New SFF pc vs Untangle Appliance

C

colonydata

Member
Reaction score
7
Location
Statesboro,GA
I've been looking at Untangle appliances and looking at whats available as far as SFFs from Lenovo.

what is the advantage of getting an appliance vs. a relatively stripped down yet more powerful(I3,4gb) SFF.
 
When buying an appliance you get the tried and proven hardware along with warranty/support.

I've been custom building Untangle boxes for many years now. You have to use certain hardware that is compatible with Untangle. Intel NICs and Intel chipsets are what you want.

I have my custom Untangle boxes running in small businesses (5-20 users) to large corporations (75-150 users) for years without a single issue.

Currently using Silverstone SFF mini-ITX cases, Asus or ASRock min-ITX motherboards, Intel Core i3 cpus, 8 GB DDR3 memory, Intel Dual port PCI-E Gigabit LAN cards, WD Black Hard Drives and 80+ Gold PSU

This is the Silverstone SFF mini-itx case I've been using lately for my last 5-6 Untangle builds.

 
Last edited:
deachus said:
When buying an appliance you get the tried and proven hardware along with warranty/support.

I've been custom building Untangle boxes for many years now. You have to use certain hardware that is compatible with Untangle. Intel NICs and Intel chipsets are what you want.

I have my custom Untangle boxes running in small businesses (5-20 users) to large corporations (75-150 users) for years without a single issue.

Currently using Silverstone SFF mini-ITX cases, Asus or ASRock min-ITX motherboards, Intel Core i3 cpus, 8 GB DDR3 memory, Intel Dual port PCI-E Gigabit LAN cards and 80+ Gold PSU

This is the Silverstone SFF mini-itx case I've been using lately for my last 5-6 Untangle builds.

Click to expand...

what is your cost of materials for those boxes?
 
mATX or mini-ITX boxes for small businesses with 5-20 users cost me $400-$600 using high quality Intel based hardware. Boxes for larger corporate environments with 50-100 users cost me between $650-$750 per box. You can get the materials cost down even lower but for what these boxes are doing, and the clients that are relying on them, I stick with quality proven hardware for my builds.

I also recommend you use the 64 bit version of Untangle if using 4GB+ of memory so Untangle can utilize all your memory.

These aren't a hard sell to my clients due to all the functions Untangle performs in this one little piece of hardware. Router, Firewall, Spam Filtering, WAN Failover, Load Balancing, Web Filtering, Intrusion Prevention, and much more. The client and site to site VPN ability is great. I have multiple clients that I have installed an Untangle VPN Server at their corporate office and a second Untangle box at each of their satellite offices for site to site, always on VPN connections.
 
Last edited:
deachus said:
mATX or mini-ITX boxes for small businesses with 5-20 users cost me $400-$600 using high quality Intel based hardware. Boxes for larger corporate environments with 50-100 users cost me between $650-$750 per box. You can get the materials cost down even lower but for what these boxes are doing, and the clients that are relying on them, I stick with quality proven hardware for my builds.

I also recommend you use the 64 bit version of Untangle if using 4GB+ of memory so Untangle can utilize all your memory.

These aren't a hard sell to my clients due to all the functions Untangle performs in this one little piece of hardware. Router, Firewall, Spam Filtering, WAN Failover, Load Balancing, Web Filtering, Intrusion Prevention, and much more. The client and site to site VPN ability is great. I have multiple clients that I have installed an Untangle VPN Server at their corporate office and a second Untangle box at each of their satellite offices for site to site, always on VPN connections.
Click to expand...

what CPUs do you use? Looking at the hardware specs on the appliances and usage charts, an I3 would be more than enough for most SMBs. and really probably more likely a Pentium D.

do you use the onboard nic if it's intel?

looking at it I can get a M73 SFF with a Pentium D, 4gb of ram, 3yr warranty for right at 400 dollars(If i can get that through the distribution channel is another story). another 50 for 2 good intel nics and I am still under 500 dollars.
 
Typically I use an Intel Core i3 3245 or 4130/4340. I had a very small 3 user client 2 weeks ago that I used a Intel Asus H61 mini-ITX board and Intel Pentium G2030 with 4GB of memory. I usually just grab the Intel Pro 1000 PT Dual Gigabit PCI-E NIC card. You get 2 Gigabit NICS on the single card which I use for my Internal and External Untangle interfaces. Haven't had any issues with them yet. You can use 2 individual Intel NIC cards but when using mini-ITX you only get one PCI-E slot.

I've used onboard Intel NICs once or twice a while back and it worked fine but I typically use dual port NIC cards. You can pick up Intel Pro 1000 PT Dual port Gigabit NIC off ebay for $30-$40 shipped. I bought 6 more a few weeks ago.

Also, stay away from SSD's in Untangle. You want to use a high quality mechanical hard drive. You don't need a lot of space. I typically use WD Scorpio Black 320GB/500GB or WD Black 500GB.

I have no idea if that Lenovo will work with UT as I always build my own boxes. UT versions prior to the newly released 10.1 were picky with hardware in my experience and had a few different setups not wanting to install UT, especially 64bit installs, so I stuck with tried and proven motherboards and cpus. Since version 10.1 release I have not had any problems installing UT on any hardware I've used including 4th generation Intel hardware.
 
Last edited:
Been reselling Untangle since version 5.x....love it.

As mentioned above....quality of the hardware is important, especially motherboard chipset, and NICs. You want good hardware controller based NICs...not "winNICs". Intels rule! Some Broadcoms are sorta OK for smaller lighter setups. Used to use 3COMs a lot in my home made builds...but those are fast disappearing.

You often see people complaining in the Untangle forums about the systems locking up....you'll notice those threads often have one thing in common...cheap hardware. "Motherboard of the month club" budget systems, cheap NICs, non-Intel chipsets, etc.

I've built many "SFF" systems, or re-used lots of biz grade desktops at clients....just to get them on Untangle. Often I'll do that for our managed clients, where their budget is low and they can't swing for a proper appliance. In order to cut down on my time spent on malware calls, I'll take an old SFF desktop, slap in a 2nd NIC and a new HDD...install Untangle Lite version, and stick it in there as their router. It's worth my hour or two time it takes to do that, because it cuts down on MY time spent in future years...cleaning malware. For "managed clients" with fixed monthly plans...it's a win for me. And the client...since they have less downtime. But I'll admit...it's a ghetto setup using some SFF desktop or toaster PC...and you should have a few spares around to swap out in a hurry if needed.

For most of our clients on Untangle....we use either appliances, or 1U rack mount servers....or in a few cases, my colleague has them installed in VMWare. 1U servers like HP Proliants or Dell PowerEdges...gotta be careful of the RAID controller, if it's supported or not. But mostly...we resell NexGenAppliances hardware.
https://nexgenappliances.com/en/4-untangle-ng-firewall-appliances
I have lots of NG-100 models, some NG-50 and NG-25 units. Jim and Rob have those units custom made for Untangle with special options and firmware that supports Untangle well. Plus emergency backup...a CF card you can boot from if the hard drive goes belly up or it corrupts. Good feature to have on a firewall!

Advantages of going with appliances designed to be a firewall...is having multiple NICs. Gives you good options for VLANs and separate subnets and multiple WAN interfaces, load balancing/failover, etc. Yes you can get PCs with multiple NICs...but a 1U appliance that bolts into your switch rack...like a business grade router SHOULD...why not do it proper?

As for horsepower...depends what it will be doing. SPAM filtering puts the huge load on it. If you don't have spam filtering...you'd be surprised how large of a network a dual core Atom can handle...

We run our office on an overkill unit...an HP Proliant DL380 with dual Xeons, and multiple Intel NICs handling 10x statics...from both cable and DSL.
 
You must log in or register to reply here.

Similar threads

YeOldeStonecat
Gaming rig...help with client computer with vid card issues.
2
Replies
25
Views
790
Rosco
Rosco
HCHTech
ELI5 Intel's new chip offerings
2 3
Replies
48
Views
2K
Sky-Knight
Sky-Knight
YeOldeStonecat
NexGen Untangle Hardware
Replies
11
Views
2K
trevm999
trevm999
thecomputerguy
Rent negotiations
Replies
17
Views
2K
Porthos
Porthos
Metanis
[REQUEST] What residential printer should I buy?
Replies
17
Views
2K
xrobwx71
xrobwx71
Back
Top