Reddit reviews ZOTAC ZBOX CI323 nano Fanless Mini PC Intel N3150 CPU Intel HD Graphics Native 4K support Dual Gigabit LAN 802.11ac Wi-Fi Bluetooth (ZBOX-CI323NANO-U)
We found 33 Reddit comments about ZOTAC ZBOX CI323 nano Fanless Mini PC Intel N3150 CPU Intel HD Graphics Native 4K support Dual Gigabit LAN 802.11ac Wi-Fi Bluetooth (ZBOX-CI323NANO-U). Here are the top ones, ranked by their Reddit score.
Passively Cooled – Silent PerformanceIntel N3150 Processor (quad-core 1.6 GHz, up to 2.08GHz)Triple Display capableNative 4K support (H.265, H.264 decode)Compact palm-sizedVESA Mountable
Inventory:
pfSense:
Snort, pfBlockerNG, OpenVPN, Squid, ClamAV, Default deny ingress/egress FW, etc.
ZOTAC ZBOX NUC
Kingston 120GB SSD
Crucial 8GB DDR3L RAM
ESXi Hypervisor:
Skull Canyon NUC
32GB DDR4 RAM
Samsung 950 Pro 512GB M.2 SSD
Virtual Machines I'm currently running.
Splunk - Receives my FW, DNS, Snort, and OSSEC logs. I have dashboards to filter this data.
Snorby - Also receives my Snort logs. I like this a little better than Splunk as I can view packet contents.
OSSEC - I used this for file integrity and endpoint monitoring on my servers and desktop. Functions as a host based IDS.
Nessus - I use this every once in a while to see if there are any open holes. Otherwise, I just use nmap and iptables to close everything off.
Unifi Controller - for managing my AP.
Wireless:
Ubiquiti Unifi AP-AC Lite
Switch:
TP-LINK 8-Port Gigabit L2 Switch
RetroPi + Monitor:
RPi3
10.1 Inch IPS HDMI Monitor
My VMs, configs, and files are backed up to a HDD I keep offline. I'm thinking about adding a NAS into the mix for somewhere around 200-400 dollars. Low energy consumption preferably if anyone had any recommendations. :)
This build is rock solid but you can obviously go newer:
You can do just as well buying newer Zotac ZBOX or NUC. They are silent, take 2.5 HDDs, and will run just about anything you can throw at them. Check out https://www.amazon.com/gp/aw/d/B0179S50UU/
The only real downside to these mini PCs is heat. I built this 3 years ago and both the ZBOX and NUC ran way too hot. They still do run pretty hot, just a limit being in such a small enclosure
Edit: For anyone interested in building a low profile thin-mini ITX build I highly recommended checking out more current parts like the ASUS Q170 1151 motherboard and a 35W T-Series Sky Lake or Kaby Lake processor like the 6300T/6400T/6500T/6600T/6700T. You're getting a lot of power in a small thermal envelope
Zotac CI323 NANO-U is much cheaper. It has an Intel N3150 and it supports AES-NI. Uses less watts. It's shipped and sold by Amazon and comes from a well known company that I'm sure has a warranty and support. https://www.amazon.com/gp/aw/d/B0179S50UU/?th=1&psc=1
Zotac makes one I like http://www.amazon.com/ZOTAC-Quad-Core-Graphics-Barebones-ZBOX-CI323NANO-U/dp/B0179S50UU/ref=sr_1_1?rps=1&ie=UTF8&qid=1456979168&sr=8-1&keywords=zotac+ci323&refinements=p_85%3A2470955011 but it looks like they're 3-6 weeks out at the moment. Fanless and works great with CentOS 7, haven't tested them with anything else
Edit: looks like it's available on ebay now for ~$150
Those are the words to live by!
> Chieftec-IX-01B-OP
Have you looked at these? I was thinking about the same sort of thing for my parents. But they might be getting a USG so I can do some testing on the site to site VPN through the Unifi controller.
I looked at those options, scored an EdgeRouter (ER-8) cheap on eBay to play around with, and decided to replace my TomatoUSB router with The Ars Router instead. I run Sophos XG on it but pfSense is fine option -- 2.3 was still beta when I was deciding.
My logic was:
I built my Celeron 1037U system for about twice the price of an EdgeRouter Lite. It's silent. Very low power. Can route Gigabit and a couple hundred Mbps of VPN. I run Sophos but it could also run pfSense or Untangle or pretty much anything else I'd want.
Zotac CI323 NANO would be another fine choice that you don't have to order from China.
I've been running this guy for several months now.
The included wireless chipset isn't supported by FreeBSD (pfsense), and the NIC drivers have buggy TCP checksum offload code (can be disabled and mitigated in the web UI), but I'd buy it again in a heartbeat.
I really wouldn't use a Raspberry Pi for this. Don't get me wrong, it's a great little device and it would work in a pinch but it's not really the best fit for this.
If it were me, I would go with something like this:
https://www.amazon.com/ZOTAC-Quad-Core-Graphics-Barebones-ZBOX-CI323NANO-U/dp/B0179S50UU/ref=sr_1_1?ie=UTF8&qid=1486571851&sr=8-1&keywords=Zotac+ZBOX+Dual+Ethernet
It's small, quiet and very low power. Has dual Gigabit ethernet and is x86_64 based so you can run anything on it.
You're not likely to find something like that with more than 2 gigabit ethernet ports unless you go with something custom built like a Mikrotik RouterBoard.
Instead of the 3rd ethernet port, why not get yourself a managed gigabit switch (one can be had for about $65USD) and put your LAN and your security system on different VLANs. If you need more info on how to do this I would be more than happy to help.
Good luck, sounds like a fun project! :)
The Linx Derp Lab 0.5
Others
Planned purchases
Plans for lab
This one looks decent too and pretty cheap. Add a small SSD and some Ram.
http://www.amazon.com/gp/product/B0179S50UU?psc=1&redirect=true&ref_=ox_sc_sfl_title_9&smid=ATVPDKIKX0DER
I bought a cheap, dual NIC mini PC and installed Sophos XG on it.
It does everything my pfsense VM did, but also gives me internet filtering, application blocking, etc.
Zotac makes a passively cooled mini pc. Should be a simple can of air cleaning every once in awhile for maintenance.
https://www.amazon.com/ZOTAC-Quad-Core-Graphics-Barebones-ZBOX-CI323NANO-U/dp/B0179S50UU
Consider this one:
ZOTAC ZBOX C Series Passive Cooling Mini PC, Intel N3150 Quad-Core CPU, Intel HD Graphics Barebones System (ZBOX-CI323NANO-U) https://www.amazon.ca/dp/B0179S50UU/ref=cm_sw_r_cp_api_UfdvybRQJY4Y8
Two LAN port, wifi, fanless(no noise)
Buy cheap 32go ssd with cheap 8go ram and you're good to go !
Oh and perfectly compatible with pfsense ;)
I used a Zotac ZBOX CI323NANO for basically exactly what you're talking about. No fans, so it is silent. If you care about VPN, it has AES-NI.
It has Realtek NICs, but I haven't run into any problems with it. Throw some RAM and an SD card in and you're good to go.
It's not exactly what you're asking for but an entire rack mount server just for pfsense will probably waste a lot of power. your 150/150 connection shouldn't require a whole lot of muscle, even with more modules in pfsense. I picked up this mini pc a few months ago to use in pfsense but decided to re-purpose it as an HTPC. It ran pfsense fine except for the wifi card (not really needed anyway). Dual gigabit lan, pop a 4gb stick of ram and any laptop ssh/hdd you have laying around it it should handle anything you throw at it while pulling down less than ~40 watts.
I have a zotax zbox and external HDD as a server. Little over 200 invested, had spare external drive.
https://www.amazon.com/ZOTAC-Quad-Core-Graphics-Barebones-ZBOX-CI323NANO-U/dp/B0179S50UU/ref=sr_1_1?ie=UTF8&qid=1478124878&sr=8-1&keywords=Zbox
So, as I'm sure you're aware, a generic "router" you get is actually a router, firewall, switch, and AP built into one device.
pfSense is an open source router/firewall that's built on top of Linux/OpenBSD. It's pretty simple to setup as it has a nice GUI but it also supports a lot of advanced features. It basically can run on anything with a processor, memory, HDD, and a NIC. Now optimally you want something that has at least 2x GB Intel ports.
I have my pfSense currently running on a mini ITX computer with an i5-2500k as I had it laying around, but that consumes a little more power.
Some people use devices like this which are low power and fanless. Some people buy little boxes like this where you add your own RAM/HDD/SSD and it's also low power.
The only thing that sucks is that this stuff costs money. Even when you buy used gear, it's still not as cheap as buying generic stuff. You can go to Best Buy and get some crazy Nighthawk all in one device for $200-300.
With this route you're going to spend $200+ on a pfSense router/firewall, ~$30-100 on a managed switch, and $50-100 on an AP but you have much more control over your environment.
Or you could go with a Ubiquiti router/gateway/firewall for ~$100 and then add on a managed switch and AP.
Or some people buy a virtualization server and run their pfSense firewall on a VM. Decently equipped servers can be had for $200-500 when all said and done.
There's really a lot of options.
I work in an area of netsec and have my switch mirroring/SPANing all the traffic to Snort which sends all the alerts to a Splunk box. You can also run Snort directly on a pfSense box.
You want to get a processor that supports aes-ni. That will allow SSL acceleration (opnvpn) and is also being required as of pfSense 2.5 and up.
I would choose this machine and purchase an unmanaged switch for your devices.Hope that helps!
2nd edit; I
wasam an idiot... OK, Here you go. Under budget and should do what you need....You can use this Zotac Barebones PC w/ the Celeron N3150 processor that supports AES-NI. Add some RAM and a SSD. Finally a Managed 8 Port Switch.
1st edit; Did not realize that I linked a celeron ( thanks u/suziesamantha ) as I thought it was a j1900 processor and then realized that the bay trail's also don't have aes-ni support. Sorry for the wrong information. The router I built is based on the Atom Rangley chip. You can use this link to help find aes-ni support.
I bought one of these for $150 and threw in some RAM and an SSD to use as my pfSense box and have had no issues whatsoever. It's completely silent, power efficient, will easily do 100Mbps, and the processor supports AES-NI for VPN. The only reservation I had about it was the Realtek NICs, but I've had no issues with pfSense 2.3 on it.
Prior to that, I ran it virtualized under ESXi and had no issues there either.
You most definitely can. You would be supporting the devs, which is always a good thing. However, you can build a more powerful box yourself for cheaper. Use these parts:
Zotac CI323 (Intel 3150 Quad Core @ 1.6GHz) - $150
Crucial DDR3L (1x4GB - system supports up to 8GB - don't need that much for pfSense, but knock yourself out). - $18.
ADATA SSD 32GB (way overkill for pfSense, if you can find a smaller one, go for it) - $28.
Total is ~$200. There are no fans. No moving parts. Pulls probably 10W. I'm using a little Chinese box with the same processor, 4GB RAM, and a small m.2 SATA. Haven't had a single hardware issue. That setup really is perfect for pfSense.
https://www.amazon.com/ZOTAC-Quad-Core-Graphics-Barebones-ZBOX-CI323NANO-U/dp/B0179S50UU/ref=sr_1_1?ie=UTF8&qid=1468022008&sr=8-1&keywords=ci323
https://www.amazon.com/dp/B005LDLV6S/ref=twister_B00H8JVIKM?_encoding=UTF8&psc=1
https://www.amazon.com/ADATA-Premier-Upgrade-Solution-ASP600S3-32GM-C/dp/B009SKB5HA/ref=sr_1_3?s=pc&ie=UTF8&qid=1468022431&sr=1-3&keywords=ssd&refinements=p_n_feature_three_browse-bin%3A14027456011
Here is one option, however it's a barebone PC: you will need to add your storage and ram.
https://www.amazon.com/ZOTAC-Quad-Core-Graphics-Barebones-ZBOX-CI323NANO-U/dp/B0179S50UU/
Or this one, pick NO SSD | NO RAM: This comes with intel Quad LAN:
https://www.aliexpress.com/item/Eglobal-Barebone-mini-pc-J1900-Quad-core-4-LAN-1080P-12V-Mini-Desktop-Computer-300M-WIFI/32670582442.html
Edit:
I've been running VMs of pfSense, nginx reverse proxy, owncloud on a box from aliexpress, with a i5-5250, with 16GB RAM, a 256GB SSD, and ESXi 6. Although, I had to do some tinkering: mini-pcie -> to PCI-e cable + adapter -> Dual Intel NIC card. has been up for last 151 days... http://i.imgur.com/vuE1XzY.png
No I meant comparing the pi to other alternatives as a samba server, like a cheap intel box.
example: http://amzn.com/B0179S50UU
I've been using this Zotac Barebones for my pfSense firewall. It came in at around $200 after 4GB of RAM and a small SSD. It works great for my 100/100 connection and supports AES-NI.
Another option would be to go with one of their official appliances. The SG-1000 costs $149 and comes with pfSense installed.
https://www.amazon.com/gp/product/B0179S50UU/ref=oh_aui_search_detailpage?ie=UTF8&psc=1
is what I have.
PFSense does all this no problem. If you don't have an old computer, here is a new computer that works: https://www.amazon.com/ZOTAC-Quad-Core-Graphics-Barebones-ZBOX-CI323NANO-U/dp/B0179S50UU/ref=sr_1_1?ie=UTF8&qid=1479736533&sr=8-1&keywords=zbox
Add 4GB ram and some storage. Add more ports with a cheap switch if you don't need vlans. If you need vlans use a smart switch. Use your old router in access point mode for Wifi.
Notes: The wifi card is not pfsense compatible but if using pfsense it is not ideal to run internal wifi. Take the card out or just ignore it. The NICs are made by Realtek. They may give you a few headaches to work through.
> uBox-111
What about this one?
Intel N3150
https://smile.amazon.com/ZOTAC-Quad-Core-Graphics-Barebones-ZBOX-CI323NANO-U/dp/B0179S50UU/ref=redir_mobile_desktop?_encoding=UTF8&sa-no-redirect=1&th=1
need to manually update the Realtek NIC driver (https://forum.pfsense.org/index.php?topic=103841.75) if you want throughput above 200 Mb/s without watchdog timeouts and ignore the bitching about the SD card reader on boot but it supports AES-NI and is cheap and works great.
I picked up a Zotac Zbox a little over six months ago for my pfsense machine, and it's been running beautifully. Absolutely zero complaints so far. The price is just right, and the form factor is perfect for my needs.
https://www.amazon.com/dp/B0179S50UU/ref=cm_sw_r_cp_awdb_z5UMybQ3S3084
I'm running mine on a little Zotac zbox, just needed to add in a bit of RAM and a hard drive. Works like a charm :-) Currently running squid, snort, and surricata with no issues.
Just don't expect to have decent VPN performance, as the CPU in this doesn't support AES-NI, and it's quite a few generations old. You can look around for something with an N3150, which is only a year old at this point and supports AES-NI, the clock speed will be higher, quad-core, and it'll support more RAM all while keeping power consumption low. Also, the boards with this CPU can run fanless.
Here's one with dual-ethernet built in for only $150, still needs a HDD & RAM, but those are dirt cheap. http://www.amazon.com/ZOTAC-Quad-Core-Graphics-Barebones-ZBOX-CI323NANO-U/dp/B0179S50UU
Zotac zboxs are popular and a low end bare one box will run you about 200 in total https://www.amazon.com/ZOTAC-Quad-Core-Graphics-Barebones-ZBOX-CI323NANO-U/dp/B0179S50UU/ref=sr_1_1?ie=UTF8&qid=1469615562&sr=8-1&keywords=zbox
Zotac ZBOX
Crucial 8gig stick
Samsung 850 EVO
My previous Realtek NIC box was cutting my line speeds in half and had a fan, this box still has Realtek NIC but it's not slowing me a bit at 100mbs speeds, has no fan, and is barely breaking a sweat. It has AES onboard but I've not done anything to push that. WiFi appears unsupported but I'm okay with that for now.
Cheap enough for you?
> N3150
how about the Zotac ZBOX-CI323NANO-U. it has dual NICs & a WiFi adapter too. With N3159. Would this be a good platform?