In the last 2 weeks we’ve had 3 different IPFires go down. I need a monitoring solution that can notify me right away if something goes down, something that works off of a cellular connection that’s not dependent on the main internet connection / firewall / router.
What solutions or hardware do you guys have set up?
Also I’m getting quotes for new hardware, what specs or features do you guys look for? Who has the lightningwire labs machines vs custom built? Opinions?
Let me answer your question about HW.
The ‘standard’ requirements are stated in the wiki.
As a long time user of IPCop and IPFire I can give some recommendations:
The IPCop line started with the idea of using old HW for the internet gateway. This was a ‘nice’ approach for home installations. BUT
a device running 24/7 consumes to much energy on old HW
to build an up-to-date appliance you should use an up-to-date OS, which doesn’t support all outdated HW; see the stopped 32bit support in IPFire.
IPFire is mainly a networking appliance, so it is advisable to use real NICs for the interfaces.
Devices with good driver support are usually listed in the wiki.
This means to look for a main board with more than one NIC or with NICs attached by ‘fast’ hardware interfaces like PCI. A USB LAN adapter should be avoided, because of the more complex interface and possible problems in driver support.
The Lightning Wire Labs machines are the HW the main developpers ( and the founder of IPFire! ) are working with. The Mini Appliance is based on the APU boards of PC Engines, so you can use any adequate of these boards getting nearly the same support by IPFire.
In case of serious problems it is advisable to have an easy console access. My personal favourite here is a serial connection; physical interface is ‘minimal’ ( one plug ), serial devices were/are a standard for industrial system access and thus well-developed, …
As a summary, if you prefer Intel/AMD HW just take the LWL appliances as reference systems.
I find that the USB interface (2 and 3) is not good for anything that requires stability or reliability over long period of time. It is excellent to plug a storage device, do the copy/restore and then unplug it. Anything else is asking for trouble.
Looking on my preference for serial (RS232) interfaces for system console, there is just one more usuage for USB, the RS232-USB adapter. Most desktops/laptops lack a serial connection nowadays. But even with this you must check to get the right chip inside the adapter.
Were the failures all hardware related? If so, what failed and are these devices on any sort of power protection?
You can run consumer hardware for the most part. I personally run AM1 ITX builds for my Linux firewalls, some since 2015. Most of the money spent on the builds was for a good, hefty, efficient power supply, even the external ones. Same with any case fans. CPU coolers are passive. All are on battery backup. None have ever been shut down.
There are more “commercial” devices marketed out there, but I’m not sure they have any better hardware in them.