[Feedback] Performance 1Gbit Cable Ger.

Eli,

thanks for your feedback. Can you share the appliance/hw used?

Thanks

Ohh dang it... Sorry just a sec...

Here we go -> https://www.amazon.de/gp/product/B07DJ6B73S/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1

Instead of the J1900 Intel I got mine with the J2900 from Intel -> https://ark.intel.com/content/www/us/en/ark/products/78868/intel-pentium-processor-j2900-2m-cache-up-to-2-67-ghz.html

Dont know what happened there but that is the appliance I ordered over Amazon. ;)

You are welcome 

Sincerely

Eli.

Sorry, your question does not make sense because that is all the licences he has available when using his own hardware, non Sophos hardware.

Ian

Thanks for sharing it.

How much RAM is installed on the system?

Hello @lferrara

the RAM is 4GB. But it seems I found something and have to open a new topic.

Best regards

Eli.

Thanks. With this configuration, I dare you to achieve that performance!

I dare you -> How dare you (Joke) -> https://www.youtube.com/watch?v=CLxpgRqxtEA

Somehow this Firmware is just silly - I was thinking the same thing how can a J2900 (Intel) handle such a load with IPS (on)!!!

So I checked the services to to the modules and I took allot of screenshots:

---- To clarify on traffic load of the CPU it spikes to 70% - 90% until the load dissipates and goes down to 3% - 10% on idle.

I tested the Cable Connection on low load since my neighbors do not use the internet so much. ;) (Shared-Medium and such...)

Sincerely

Eli. 

Hello to all,

a small update from the current situation with the Firewall:

- ATP is active and running

- Synchronized Security is Connected to Sophos Central (Firewall Control)

- But Synchronized Heartbeat and Application Recognition is OFF  

Reason for them to be OFF is that on my Private PC I do not have Intercept X Adv. (Would love to...) But only have Sophos Home Prem. running. (ATM) -> Have to talk to my Sophos Rep. if there is a way for a Private Person to gain a single Lic. for Testing purposes! -> I would go above and beyond to have a testlab were I can Test Configurations by myself without killing our production setup at work. We are a small company and there is no possibility for me to test out such things in peace and in my own pace...

That is why I test this at Home were I can break stuff and try to fix it - Have time - Document my findings with the Sophos Community and learn from each-other. (Could never affort a decent XG appliance and that's why I needed to go 3rd party on that) - I love to experiment but an IT Guy is only as good as the equipment I can get... -.- <- (Feedback to Sophos) I use this opportunity to request a License Scheme were Testers (Partners) can apply for in Home use of Corp. Sophos Products! (I know there is the NFR stuff but allot of Company's use that for Production environment use) and it would benefit both Sophos and the IT-Guy that would be capable to setup Sophos Products more efficiently. (I know there is a Training-Portal) But it is designed in an enclosed environment and gets killed after 90 Days (Cloud Lab) - Its about Testing, Finding, Sharing and getting better quality wise for all parties. 

Best regards

Eli.

P.s. Thanks for reading and I know it is a little off-topic but since I had the chance for mods to be here... Use it... ^^

Hi Eli,

Thank you for your feedback, It's nice to see these number with the J2900.

There must be something wrong with my setup, I currently have an Intel G5400, which is a much faster CPU than your J2900.

On a 240Mbit/s connection I'm getting the same CPU usage as you, while your pushing gigabit.

Anyways, I'm happy to see you can push gigabit with your setup on XG Home.

Thanks,

Hi Prism,

I checked the CPUs on Intel Ark and there are differences.

As much as I understand the XG Firmware I does not benefit from Hyper-Threading so a (Question-mark from me if Virtual Cores apply)

- G5400 -> https://ark.intel.com/content/www/us/en/ark/products/129951/intel-pentium-gold-g5400-processor-4m-cache-3-70-ghz.html

- J2900 -> https://ark.intel.com/content/www/us/en/ark/products/78868/intel-pentium-processor-j2900-2m-cache-up-to-2-67-ghz.html

I know my GHz count way lower but my physical core count is higher. 

The Ram on your setup is much better and next-gen. ;) (In terms of services loaded a Huge benefit) Will update my Ram too someday ^^

The other factor is the Rule-Set on the Firewall and what Services/Modules are loaded and how much Interfaces are used with active clients behind it. 

My PC is the only client behind the Firewall and my applications that I run are:

Since I use a third party application Firewall on my Client I already blocked allot of the talkers on my system:

Potplayer, Winrar, Nvidia Drivers/Apps, Blender, Logitec GHub -> Even got rid of the Provisioned UWP Apps of my Windows 10 Ent. Installation. So my traffic is very streamlined from the client on to the firewall. The less it needs to process the better it gets ;) - The DNS Uplink is my Pi-Hole and that helps with Web-filtering. ^^

Finally got Discord and Epic-Games Launcher to work and they can RIP the Firewall fast. (Had WAN Port Crashes)

That is why I am curious how I can setup this with Intercept X Adv. and the XG Application Control and how it would behave.

Sincerely

Eli.

Hi Eli,

Thanks for the feedback!

Eli said:

As much as I understand the XG Firmware I does not benefit from Hyper-Threading so a (Question-mark from me if Virtual Cores apply)

Yes, by what I heard most of XG doesn't benefit from threads, only real cores, but Snort is one that apparently benefits from it, and It's Snort that's doing IPS. SSL/TLS Decryption, DPI and so on.

Eli said:

The other factor is the Rule-Set on the Firewall and what Services/Modules are loaded and how much Interfaces are used with active clients behind it. 

Yes, I currently have 18 Devices on it, but most of them barely consume any throughput, it's mostly my computer that abuses XG.

The only reason I asked those questions has because I through v18 throughput has slower than v17, but It's better to wait for EAP 3, and GA.

v17:

v18:

Anyways, there's already 3 other threads discussing about performance, i don't want this one to be another one.

Again, Thanks for the feedback, I appreciate that :)

Hi,

the issue with hyper threading is you do not get the full processing power of an equivalent real core. 

Ian

Hi,

the issue with hyper threading is you do not get the full processing power of an equivalent real core. 

Ian

rfcat_vk said:

the issue with hyper threading is you do not get the full processing power of an equivalent real core. 

Yes, i know.

Intel says Hyper-Threading can give 30% performance increase in general.

I've said that before because on the picture I've sent is establishing a single connection, and using a single real core.

Thanks,