Also, the older server-grade single/dual/quad port Intel NICs are well supported especially for use in bare metal installation. Realtek NICs are not recommended,. The newer Intel NICs (i219+) would almost certainly need to be virtualized.