What is the reason to buy Protectli Vault 4 port Firewall micro appliance/mini PC? The 4 Port Vault is ideal for small teams & companies. This Vault features 4 Ethernet ports, as well as AES-NI. Protectli optionally offers to get open-source device firmware coreboot for your hardware for maximum security, transparency, and auditability. For an additional layer of security, Protectli will soon offer secureboot in conjunction with coreboot. Reveal more in Protectli Vault 4 port Firewall micro appliance/mini PC review.
The Vault has been tested with many of the most popular open-source software firewall solutions. Compatibility includes pfSense CE, untangle, OPNsense, VyOS, Security Onion, VyOSm, CentOS 7, *BSD, Linux, Windows and others.
Protectli Vault 4 port Firewall micro appliance/mini PC specs
Chassis
Chassis Description Fanless, Aluminum, Black
Dimensions 5.3 x 5.1 x 1.5 in, 134 x 130 x 39 mm
Mounting Options Desktop, VESA
Weight 1.25 lbs, .57 Kg
Shipping Weight 2.75 lbs, 1.25 Kg
Max Power 18W
Processor
CPU Intel Atom E3845 (64 Bit, 1.9GHz, 4 Cores, 4 Threads, 2MB L2 Cache)
GPU Integrated Intel HD Graphics
AES-NI Supported
Memory and Storage
RAM 1x SO-DIMM DDR3L-1333, 1.35v, Max 8GB
Storage 1x mSATA SSD, Max 1 TB
Optional Storage 1x Internal SATA Header
External I/O
Networking 4x Intel Gigabit Ethernet, RJ-45
USB 1x USB 3.0, 1x USB 2.0
Wireless Optional 802.11b/g/n WiFi Kit (Protectli P/N: WAP01K)
COM Port 1x RJ45 COM Port
Display 1x VGA
Power Input 12V DC (5.5mm x 2.5mm barrel), Illuminated Power Button (Blue)
Power Indicator 1x Power LED (Green)
Activity Indicator 1x HDD Activity LED (Red)
Internal I/O
SATA 1x Internal SATA
Wireless Optional 802.11b/g/n WiFi Kit (Protectli P/N: WAP01K)
CPU Fan Header 1x CPU Fan Header
Wireless Socket 1x MINI PCIe only for optional Protectli WiFi Kit
Peripherals and Accessories
External Mounting Bracket 1x VESA mounting bracket for monitor or wall
Power Supply 12V / 3.33A Switching Power supply (110-240V @ 50-60Hz)
Power Cord US Power Cord (NEMA 5-15P, IEC 320 C13/C14)
SATA Cables N/A
Serial Cable 1x RJ-45 to DB9 Serial Cable
Protectli Vault 4 port Firewall micro appliance/mini PC review
Design
Looking at the physical unit, it is simply a small hunk of metal. It is slightly larger than a classic Intel NUC at 5.3 x 4.9 x 1.4 in and 1.25lb.
VESA
There is a VESA bracket and serial console port available as well. It would have been nice to get a CAT5 or CAT6 short run cable, but we understand why one was not included.
Connectors
The front of the unit has an interesting array of ports. There is a VGA port, a USB 3.0 port, and a USB 2.0 port along with a power button. One can also find a serial COM port via RJ-45.
The rear of the unit has the power in via an external 12V power adapter that is included. There are simple LED lights and then the big feature, four Intel-based 1GbE LAN ports.
Processor and memory
The Vault offers reliable high-quality performance. It’s equipped with an Intel Quad Core Celeron J3160 CPU, 64 bit, and goes up to 2.2GHz. It also comes with AES-NI hardware support.
This model comes with 4GB DDR3L RAM and 32GB mSATA SSD storage. If you need to, however, you can upgrade to 8GB.
Protectli Vault 4 port Firewall micro appliance/mini PC Performance review
pfSense loading performance is something that we know our readers are interested in. Power on to pfSense being fully online at the console screen and the web UI working takes about 90 seconds.
Given this product segmentation, we tried two easy pfSense scenarios: NAT performance with basic firewall rules blocking lists of IP ranges and OpenVPN performance. We used iperf3 to measure performance.
The OpenVPN case we were nowhere near wire speed since scaling is CPU limited. Being fair here, many users do not have a link capable of saturating 100mbps even. Also, many times this is fine for site-to-site connectivity or remote access. If you want faster speeds, IPsec offers more performance.
In the basic NAT example, we see the expected performance on a 1Gbps network. The use case where you have this appliance as your local firewall translating internal IP requests to external IP ranges and blocking IP ranges based on lists in the process seems to work well.
Build Overview
- Step 1: Install the hard drive and RAM into your Protectli 7100 i3 Vault.
- Step 2: Install ESXi onto your USB drive. ESXi 6.5 does not recognize the ne1000 drivers that the Protecli Vault uses and will show “No Network Adapters” when you try to install it. To fix this create a custom ESXi iso with the drives loaded using the guide on virten.net. Or you can use ESXi 6.0 and have no issues. We like to take the hard way.
- Step 3: Map your network. For the sake of testing we do have the ESXi management interface accessible from the LAN but is something that we remove when going into production for the sake of security. The only way to access the ESXi management subnet is through a physical connection. Physically we have three things plugged into the Vault: ISP Modem -> Vault (WAN), LAN Switch -> Vault (LAN), Wireless Access Point (DHCP turned off) -> Vault (OPT 1).
- Install pfsense
- Install ELK and send pfsense syslog data to it.
Alternate of Protectli Vault 4 port Firewall micro appliance/mini PC
Ubiquiti Unifi Security Gateway
The Ubiquiti Unifi is an affordable hardware firewall/router solution for homes and small businesses. In fact, the relatively decent price paired with its ease of use and versatile features led us to vote this option the best choice for home use. It supports Gigabit Ethernet speeds, while routing and monitoring traffic before it reaches the router.
The Ubiquiti offers reliable performance and fast speeds. It can handle 1 million packets per second for 64-byte packets, while it has a 3 Gbps total line rate for packets which are 512 bytes or more.
The Ubiquiti Unifi Security Gateway offers good value for your money, as it’s both affordable and advanced. It serves as a hardware firewall and router at once. It’s suitable for home and small offices, as it has 3 Gigabit Ethernet ports and CLI management for advanced users.
This hardware firewall features secure off-site management and monitoring. You place the Ubiquiti between your local wireless router and your internet connection cable so it can route and monitor traffic. You can adjust the firewall settings, which include Deep Packet Inspection (DPI), Intrusion Detection (IPS/IDS), and versatile QoS features. This can help prevent online threats, find out which apps use the internet and to what extent, and so on. In a nutshell, the Ubiquiti keeps the devices in your network secure and protected. You can also create VLANs.
This device offers remote management and monitoring via the UniFi Controller, UniFi’s Graphical User Interface. If you have other UniFi devices in your home or office, such as another router, access point, or switch, you can use the UniFi Controller software to manage all devices from one place. This will make it even simpler to manage your network from one place.
One drawback is that the unit uses the 802.11b wireless standard, which is an older WiFi standard and may slow down your bandwidth. Plus, the CPU is an older model.
Lastly, the Ubiquiti features silent, fanless operation. This means that you won’t be bothered by any noise in your home.
Editor’s recommendations
- Acer Chromebox CXI3-UA91 mini PC review – how to do RAM upgrade?
- Ryzen 5 Pro Mini PC – is it good for gaming?
- UM250 mini PC AMD Ryzen 5 Pro 2500U review
- Beelink SEi8 Intel Core i5-8259u review – can you do RAM SDD upgrade?
- Beelink SEi10 mini PC windows 10 Pro review – does it have Intel Comet Lake i3-10110U?
