Choosing Hardware Platform for SafeUTM
Information about Software Platform
SafeUTM is a Linux operating system installed on a server or virtual machine. SafeUTM is based on Fedora 31 and contains a Linux kernel with a set of drivers from this OS with minor changes on our part. Thus, SafeUTM supports most of the hardware supported by Fedora 31.
General Recommendations for Chipsets and Manufacturers
Having worked for years with client servers, we can identify several patterns:
- Chipsets and controllers from Intel and Broadcom have proven themselves better than others, especially network cards and logic sets used in motherboards.
- It is not recommended to use embedded network cards, especially interfaces on cheap/rare/outdated/no-name chipsets. UTM works with the network, and often cheap network adapters for desktops cannot cope with the gateway tasks. Intel is also the quality leader here.
- We do not recommend using RAID controllers in the network gateway operation. Software and semi-hardware RAID controllers built into motherboards are not officially supported by our product.
- Both server and desktop motherboards can be used. It is preferable to use Intel processors.
- Low-cost, energy-efficient platforms for desktops and semi-thin clients based on Intel Atom are not suitable for SafeUTM and do not meet the minimum system requirements for the product.
Hardware Platform Power Selection
The number of GHz of the processor and the amount of RAM of the server strongly depend on the load imposed on SafeUTM. When calculating the load, it is necessary to consider three factors:
- The number of simultaneously authorized UTM users.
- The UTM components involved (proxy with its services, checking traffic for spam/viruses, the extensiveness of the configuration of the content filtering module or firewall).
- Intrusion prevention system – when connected via a high-speed connection to a provider, this service may require significant processor and memory resources. It is recommended to use multi-core processors (4 or more cores with a frequency of more than 3 GHz) and at least 8 GB of RAM.
The minimum system requirements satisfy the low involvement of UTM services serving a small number of authorized users. With a larger number of users (50 and more) and services served on SafeUTM, pay attention to the recommended and maximum system requirements of the server.
RAID arrays are not required for typical UTM usage schemes. One modern 200 GB SATA hard drive is sufficient in most configurations. In the case of a heavily used mail server on SafeUTM, we recommend connecting a separate hard drive to store mail correspondence. We recommend using Western Digital brand devices. We do not recommend using disk devices of the Green or Eco series, since their speed and energy indications are artificially understated and they are not suitable for use on servers. Using SSD drives is also possible and recommended. We recommend using Micron brand devices.