1U, SFP+, 1GBPS line speed with IDS/IPS/VPN

[tknx]

Does such a beast exist (used is okay) at under $400?

The Supermicro RS-SMX10TP4F-FIO is $600, but has a fairly old processor (Pentium D1508).

There is this build at $180 - https://forums.serverbuilds.net/t/pfs-waaat-i5-3470t-intel-vt1000-1u-rack-mount-firewall-router/973

If I am doing the custom build, are there optimizations or changes I should make?

[harshw]

Why not go for the Xeon E series? The X11SCL-iF motherboard is $200 new at Newegg. And a 4 core Xeon E-2124 costs $200 (also at Newegg). I got the other components used for cheap on eBay and other places and built a 1U, 16GB, 6 core Xeon for < $700 https://forum.opnsense.org/index.php?topic=11507.msg58302#msg58302

It does IPS/IDS at line speed (I have symmetric 1GB fiber internet). At somepoint, I will put Proxmox there and run other network related apps along with Opnsense

Going for a 4GB, 4 core Xeon will probably bring down your cost to $600. And if you want to spend even less - why not go for the Core i3-9100? It supports ECC and is a 3.6GHz / 4-core processor capable of 4.2GHz turbo. I believe the CPU goes for $80-$100.

Suricata (used in the IDS/IPS) is multi-threaded but generally you should go for a fast clock rate + threading next. FreeBSD networking and Suricata in general are not that fond of hyperthreading - so you can safely buy the (cheaper) non-HT CPUs and not lose any performance.

Used Supermicro 1U cases and PSUs are also cheap on eBay as are 40mm fans ...