This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What kind of Intel CPU is capable to handle the workload?

Hi,

I could not find any information about the CPU to run Sophos Home Firewall v20.

All I know is that FW v20 only can run on Intel CPUs and supports 4 cores. 

Given that I have an old Intel Core2 Quad 8XXX, which does not supports Intel AES instruction, 

would the CPU be running slow as an VPN server? 

If not, what kind of Intel CPU is recommend? Intel 3rd Gen CPUs?

The home firewall will be used at home catering about 2-6 people.

Thank you.

Regards,

Marcus



This thread was automatically locked due to age.
  • Hi,

    the fastest 4 (real) cores you can find, something like a xeon is better and more power efficient. The overall load will depend on fthe number of firewall rules and policies you put in place. There is no benefit from using PC type CPUs because none of the functions are used.

    Ian

    XGS118 - v21.0.1 MR1

    XG115 converted to software licence v21.0.1 MR-1

    If a post solves your question please use the 'Verify Answer' button.

    • Hi, thanks for replying. I am bit confused on your last statement: 

      There is no benefit from using PC type CPUs because none of the functions are used.

      Can you elaborate more on your last statement? Are you recommending me to look for server type CPUs?

      I have a Xeon at home, I can't remember the model number, it is a socket 1150, 4 cores 4 threads CPU.

      • The intel PC CPU come with a number of built in functions eg maths coprocessors which are not used by the XG firmware.

        My VM is running a XEON, one of the newer versions. My previous home hardware used XEON 4 core. XEONs ar usually cheaper than the i series CPUs.

        Ian

        XGS118 - v21.0.1 MR1

        XG115 converted to software licence v21.0.1 MR-1

        If a post solves your question please use the 'Verify Answer' button.

        • May I know what Xeon model that you are currently running?

          Yes, I fully agree. My 4th gen. Xeon that I have now cost a lot less than i7 of the same gen.

          Partly due to the fact it has no built-in GPU.  

        • Hi, thanks for replying. I am bit confused on your last statement: 

          There is no benefit from using PC type CPUs because none of the functions are used.

          Can you elaborate more on your last statement? Are you recommending me to look for server type CPUs?

          I have a Xeon at home, I can't remember the model number, it is a socket 1150, 4 cores 8 threads CPU.

        • If the software is running on this hardware, it may be enough.
          I run the Sophos Firewall onto "old" SG210 and an additional hypervisor.  It is enough for 100MBit full protection and 5-10 people.
          Only a few 25% CPU spikes.
          I would just try it if the hardware is there. At home, you can migrate to newer/more performant hardware later.


          Dirk

          Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
          Sophos Solution Partner since 2003
          If a post solves your question, click the 'Verify Answer' link at this post.

        • The Core 2 quad which is only a 45 watt CPU (no hyperthreading) will be fine for XG Home. It will be even better if you don't use HTTPS decryption, and limit your IPS rules. You would have nothing to worry about. It would be on an older motherboard supporting legacy mode BIOS, so you could run the firewall bare-metal without needing to virtualize it with Proxmox, ect. If you have between 4 to 8Gb or RAM, you will be fine, the home version is limited to 6Gb or RAM even if you have more. Any Intel CPU 9th gen or lower will be OK as long as you are using a retail motherboard (not HP) since it can be supported by the firewall, otherwise any current or older gen CPU would be fine if you want to virtualize through Proxmox, VMware, ect.

          Also, the older server-grade single/dual/quad port Intel NICs are well supported especially for use in bare metal installation. Realtek NICs are not recommended,. The newer Intel NICs (i219+) would almost certainly need to be virtualized.

          • Hi, Thanks for sharing.

            I am going to run Sophos Firewall on a dedicated PC, so Proxmox is not applicable to my case.


            Yes, I was thinking about using Core 2 CPU but did not proceed due to the following reasons:

            1) This platform does not have built-in GPU, meaning I will have install a cheap VGA card and that is going to drive up the wattage usage.
            2) This CPU does not support AES-NI, so running it will be slow when I have VPN server set up.
            3) I need to use PCI-E express bus X16 slot to install my quad port INTEL NIC which uses X4 PCI-E lanes, how am I going to install a cheap VGA card?