[Soekris] Soekris -vs- Cisco ASA, etc.

Karl Fife karlfife at gmail.com
Fri Apr 22 15:38:09 UTC 2011


> 2.) Do any of you use a Soekris in an Enterprise environment now?

> 3.) What about reliability? Since the Soekris runs OBSD, it can be
> configured (with CARP, right?) to be redundant with another Soekris,
> right?

Take a look at pfSense on these boxes.  We have about eight Soekris 
Net5501's, all running pfSense.  We like them because they're reliable, 
fanless, and have a built in crypto engine for AES128 and has a Hardware 
RNG, as well as 4 auto MDI-X Ethernet ports as well as PCI slot (to which we 
often add another 4 Ethernet ports).

PfSense on the Soekris runs NanoBSD, and is a great way to run CARP, as well 
as more complex stuff like traffic shaping over multi-wan & bridged 
connections.

Honestly the biggest reason we take this approach is less about cost (which 
happens to be far cheaper), but mostly because every time we need to turn up 
another solution, we don't have to waste our own time and attention on 
licensing, sales & support contracts.  Also, by 'standardizing' on these 
boxes, we have been able to trivially keep a single cold spare for all of 
our installed base.  In truth however, all we ever do with our cold spare 
units is use them for a head-start when we discover a pressing new need, 
(and of course order a new cold spare).

-Karl

p.s.
pfSense has a great support community including OUTSTANDING paid support 
when we need it. 



More information about the Soekris-tech mailing list