Home Hardware?

[SHV_30067]

Hi,

Not a UT user yet.

Questions please:

- ISP 1000/20 at home. Z4 Plus versus a FW6 series protectli 8 GB/ i3: Z4 shows 500 throughput NGFW, Celeron processor 4 core. Protectli has i3 2 core (4 thread I believe). With Web Filter, App Control and Intrusion on, will the i3 Protectli get me over the 500 estimated Z4+ limit?

Overall, with any hardware- what is the reasonable upper limit with App, IPS and Web filter enabled?

- Not hardware, but NGFW question: For digging into stats- are hostnames (‘pretty’ device names) available in most reports? For example, on the untangle demo, there are no IPS alerts showing- but even if there were, the columns only seem to show IP addresses. With DHCP it can be tough to know what the device was that issued the alert. Even a MAC ID would help- is that available?

- UniFi AP easy to set up with hardware?

- Ditto VLAN easy to set up?

Thanks!

[Kryptonit3]

I hit over 900Mbps (hardwired, no other traffic on the network - I have 1000/1000 AT&T) with a Fitlet2 J3455 w/ 8GB RAM and SSL Inspection, Web Filter, Bandwidth Control, Application Control (not using it yet though), Firewall, Ad Blocker turned on. It is running on a Transcend 128GB SATA III MTS600 60mm M.2 SSD and the RAM is Kingston Technology HyperX Impact 8GB 1600MHz DDR3L CL9 SODIMM 1.35V.

Functions flawlessly. I know I don't answer your question, but maybe you can look up the specs and benchmark/passmark rating and see. I believe the i3 has more power than my CPU.

Looking at the reports, unlike most of the other App reports it doesn't look like it shows the hostnames.

I use two UAP-AC-Nanos and host Unifi on a docker container for WiFi management (24/7 controller running not required but needed for larger deployments and mesh/uplink and healing, for a home scenario if you don’t have the means such as a NAS or server/always-on-computer to run the controller you will be fine without it). Assuming you need more than one AP anyways. The APs are fine with any router/firewall system.

[CMcNaughton]

Well..I can't get too much into comparisons like that, but with "any hardware" the limitation can just come down to bandwidth. Our z12 appliance, for example, has almost no dropoff in NGFW throughput, thanks to the processor/etc. As far as the other questions:

--Lots of reports can show hostnames (if they're presented to the NGFW by the client device), and it's a condition on the dashboard:
005.png

--UniFi AP's are simple enough (I have one at home) but you'll need the PoE injector with our hardware
--VLANs are basically a button in the interfaces menu - it's about as easy as we can make it, and there's lots of documentation/etc.

Hope that helps!

[LaurentR]

Get a Qotom Q355G4, ~$225 shipped (naked) quad-core i5 and able to do 1Gbps fully featured without a sweat. Add 4GB of DRAM and an SSD and you're set.

If you have been looking at the Z4 Plus, the Qotom will look familiar.

On the Unifi side, there are quite a few people running Unifi L2 + Untangle (me included) and it's a great combination. UT is the king of dashboard/stats and trying to figure out what's going on when Unifi is very much lacking in that department.

If you are wired, I recommend you use a single LAN port on the UT box, hit a Unifi switch and drive your AP and other devices from there. That will simplify the Unifi VLAN rollout. FOr the AP, you can use PoE injectors (in the box with most but not all Unifi APs) or drive them directly from the Unifi switch (if you buy a PoE one). The new Switch Lite 8 PoE is a good choice.

[SHV_30067]

@CMcNaughton: Thanks- as an employee, I understand you can’t get into those comparisons. I know too the real answer is dependent on lots of factors too.

Generic question then: to get over the rated Celeron’s Z4+ 500 Mb limit- what’s the lowest processor you would suggest for home 1 Gig asymmetric use? i3 dual core “good enough”, i5 needed, etc.?

Z12 looks great- overkill for house use (and budget...)

Thanks!

[Brutos]

I am running a Qtom i5-7200U 16GB ram and 256 SSD I got from china, my connection is 1000/120Mbps and I haven't seen the CPU go over 20% even if am hammering the connection at full speed download

[NoahGreat]

Never get over 800Mbps....

[NoahGreat]

Mb its a provider issue

[soldier]

1+ for Qotom. Cheap, reliable, quiet (passive cooling which never gets hot). I've been running Untangle for 2 years now, no issues whatsoever.
Mine is: Intel(R) Core(TM) i3-6100U CPU @ 2.30GHz, 8Gb DDR3 and 120Gb SSD. I always recommend 8Gb of RAM, though I know 4 Gb is enough but just to be on the safe side / futureproof . It's not a huge difference in price between 4 and 8Gb so better to be safe than sorry. The reason I'm suggesting that is when I first install Untangle it was using 20-25% of my RAM. With 16.0.1 it's on 38%.

[rnatalli]

I've setup quite a few routers with Qotom hardware and it works well. Stick to the ones with Intel Core processors as those processors have AES-NI and the NICs tend to be Intel on those boxes. Protectli is another option which isn't quite as good a value in terms of hardware, but they have nice boxes and good US-based support.

For Qotom, I've noticed sometimes the BIOS doesn't always remember the power on after power loss setting, but there's a way to do it by jumper:

https://www.youtube.com/watch?v=-2pZi3hf2f4