Jump to content
RESET Forums (homeservershow.com)
itGeeks

Sophos UTM is getting a new version and guess what? No more 50 IP Limit.

Recommended Posts

Drashna Jaelre

So in line with the above, what is the 'recommended' limit for cpu usage before one should investigate the option of a faster CPU? I am much happier with a CPU that averages 3% busy than one that averages 30% busy. Rule of thumb?

I'd guess that power consumption would play a factor in that decision.

Personally, I'd recommend something like the Celeron J1900 (it's a quad core celeron, that clocks in at a TDP of 10W), otherwise, the Core i3 4130T is a nice, lower powered CPU (dual core with hyperthreading). 

 

Or you can go overboard. It really depends on your needs. 

But if you're doing a lot of downloading, especially of scan-able files, then a better CPU makes sense. Otherwise, a lower powered one should work fantastically and not cost you an arm and a leg on your power bill.

Share this post


Link to post
Share on other sites
nrf

Cool. Based on the download delays I am seeing, it seems like after scanning the download it then makes you re-download from the site, otherwise I would expect an extremely fast local download. Can anyone confirm?

Share this post


Link to post
Share on other sites
Poppapete

I think it makes a big difference to CPU usage depending on your web filtering. Decrypt and scan is very secure and scans all traffic which must be CPU intensive. URL filtering just checks the connection address against your category list which is not so CPU intensive. It obviously helps to reduce this cpu load by letting devices (xbox, TV, Phones) bypass the decryp and scan.

 

I have a Xeon E3-1230V3 3.3Ghz and as soon as I tick decrypt and scan the browsing slows noticeably and cpu usage climbs.

Share this post


Link to post
Share on other sites
itGeeks

Cool. Based on the download delays I am seeing, it seems like after scanning the download it then makes you re-download from the site, otherwise I would expect an extremely fast local download. Can anyone confirm?

In there new version still in beta you now have the option of download 1st scan 2nd or scan first download 2nd, This is very nice to have these options now.

Share this post


Link to post
Share on other sites
itGeeks

I think it makes a big difference to CPU usage depending on your web filtering. Decrypt and scan is very secure and scans all traffic which must be CPU intensive. URL filtering just checks the connection address against your category list which is not so CPU intensive. It obviously helps to reduce this cpu load by letting devices (xbox, TV, Phones) bypass the decryp and scan.

 

I have a Xeon E3-1230V3 3.3Ghz and as soon as I tick decrypt and scan the browsing slows noticeably and cpu usage climbs.

From what I understand "Snort" is the problem with all of this because it does not make use of multiple cores so a fast dual core i3 is better then a slower quad-core at least that's the advice if you have a small user base because you simply wont have enough users to ramp up all those extra cores from idle so throughput would be worse. From what I here there is development going on now with "Snort" for multi-core support but know one knows when its going to be released. As for bypassing devices like TV's, Phones, Ect. I agree 100% I make groups for all my devices so I can easy add to my rules where needed, The Groups that I created are as follows-

 

Computers & Laptops

Gaming Consoles

IP Cameras

Phones & Tablets

Picture Frames

Printers

Servers

Switches & Access Points

TV & DVD & Blu-Ray Players 

Share this post


Link to post
Share on other sites
itGeeks

Sorry I wanted to edit my post abouve to add this but could not.

I am currently running Sophos on a Atom D525 with 4GB of memory and overall I am happy with the performance but the one thing I can say is when I enable IPS my internet speed drops allot but the end user does not notice it. I am now in the process of setting up a new Supermicro Server with an Intel Xeon E3-1231V3 Haswell 3.4 GHz 8MB L3 Cache  I am going to try my shot with my first ever VM and see how Sophos runs on it.

 

This is also a pretty good read for anyone interested-

Installing Sophos UTM Home, Virtualized or Bare Metal https://www.astaro.org/gateway-products/hardware-installation-up2date-licensing/55462-installing-sophos-utm-home-virtualized-bare-metal.html

Edited by itGeeks

Share this post


Link to post
Share on other sites
nrf

The Groups that I created are as follows-

 

Computers & Laptops

Gaming Consoles

IP Cameras

Phones & Tablets

Picture Frames

Printers

Servers

Switches & Access Points

TV & DVD & Blu-Ray Players 

another member of the 'too many gadgets' squad! :)

Edited by nrf
  • Like 1

Share this post


Link to post
Share on other sites
itGeeks

another member of the 'too many gadgets' squad! :)

Its beats playing pool :D

Share this post


Link to post
Share on other sites
itGeeks

I'd guess that power consumption would play a factor in that decision.

Personally, I'd recommend something like the Celeron J1900 (it's a quad core celeron, that clocks in at a TDP of 10W), otherwise, the Core i3 4130T is a nice, lower powered CPU (dual core with hyperthreading). 

 

Or you can go overboard. It really depends on your needs. 

But if you're doing a lot of downloading, especially of scan-able files, then a better CPU makes sense. Otherwise, a lower powered one should work fantastically and not cost you an arm and a leg on your power bill.

I would be really interested in how Sophos would run on a Celeron J1900, My gut tells me it probably would run well based on how it ran on my Atom D525 but I don't use Decrypt and Scan at this time but I do use IPS.

Edited by itGeeks

Share this post


Link to post
Share on other sites
Taffeys

From what I understand "Snort" is the problem with all of this because it does not make use of multiple cores so a fast dual core i3 is better then a slower quad-core at least that's the advice if you have a small user base because you simply wont have enough users to ramp up all those extra cores from idle so throughput would be worse.

Exactly why I chose to run an i3-4170 in my box.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now



×
×
  • Create New...