Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 34 replies
  • Answers 1 answer
  • Subscribers 45 subscribers
  • Views 8259 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What kind of Intel CPU is capable to handle the workload?

Wepee

Hi,

I could not find any information about the CPU to run Sophos Home Firewall v20.

All I know is that FW v20 only can run on Intel CPUs and supports 4 cores. 

Given that I have an old Intel Core2 Quad 8XXX, which does not supports Intel AES instruction, 

would the CPU be running slow as an VPN server? 

If not, what kind of Intel CPU is recommend? Intel 3rd Gen CPUs?

The home firewall will be used at home catering about 2-6 people.

Thank you.

Regards,

Marcus



This thread was automatically locked due to age.
Parents
  • 0

    The Core 2 quad which is only a 45 watt CPU (no hyperthreading) will be fine for XG Home. It will be even better if you don't use HTTPS decryption, and limit your IPS rules. You would have nothing to worry about. It would be on an older motherboard supporting legacy mode BIOS, so you could run the firewall bare-metal without needing to virtualize it with Proxmox, ect. If you have between 4 to 8Gb or RAM, you will be fine, the home version is limited to 6Gb or RAM even if you have more. Any Intel CPU 9th gen or lower will be OK as long as you are using a retail motherboard (not HP) since it can be supported by the firewall, otherwise any current or older gen CPU would be fine if you want to virtualize through Proxmox, VMware, ect.

    Also, the older server-grade single/dual/quad port Intel NICs are well supported especially for use in bare metal installation. Realtek NICs are not recommended,. The newer Intel NICs (i219+) would almost certainly need to be virtualized.

  • 0 in reply to alan weir

    Hi, Thanks for sharing.

    I am going to run Sophos Firewall on a dedicated PC, so Proxmox is not applicable to my case.


    Yes, I was thinking about using Core 2 CPU but did not proceed due to the following reasons:

    1) This platform does not have built-in GPU, meaning I will have install a cheap VGA card and that is going to drive up the wattage usage.
    2) This CPU does not support AES-NI, so running it will be slow when I have VPN server set up.
    3) I need to use PCI-E express bus X16 slot to install my quad port INTEL NIC which uses X4 PCI-E lanes, how am I going to install a cheap VGA card?

  • 0 in reply to Wepee

    Hi,

    I would check whether the AES-NI is supported on the software licence?

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

      

    Someone asked the same thing about AES-NI support  6 years ago, but no one answer.......

    community.sophos.com/.../aes-ni-require-in-future

  • 0 in reply to rfcat_vk

     

    After further digging from Google I found this post:

    https://community.sophos.com/sophos-xg-firewall/f/discussions/119782/hardware-acceleration-aes-ni-isn-t-being-used-on-the-software-version-of-xg-v18?pifragment-2944=3

    Sophos Firewall AES-NI support

    It seems that AES-NI is only supported in Sophos Hardware Appliance.Frowning2

    Is this information still valid in 2024?

  • +1 in reply to Wepee
    Wepee said:
    Is this information still valid in 2024?

    It isn't.

    Currently at v20 MR2, AES-NI is supported for Software/VM installations. (Including home licenses.)

    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v21 GA @ Home

    Sophos ZTNA (KVM) @ Home

Reply
  • +1 in reply to Wepee
    Wepee said:
    Is this information still valid in 2024?

    It isn't.

    Currently at v20 MR2, AES-NI is supported for Software/VM installations. (Including home licenses.)

    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v21 GA @ Home

    Sophos ZTNA (KVM) @ Home

Children
Unfiltered HTML