10gb speedtest after update halved.

[friesr]

Hi Everyone,

After the most recent update, my system is struggling. Granted before the update I had to keep it pretty basic on the block list and no IDS to get around 8Gb to my ISP speed test. After the update, best I can get is about 3.8ish Gb.   Current system is an E3-1270v3 and 32gig ram. What would you recommend so that you can run IDS and not worry about any bottle necks for a 10Gb fiber service?

Thanks in advance!

[Patrick M. Hausen]

10G IDS? The fastest appliances Deciso has to offer manage 7.5G/s ...

https://shop.opnsense.com/dec4200-series-opnsense-enterprise-datacenter-rack-security-appliance/

[friesr]

Well, guess IDS may still be out of reach then... I see some folks running I9s on 25Gb, but not sure how much extra stuff that is running. Or go with a newer Xeon dual CPU setup?

[Patrick M. Hausen]

I am not a friend of signature based IDS/IPS in general. Of course if this is a requirement, e.g. for compliance reasons, there are proprietary products by the big names that do the inspection in hardware and can so match any practical network speed. At a cost ;-)

With an open source product like OPNsense inspection means main CPU, means main memory, means packet transfer from the wire to memory then back to the wire, means dozens of context switches etc.

[friesr]

Yea, this is just for my home network.  Goal is to maximize content filtering and not impact bandwidth, and keep any bad guys out.

[pfry]

I am not a friend of signature based IDS/IPS in general. [...]

Neither am I. I used various IDS/IPS solutions for around 15 years on and off (~2000-2018) before I gave up. The false positives (mostly e-mail) outweighed the potential benefit.