Overclock.net › Forums › Industry News › Software News › [Netgate] PfSense 2.5 will require CPUs with AES-NI
New Posts  All Forums:Forum Nav:

[Netgate] PfSense 2.5 will require CPUs with AES-NI - Page 2

post #11 of 51
Cool, bring it on.
post #12 of 51
Quote:
Originally Posted by Master__Shake View Post

as a vm sure.

as a windows program? no.

I see, gotta give it a try, thanks.
post #13 of 51
Well if you read the article, they do present nice reasons.

On intel processors, turning off AES-NI actually makes the CPU more vulnerable, and pure software has some other attacks presented against it.

But yeah, I'm sure the NSA and other agencies have Intel's and AMD's cracked wide open, intentionally (designed weakness in silicon or microcode) or not.
AMD Box
(15 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8320E @ 4.6 GHz +0.356250v offset Asus Sabertooth 990FX Rev1 eVGA GTX 970 SC ACX2.0 Patriot Viper Xtreme 2x4 GB 1600LL 8-9-8-24 1T 
Hard DriveHard DriveHard DriveCooling
Samsung 840 EVO WD Black 1 TB 32MB cache FALS WD Blue 1 TB 7200rpm EZEX Corsair H80i 
OSMonitorKeyboardPower
Windows 10 x64 HP LP2475w Logitech Illuminated Corsair TX750  
CaseMouseAudio
You don't want to know Logitech G9x Creative Sound Blaster Z 
  hide details  
Reply
AMD Box
(15 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8320E @ 4.6 GHz +0.356250v offset Asus Sabertooth 990FX Rev1 eVGA GTX 970 SC ACX2.0 Patriot Viper Xtreme 2x4 GB 1600LL 8-9-8-24 1T 
Hard DriveHard DriveHard DriveCooling
Samsung 840 EVO WD Black 1 TB 32MB cache FALS WD Blue 1 TB 7200rpm EZEX Corsair H80i 
OSMonitorKeyboardPower
Windows 10 x64 HP LP2475w Logitech Illuminated Corsair TX750  
CaseMouseAudio
You don't want to know Logitech G9x Creative Sound Blaster Z 
  hide details  
Reply
post #14 of 51
Nice, tried pfsense as a gateway router and loved it. Bought one of their mini boxes as I don't want to deal with having an old tower around.
Dev0
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II x6 1090T @ 3.8 GHz ASUS M4A78-E 790GX PowerColor HD Radeon 7850 2 GB 2x4 GB DDR2 800 
Hard DriveOptical DriveOSMonitor
Crucial M500 240 GB SSD Samsung Super WriteMaster DVD Burner 20x Windows 10 Pro x64 ASUS VH226H 21.5" 
KeyboardPowerCaseMouse
Logitech PC Power & Cooling 500W Antec Three Hundred Modded Microsoft 3-Button Mouse 
Mouse Pad
Cheap Soft Mousepad 
  hide details  
Reply
Dev0
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II x6 1090T @ 3.8 GHz ASUS M4A78-E 790GX PowerColor HD Radeon 7850 2 GB 2x4 GB DDR2 800 
Hard DriveOptical DriveOSMonitor
Crucial M500 240 GB SSD Samsung Super WriteMaster DVD Burner 20x Windows 10 Pro x64 ASUS VH226H 21.5" 
KeyboardPowerCaseMouse
Logitech PC Power & Cooling 500W Antec Three Hundred Modded Microsoft 3-Button Mouse 
Mouse Pad
Cheap Soft Mousepad 
  hide details  
Reply
post #15 of 51
Thread Starter 
Quote:
Originally Posted by umeng2002 View Post

Well if you read the article, they do present nice reasons.

On intel processors, turning off AES-NI actually makes the CPU more vulnerable, and pure software has some other attacks presented against it.

But yeah, I'm sure the NSA and other agencies have Intel's and AMD's cracked wide open, intentionally (designed weakness in silicon or microcode) or not.

They reference bigger reasons than that little blurb. Has something to do with heavy integration with 3.0 later down the line.
 
FreeNAS Box
(10 items)
 
 
CPUMotherboardGraphicsGraphics
Intel 4930K Rampage IV Extreme EVGA Titan X SC EVGA Titan X SC 
RAMHard DriveHard DriveCooling
Dominator Platinum 2133 840 Pro 256gb 840 evo 1tb EK Supremacy EVO 
CoolingCoolingCoolingCooling
Swiftech MPC 655 EK reservoir 250 EK Titan X nickel block EK Titan X nickel block 
OSOSKeyboardPower
Arch Linux Win10 Pro Corsair K95 RGB ax1200i 
CaseMouse
900d Logitech g502 
  hide details  
Reply
 
FreeNAS Box
(10 items)
 
 
CPUMotherboardGraphicsGraphics
Intel 4930K Rampage IV Extreme EVGA Titan X SC EVGA Titan X SC 
RAMHard DriveHard DriveCooling
Dominator Platinum 2133 840 Pro 256gb 840 evo 1tb EK Supremacy EVO 
CoolingCoolingCoolingCooling
Swiftech MPC 655 EK reservoir 250 EK Titan X nickel block EK Titan X nickel block 
OSOSKeyboardPower
Arch Linux Win10 Pro Corsair K95 RGB ax1200i 
CaseMouse
900d Logitech g502 
  hide details  
Reply
post #16 of 51
Thread Starter 
Quote:
Originally Posted by bucdan View Post

Nice, tried pfsense as a gateway router and loved it. Bought one of their mini boxes as I don't want to deal with having an old tower around.

I built my own router.





Packing a Xeon 1231v3 in that puppy. lol Already using AES for my IPSEC VPN.
 
FreeNAS Box
(10 items)
 
 
CPUMotherboardGraphicsGraphics
Intel 4930K Rampage IV Extreme EVGA Titan X SC EVGA Titan X SC 
RAMHard DriveHard DriveCooling
Dominator Platinum 2133 840 Pro 256gb 840 evo 1tb EK Supremacy EVO 
CoolingCoolingCoolingCooling
Swiftech MPC 655 EK reservoir 250 EK Titan X nickel block EK Titan X nickel block 
OSOSKeyboardPower
Arch Linux Win10 Pro Corsair K95 RGB ax1200i 
CaseMouse
900d Logitech g502 
  hide details  
Reply
 
FreeNAS Box
(10 items)
 
 
CPUMotherboardGraphicsGraphics
Intel 4930K Rampage IV Extreme EVGA Titan X SC EVGA Titan X SC 
RAMHard DriveHard DriveCooling
Dominator Platinum 2133 840 Pro 256gb 840 evo 1tb EK Supremacy EVO 
CoolingCoolingCoolingCooling
Swiftech MPC 655 EK reservoir 250 EK Titan X nickel block EK Titan X nickel block 
OSOSKeyboardPower
Arch Linux Win10 Pro Corsair K95 RGB ax1200i 
CaseMouse
900d Logitech g502 
  hide details  
Reply
post #17 of 51
Long Time pfsense users fiber ONT > pfsense. I think this is a bad move. I have no qualms with recommending it, but making it a requirement for the community edition seems like Overkill. Thankfully mines hosted on my old 2600k so I seem to meet the requirement
Gamer
(14 items)
 
  
CPUMotherboardGraphicsRAM
2600k gigabyte sniper 3 Radeon 7970 x3 G.Skill 
Hard DriveOptical DriveOSMonitor
2 x 1tb LG Bluray Windows 7, Ubuntu 3x Hannspress 231/2 1 x Hannspree 22 
KeyboardPowerCaseMouse
Logitech G510 Thermaltake 750 D800 Logitech G500 
Mouse PadAudio
Rocketfish G930 
  hide details  
Reply
Gamer
(14 items)
 
  
CPUMotherboardGraphicsRAM
2600k gigabyte sniper 3 Radeon 7970 x3 G.Skill 
Hard DriveOptical DriveOSMonitor
2 x 1tb LG Bluray Windows 7, Ubuntu 3x Hannspress 231/2 1 x Hannspree 22 
KeyboardPowerCaseMouse
Logitech G510 Thermaltake 750 D800 Logitech G500 
Mouse PadAudio
Rocketfish G930 
  hide details  
Reply
post #18 of 51
Thread Starter 
Quote:
Originally Posted by MDalton10 View Post

Long Time pfsense users fiber ONT > pfsense. I think this is a bad move. I have no qualms with recommending it, but making it a requirement for the community edition seems like Overkill. Thankfully mines hosted on my old 2600k so I seem to meet the requirement

Well, if you are on pfsesne you are likely there for security reasons. And since you could likely get a used CPU that will fit in just about any socket that meets these needs it's not too big a deal. Assuming the machine you are using is relatively modern. No P2 or P3 machines. I don't see this as a big deal really. Just look at the ark listings filtered by socket and AES. Then find a chip on ebay for a few bucks. No big deal.
 
FreeNAS Box
(10 items)
 
 
CPUMotherboardGraphicsGraphics
Intel 4930K Rampage IV Extreme EVGA Titan X SC EVGA Titan X SC 
RAMHard DriveHard DriveCooling
Dominator Platinum 2133 840 Pro 256gb 840 evo 1tb EK Supremacy EVO 
CoolingCoolingCoolingCooling
Swiftech MPC 655 EK reservoir 250 EK Titan X nickel block EK Titan X nickel block 
OSOSKeyboardPower
Arch Linux Win10 Pro Corsair K95 RGB ax1200i 
CaseMouse
900d Logitech g502 
  hide details  
Reply
 
FreeNAS Box
(10 items)
 
 
CPUMotherboardGraphicsGraphics
Intel 4930K Rampage IV Extreme EVGA Titan X SC EVGA Titan X SC 
RAMHard DriveHard DriveCooling
Dominator Platinum 2133 840 Pro 256gb 840 evo 1tb EK Supremacy EVO 
CoolingCoolingCoolingCooling
Swiftech MPC 655 EK reservoir 250 EK Titan X nickel block EK Titan X nickel block 
OSOSKeyboardPower
Arch Linux Win10 Pro Corsair K95 RGB ax1200i 
CaseMouse
900d Logitech g502 
  hide details  
Reply
post #19 of 51
Quote:
Originally Posted by Prophet4NO1 View Post

I built my own router.





Packing a Xeon 1231v3 in that puppy. lol Already using AES for my IPSEC VPN.

A bit overkill for a home network isn't it? I dig your style though, I have gigabit fiber at home so I figured building an ESXi box would let me create the servers I want to play with and host from as well as a good firewall.
Using a Intel I-350T2 with direct path I/O lets the pfSense VM have direct access to the NIC. It works beautifully.
post #20 of 51
Quote:
Originally Posted by bavarianblessed View Post

A bit overkill for a home network isn't it? I dig your style though, I have gigabit fiber at home so I figured building an ESXi box would let me create the servers I want to play with and host from as well as a good firewall.
Using a Intel I-350T2 with direct path I/O lets the pfSense VM have direct access to the NIC. It works beautifully.

QoS, VPN encryption/ decryption, etc. can take it's toll if you have over 100 Mbps.
AMD Box
(15 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8320E @ 4.6 GHz +0.356250v offset Asus Sabertooth 990FX Rev1 eVGA GTX 970 SC ACX2.0 Patriot Viper Xtreme 2x4 GB 1600LL 8-9-8-24 1T 
Hard DriveHard DriveHard DriveCooling
Samsung 840 EVO WD Black 1 TB 32MB cache FALS WD Blue 1 TB 7200rpm EZEX Corsair H80i 
OSMonitorKeyboardPower
Windows 10 x64 HP LP2475w Logitech Illuminated Corsair TX750  
CaseMouseAudio
You don't want to know Logitech G9x Creative Sound Blaster Z 
  hide details  
Reply
AMD Box
(15 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8320E @ 4.6 GHz +0.356250v offset Asus Sabertooth 990FX Rev1 eVGA GTX 970 SC ACX2.0 Patriot Viper Xtreme 2x4 GB 1600LL 8-9-8-24 1T 
Hard DriveHard DriveHard DriveCooling
Samsung 840 EVO WD Black 1 TB 32MB cache FALS WD Blue 1 TB 7200rpm EZEX Corsair H80i 
OSMonitorKeyboardPower
Windows 10 x64 HP LP2475w Logitech Illuminated Corsair TX750  
CaseMouseAudio
You don't want to know Logitech G9x Creative Sound Blaster Z 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [Netgate] PfSense 2.5 will require CPUs with AES-NI