Tinkerisk:

 

Nope, not with everything turned on on a single Celeron CPU (I assumed someone will point to DPI, etc.) but you should compare to what is handled here so far. It‘s hard to emulate all the offloading stuff with software only and to compare to real enterprise equipment.

 

Thanks for the confirmation, yes I realise there is only a certain amount can be done via software in CPU, and that's why I want to make sure I make the right decision about what CPU to obtain!

Did a bit more reading last night on the Sophos XG firewall (free, home variant) and it seems that the same principles apply as when I last looked: for performance, you are better off with Intel E5 CPU than the desktop oriented i3/i5/i7 series. Unfortunately such CPUs in small package mini or micro hardware chassis (with lower TDP) are way less common and therefore more $$$. Atom & Celeron "need not apply".

 

The IDS/IPS will always break the bank in terms of computing power. Maybe you should think about another security strategy i.e. letting a ‚screaming server data center’ proxy handle the safety stuff for you and only getting the sorted out safe traffic into the house … ;-)

 

It‘s like in aviation - with enough horsepower any piano is capable to fly. But I assume you already knew that before you asked. My goal is: quiet, power saving, safe AND efficient.

 

Nice analogy thanks - I love the mental imagery of "sufficient" rockets strapped to a Steinway grand piano... 🤣

Primary use-case is actually to protect a bunch of Android & iOS devices, along with isolate "Internet of Things" devices that I can't trust as far as I can throw them (smart TV, gaming consoles, UDPs, semi-smart cleaning appliances etc). This is all easiest done by the router/gateway appliance. Yes, I'm aware certain things are best done away from home, as you say, and that everything is a compromise. I'm still reading and trying to find what will be the best compromise for my use-case. Appreciate the replies and input! Cheers, tU