I am planning to replace the default router from my ISP with a device running OPNsense to gain more advanced features, but I have doubts about which hardware to choose that best fits my needs.
Description of my network:
- Infrastructure:
- I will use an external ONT that will handle the conversion from fiber optic to Ethernet.
- A separate access point (AP) to manage the WiFi network.
- OPNsense will be responsible only for:
- Managing the traffic from wired devices and those connected to the AP.
- Routing traffic to the ONT. (Is it possible that the ONT handles PPPoE and OPNsense would act as a router in double NAT?)
- Devices on the network:
- Approximately 20 devices, including:
- A home server.
- A server accessible from the outside to host services.
- Common devices such as PCs, consoles, smartphones, and equipment for streaming and web browsing.
- Required services:
- Network segmentation using VLANs.
- Intrusion detection and prevention system (IPS/IDS).[ /li]
- Traffic analysis and malware protection.
Key hardware requirements:
- It must support 1 Gbps of traffic even with IPS/IDS enabled and traffic/malware analysis.
- Low power consumption (it's a home network, and I'm looking for efficiency).
- Quiet and compact (optional).
Hardware doubts:
I am considering several options, but I have doubts about which one would be the most suitable:
- Mini PC from Aliexpress with Intel N100:
- 8 GB of DDR5 RAM, 128 GB NVMe SSD.
- Compact, efficient, and low power consumption.
- Is it sufficient to handle 1 Gbps with IPS/IDS and malware analysis on my network?
- Processors with QuickAssist Technology (QAT):
- Such as Intel Atom (C3558/C3758) or more advanced processors.
- Is the extra cost worth it for my home use case, or is it more geared toward enterprise environments?
- Efficient portable hardware:
- Based on modern low-power processors (i3/i5 or similar).
- Could it be a viable option in terms of performance and energy efficiency?
I would appreciate any advice, experience, or recommendations on efficient, functional hardware suitable for this type of network and my network setup.
https://shop.opnsense.com/product-categorie/hardware-appliances/ (https://shop.opnsense.com/product-categorie/hardware-appliances/)
I am still on my first appliance. it's overkill for my 500Mb fiber connection.
just get a device with a good solid state drive
The Intel N100 will have more than enough processing power. Two issues with the N100 hardware you spec'd. First, if you use Zenarmor and ZFS you will need more than 8Gb of RAM. I would recommend 16Gb. Second, would be finding a system designed for 24hr use. I installed a bargain N100 based system with 4 2.5Gb nics to replace an aging J4125. It did not last a year.
I have 2 C3758 based opnsense firewalls that have been running for 6 years non stop in an office setting without a hiccup. I now use the same hardware at home. The only drawback to the C3758 is that it does not have the horsepower to run the Elasticsearch backend for ZenArmor.
Have fun!
Both of the issues you mentioned are non specific to the N100.
1st - you can put any memory size in there you want(up to 16G Officially supported but 32G confirmed by users), this should be properly sized by what feature sets your are going to implement
2nd - N100 can run without problems 24h, I have N100 and a N5105 running over 1y and 2y without any issues, if your failed its problem of your specific unit not the N100 overall.
Regards,
S.