NSHO-001 DATASHEET 8 LAN 1 COM 4 Fiber SFP 4G NGFW Firewall 1U Rackmount Server

NSHO-001 DATASHEET 8 LAN 1 COM 4 Fiber SFP 4G NGFW Firewall 1U Rackmount Server https://www.pondesk.com/product/NSHO-001

Features ● Support Intel® i3/i5/i7 Haswell 4th Generation Processor ● Intel® AES-NI and Secure Key ● 8x Intel® 82574L Gigabit Ethernet (Support Wake on LAN/PXE) ● Integrated 2 Group BYPASS ● RJ45 Console Port (CISCO Standard) ● Support 4x Intel® 82580DB Gigabit Optical Fiber SFP (optional) ● Intel® HD Graphics (via VGA Display Port) ● Support WiFi and 3G/4G LTE WWAN Networks (optional) ● Support up to 16GB SODIMM DDR3 Memory ● Support Four Storage Drives (mSATA & 2.5" SATA SSD/HDD) ● Ready for IoT - Simply Connected Using 3G/4G LTE via Mini PCIe ● Support Windows/Windows Server/Linux/Unix/Firewalls and MikroTik RouterOS etc. ● Support Hypervisor (VMware ESXi and VirtualBox etc.) with i5 & i7 CPU only ● Can be configured as a Firewall, LAN/WAN Router, VPN, DNS Server, DHCP Server etc. ● Perfect for Security gateway, VPN and Firewall such as pfSense, Untangle, Sophos, Debian, Smoothwall, ClearOS, m0n0wall etc.

Specifications Dimensions

Processor Advanced Technologies (Based on CPU) Support 4th Gen. Haswell LGA1150 Intel® Intel® Virtualization Technology (VT-x) Intel® Core™ i3/i5/i7 Processor VT-x with Extended Page Tables (EPT) Intel® H87 Chipset Enhanced Intel SpeedStep® Technology Thermal Monitoring Technologies Memory Support up to 16 GB Security & Reliability (Based on CPU) W SODIMM DDR3 Memory Intel® AES New Instructions 2 Memory Slots Secure Key Execute Disable Bit Storage Support 1x mSATA SSD Onboard I/O Support 1x 2.5" SATA SSD/HDD 1 x JVGA1 (1*12pin) L H Support 2x 2.5" SATA SSD/HDD OR 1 x RS232 Serial Port (2*5pin) 2 x 3.5" SATA HDD 2 x LAN LED (2*16pin) 2 x USB2.0 (2*5pin) 430mm x 360mm x 45mm (L*W*H) Graphics (Based on CPU) 1 x USB 3.0 (2*10Pin) Integrated Intel® HD Graphics 1 x PS/2 KB/MS (1*6pin) VGA HD Display 1 x FP1 Front Panel (2*5pin) Intel® Quick Sync Video 1 x SIM Interface (1*6pin) Intel® Clear Video HD Technology 1 x 24Pin ATX Power Input 1 x 4Pin ATX Power Input Package LAN 1 x CPU FAN (1*4pin) MODEL # NSHO-001 ■ 1 x Network Server 2 x SYS FAN (1*4pin) Eight Gigabit Ethernet Ports P/N: NO014G1UND8L4F ■ 1 x Power Cord Intel® 82574L Gigabit Ethernet Controller 1 x GPIO (2*5pin) Support Wake on LAN/PXE Integrated 2 Group BYPASS (Control OS LAN1,2 and LAN3,4) Support Windows/Windows Server/Linux/Unix/Firewalls and MikroTik RouterOS etc. Optional Expansion Slot Support VMware ESXi and VirtualBox (with i5 and i7 CPU) 1 x mini-PCIe Slot (For WIFI, 3G/4G) Support pfSense, Untangle, Debian, Smoothwall, ClearOS, Processor Intel® Core™ i3-4160 Processor (3M Cache, 3.60 GHz) 1 x mSATA Slot (For SSD) m0n0wall etc. Intel® Core™ i5-4590 Processor (6M Cache, up to 3.70 GHz) Intel® Core™ i7-4790 Processor (8M Cache, up to 4.00 GHz) 1 x 2.5" SATA Slot (For 2.5” SSD/HDD) Intel® Core™ i7-4790K Processor (8M Cache, up to 4.40 GHz) 1 x PCI x8 SFP Slot (for Fiber Ports) Power & Working Environment 3G/4G/WiFi 802.11 b/g/n WiFi (PCIe Module) Input: 100~240V - 50-60Hz 3G (up to 14.4 Mbps) I/O Specifications Consumption: 45W~90W idle (depends upon processor) 4G (up to 150 Mbps) 8 x Gigabit RJ45 LAN Operating Temperature: -10°C ~ 50°C 3G (14.4 Mbps) + USB N WiFi 4G (150 Mbps) + USB N WiFi Storage Temperature: -20°C ~ 70°C 1 x RJ45 Console (CISCO standard) Memory 4GB/8GB/16GB(2x8GB) DDR3 Memory 2 x USB 2.0, 1 x VGA Relative Humidity: 5% - 95% (non-condensing) mSATA SSD 16GB/32GB/64GB/120GB/240GB/500GB mSATA SSD 2 x LED Indicator (Power & Hard Drive) Vibration: 0.5g rms/5-500HZ/random/operating 2.5" SATA SSD 500GB/1TB/2TB 2.5" SATA HDD 802.11 b/g/n WiFi & 3G/4G LTE (optional) Others Fiber Ports (optional) 1U Rackmount (Grey Colour) Intel® 82580DB Gigabit Ethernet Controller AMI 64MB Flash ROM BIOS 4x SFP Gigabit Fiber Ports Watchdog Hardware Reset Function (L256, 0~255 Sec.) 121.9mm x 64mm x 18mm (L*W*H) 1x CPU FAN and 3x System FAN Cooling 430mm x 360mm x 45mm (L*W*H)

[email protected] * All specifications and photos are subject to change without notice. United Kingdom Registered names and trademarks are the copyright and property of their respective owners. Hardware Performance NSHO-001

This section describes the real-world performance of network firewall router hardware with respect to multiple Firewall/Routing/All-In-One OS. There are many factors which influence the performance of firewall/routing etc.

1. Throughput 2. Features/Applications 3. Version of OS 4. Network Card Chipset 5. Number of Users

1. Throughput Traffic Load is very major part of performance notes, if there is less traffic then less load on device CPU & RAM with better performance. More traffic needs more processing and can reduce the through of appliance.

2. Features/Applications Most of features do not factor into hardware performance though a few have significant impact on hardware utilization.

VPN: Heavy use of any of the VPN services included in pfSense, Untangle & Sophos etc. will increase CPU requirements. Encrypting and decrypting traffic is CPU intensive. The number of connections is much less of a concern than the throughput required. - 266 MHz CPU will max out at around 4 Mbps of IPsec throughput - 500 MHz CPU can push 10-15 Mbps of IPsec - i7 CPU or Xeon new generation support 100 Mbps of IPsec traffic Supported encryption cards, such as several from Hifn, are capable of significantly reducing CPU requirements.

Squid – Squidguard: Outgoing traffic control through proxy both packages rely heavily both the CPU and disk writes. It is therefore strongly recommended to use with the Entry level and the use of AUTM and AUTM2 with DOM devices. For this kind of work is strongly recommended to use AUTM, AUTM2 and microcluster with SSD or classics disks. However, it is also possible the optimized use with only the squid package on the entry level as long as you turn off any kind of writing on the disk media and strong expense of performance.

Captive Portal: While the primary concern is typically throughput, environments with hundreds of simultaneous captive portal users (of which there are many) will require slightly more CPU power than recommended above.

Large State Tables: State table entries require about 1 KB of RAM each. The default state table, when full at 10,000 entries, takes up a little less than 10 MB RAM. For large environments requiring state tables with hundreds of thousands of connections, ensure adequate RAM is available.

Packages: Some of the packages increase RAM requirements significantly. Snort and ntop are two that should not be installed on a system with less than 512 MB RAM.

3. Version of OS We must emphasize the difference between the two types of installations that you can do with pfSense and Untangle etc. on the different devices - The embedded solution (firewall Entry Level) does NOT allow the writing of log files on the memory (CF or DOM) and in any case, it is strongly discouraged. This version is not possible to install some additional packages of pfSense® and Untangle. - The solution that installs on your hard disk (usually on the UTM Appliance solutions or above) has the ability to save logs in it. On this version, you can install all additional packages provided for pfSense® and Untangle.

4. Network Card Chipset The choice of a network card is essential for anyone who is planning a system for medium / large dimensions. - The Realtek chipset is less powerful than Intel Chipset and is mainly suitable for workloads less intense. However, for a company that does not require high throughputs. - The Intel chipset, on the other hand, offers better performances in heavy traffic: it offers several advanced features such as queue management and, from the 2.2 version of pfSense, it also improved the multi-core support. This means a higher throughput and a reduced load on the CPU.

5. Number Of Users Firewall performance also dependent of number of users behind it, more users more state table entries and more hardware resources required.

Below mentioned are few real-world stress tests performed with different firewall OS on standard network firewall router box hardware with the following configurations.

CPU: Intel® Core™ i7-4790K and Intel® Core™ i5-4590 RAM: 8GB DDR3 Memory SSD: 60GB mSATA3 SSD

With Intel® i7-4790K Processor With Intel® i7-4790K Processor With Intel® i7-4790K Processor With Intel® i5-4590 Processor With Intel® i5-4590 Processor pfSense® Untangle Sophos ClearOS Endian

500 - 3000 Users (With i3 CPU) 500 - 3000 Users (With i3 CPU) 500 - 3000 Users (With i3 CPU) 500 - 3000 Users (With i3 CPU) 500 - 3000 Users (With i3 CPU)

Number Of Users 500 - 7000 Users (With i5 CPU) 500 - 7000 Users (With i5 CPU) 500 - 7000 Users (With i5 CPU) 500 - 7000 Users (With i5 CPU) 500 - 7000 Users (With i5 CPU)

1000 - 10000 Users (With i7 CPU) 1000 - 10000 Users (With i7 CPU) 1000 - 10000 Users (With i7 CPU) 1000 - 10000 Users (With i7 CPU) 1000 - 10000 Users (With i7 CPU)

TCP 5300 - 5900 Mbps * TCP 5300 - 5900 Mbps * TCP 5350 - 5800 Mbps * TCP 5000 - 5400 Mbps * TCP 5050 - 5400 Mbps * Bridge UDP 5450 - 5850 Mbps * UDP 5450 - 5850 Mbps * UDP 5450 - 5900 Mbps * UDP 5200 - 5500 Mbps * UDP 5100 - 5400 Mbps *

TCP 5200 - 5750 Mbps * TCP 5200 - 5750 Mbps * TCP 5200 - 5800 Mbps * TCP 5050 - 5350 Mbps * TCP 5050 - 5350 Mbps * Routed UDP 5350 - 5800 Mbps * UDP 5350 - 5800 Mbps * UDP 5350 - 5800 Mbps * UDP 5100 - 5500 Mbps * UDP 5100 - 5550 Mbps *

TCP 5300 - 5700 Mbps * TCP 5300 - 5700 Mbps * TCP 5350 - 5700 Mbps * TCP 4900 - 5300 Mbps * TCP 4900 - 5300 Mbps * NAT UDP 5400 - 5800 Mbps * UDP 5400 - 5800 Mbps * UDP 5450 - 5850 Mbps * UDP 4800 - 5400 Mbps * UDP 4850 - 5350 Mbps *

TCP 1150 - 1900 Mbps TCP 1200 - 2100 Mbps TCP 1250 - 2100 Mbps TCP 1100 - 2000 Mbps TCP 1150 - 1950 Mbps AES128 UDP 1200 - 2000 Mbps UDP 1300 - 2000 Mbps UDP 1350 - 2100 Mbps UDP 1250 - 2000 Mbps UDP 1250 - 2000 Mbps

TCP 1050 - 1900 Mbps TCP 1400 - 2000 Mbps TCP 1300 - 1900 Mbps TCP 1200 - 2000 Mbps TCP 1150 - 2000 Mbps OpenVPN AES256 UDP 1100 - 2000 Mbps UDP 1300 - 2000 Mbps UDP 1200 - 2000 Mbps UDP 1150 - 2100 Mbps UDP 1200 - 2100 Mbps

TCP 1200 - 2000 Mbps TCP 1400 - 2100 Mbps TCP 1350 - 2000 Mbps TCP 1400 - 2100 Mbps TCP 1350 - 2000 Mbps Throughput Blowfish UDP 1250 - 2050 Mbps UDP 1400 - 2100 Mbps UDP 1400 - 2100 Mbps UDP 1400 - 2100 Mbps UDP 1400 - 2100 Mbps

TCP 950 - 1750 Mbps TCP 1500 - 2400 Mbps TCP 1400 - 2300 Mbps TCP 1450 - 2350 Mbps TCP 1500 - 2350 Mbps AES128 UDP 950 - 1800 Mbps UDP 1300 - 2200 Mbps UDP 1300 - 2200 Mbps UDP 1450 - 2200 Mbps UDP 1450 - 2200 Mbps

TCP 900 - 1650 Mbps TCP 1200 - 2000 Mbps TCP 1300 - 2000 Mbps TCP 1000 - 1900 Mbps TCP 1050 - 1900 Mbps AES256 UDP 950 - 1750 Mbps UDP 1100 - 1900 Mbps UDP 1200 - 1900 Mbps UDP 1000 - 1850 Mbps UDP 1000 - 1850 Mbps IPSec TCP 1000 - 1800 Mbps TCP 1100 - 1850 Mbps TCP 1100 - 1850 Mbps TCP 1100 - 1800 Mbps TCP 1150 - 1800 Mbps Blowfish128 UDP 1050 - 1850 Mbps UDP 1050 - 1900 Mbps UDP 1050 - 1900 Mbps UDP 1150 - 1850 Mbps UDP 1150 - 1850 Mbps

TCP 650 - 1250 Mbps TCP - 750 - 1150 Mbps TCP - 700 - 1100 Mbps TCP - 600 - 1100 Mbps TCP - 650 - 1150 Mbps 3DES UDP 750 - 1350 Mbps UDP - 750 - 1150 Mbps UDP - 700 - 1100 Mbps UDP - 700 - 1150 Mbps UDP - 700 - 1150 Mbps

TCP 1500 - 2500 Mbps TCP - 1900 - 2900 Mbps TCP - 1800 - 2800 Mbps TCP - 1700 - 2900 Mbps TCP - 1750 - 2900 Mbps L2TP GRE UDP 1700 - 2700 Mbps UDP - 1850 - 2700 Mbps UDP - 1850 - 2750 Mbps UDP - 1650 - 2700 Mbps UDP - 1750 - 2700 Mbps

Max Active Connections 2.1 Million ** 2.2 Million ** 1.8 Million ** 1.8 Million ** 1.8 Million **

Max Concurrent Sessions 1.2 Million ** 1.3 Million ** 1.2 Million ** 0.9 Million ** 0.9 Million **

Max New Connections Per Second 30,000 80,000 80,000 50,000 50,000

Stateful Inspection 2 Gbps 2 Gbps 2 Gbps 2 Gbps 2 Gbps

IPSec Site-To-Site VPN Peers 200 - 1000 600 - 1800 600 - 1800 400 - 1000 400 - 1000

Virtual Interfaces - VLANs 4,016 - - - -

* Network Firewall Server has 8x1Gig Electrical Ethernet Ports, and 4x1Gig Optical Ports, above stats are captured by using 6x1Gig for WAN and 6x1Gig For LAN, so total processing capacity calculated based on 6Gig link. ** These are not theoretical stats, these are real world stats, means generated at the time of full system load. You can consider them a minimum level of the number. You will get more than that in your environment.

Note: Server ports are capable of handling more than 95% of hardware limit, like 950-980Mbps per port. Remember that this is real time hardware performance statistics captured during ideal environment. These might be different according to traffic load, complexity of configuration and processor/memory/storage specifications. Most important OS, if OS is more stable and have smaller footprint then performance should be high.

[email protected] * All specifications and photos are subject to change without notice. United Kingdom Registered names and trademarks are the copyright and property of their respective owners.