This recipe describes how to choose the best hardware configuration based on our firewall requirements.
It’s easiest to choose a form factor if we’ve already decided on the rest of our prerequisites:
Deployment scenario
Throughput requirements
Interface requirements
Image platform
Evaluate the different types of form factors:
Small form: Energy-efficient, quiet (often silent), small foot print form factor.
Desktop: Standard desktop hardware. Easily upgradable and most people will have an older machine lying around that’s perfectly suited for running pfSense.
Server: Larger or more complex environments may require server class hardware.
Consider if any of our requirements require special hardware. In our case, we need moderate throughput and aren’t using any packages that require special hardware. Low-power consumption and silent operation is important to our small office, so we’re opting for small form factor.
The choice of form factor has more to do with our environment than our pfSense installation. Every environment will vary and form factors will differ. Thanks to the vast variety of computer hardware on the market, any deployment of pfSense is possible on any type of form factor. While most standard platforms are installed on desktops, and most embedded platforms on appliances, there’s no reason they can’t be swapped if we’ve equipped our hardware properly.
There’s no reason we can’t use a laptop! If we have an old laptop lying around, it would probably make a great, although unusual, pfSense machine. The biggest obstacle we’d likely face is adding additional NICs, but a USB Ethernet Adapter ought to work, although they are never recommended for production systems.
Note
As with all open-source projects, it’s best to refer to the project’s hardware compatibility list before adding new hardware.
Some people really enjoy the convenience of running a system from a compact flash card. Testing a new version of pfSense, or reverting back to a backup, is as easy as swapping CF cards. Most desktops don’t come with a CF card reader installed, but there are plenty of adapters to choose from:
Of all the different installation scenarios, installing the standard version on an appliance equipped with a hard drive can be the most challenging. Appliances are meant to be small, so if they’ve already fit a hard drive in there you can bet there won’t be an optical drive. Secondly, most appliances don’t have built-in video-out which means another means of connection (usually serial or USB) is required.
We’ll have to refer to our manufacturer’s documentation if we find ourselves in this situation. There isn’t much documentation available on the subject, but the pfSense guys have posted instructions on how to install the standard image on a Netgate Hamakua at http://doc.pfsense.org/index.php/Full_install_o n_Netgate_Hamakua.
pfSense official documentation: Recommended Vendors
http://www.pfsense.org/index.php?option=com_content&task=view&id=44&Itemid=50