I have a small MSP and currently basically do two difference solutions. Either a full unifi stack with a USG or a Fortinet Firewall. Many many years ago I played with Pfsense a little.
Basically I’m looking for something to replace the USG for my SOHO clients (10 users or less, internet connection normally under 100mb) I want to be able to run Suricata and pfblocker for these clients. Would the SG-1100 be up to the task as a replacement to the USG?
Read here and make up your own mind about whether the SG-1100 is good enough for Suricata: https://forum.netgate.com/topic/145584/running-suricata-snort-on-a-sg-1100-not-a-good-idea/
To me it seems it is OK but not ideal.
PFBlocker takes almost nothing to run.
If you plan on using Suricata I would say use at least the SG-3100.
Thanks that was kind of my feeling as well just double checking.
Also thanks for all the youtube videos, I’ve been a silent watcher for a long time and will hopefully becoming more active. Thank you for everything you do for the IT community.
The newly announced SG-2100 looks like it might fit the bill here… Thy specifically call out having enough memory for Snort and Suricata. https://www.netgate.com/blog/introducing-the-netgate-sg-2100.html
No Not really, I echo an SG-3100 or maybe the SG-2100 can do the job now its out.
I will never use a USG again we tried to do full UniFi stacks a few times just falls short.
For GW/F, we are very much in the EdgeRouter, pfSense, Meraki world depending on type of client.