www.homeseer.com    
 

Go Back   HomeSeer Message Board > General Home Automation > General Home Automation Hardware Discussion > Personal Computers

Personal Computers Discussion area for NON-HomeSeer related discussions on personal computers, hardware and operating systems.

Reply
 
Thread Tools Display Modes
  #161  
Old August 19th, 2017, 03:12 PM
Teken Teken is offline
Seer
 
Join Date: Aug 2017
Location: The Bad Lands
Posts: 52
Hello Pete,

I noticed this hardware doesn't state it supports Intels AES-NI encryption?!? What is the going price of this hardware?


Sent from my iPhone using Tapatalk
Reply With Quote
  #162  
Old August 19th, 2017, 03:31 PM
Pete's Avatar
Pete Pete is offline
OverSeer
 
Join Date: Jan 2001
Location: House
Posts: 15,288
It does support AES-NI encryption. It is on the low end and priced a bit too high right now at under $200 (just under) which is still too high for me.

The current warranty on it is 2 years. I dunno about this and it could be related to the eMMC. It does wear down over time.

Baby steps here...and really so what that Intel is making a deal out stating that AES-NI is included and making it sound brand new.

Many folks are having a hard time trying to figure out why Intel just didn't include AES-NI in the first place on some CPUs in the last few years where as AMD / ARM has included AES-NI all along.

Personally I am only one person here and tend to make mountains out of mole hills sometimes.

It's been presented to me like a restaurant menu and picking food a la carte. (from design pieces put together to make a nice meal of sorts )


Have a read over here:


Intel-Celeron-Processor-N3450-2M-Cache-up-to-2_2-GHz


Security & Reliability
  • Intel® AES New Instructions Yes *
  • Secure Key Yes
  • Intel® Trusted Execution Technology ‡ No
  • Execute Disable Bit ‡ Yes
  • Anti-Theft Technology No
  • OS Guard No

Intel makes it sound new where as it is only new for this SOC chip set. Everybody else has done it now for over 3 years.*

Most at home SOHO routers have not been typically utilized for multiple VPN tunnels.

Concurrently now you have entities (countries) trying to figure out how to block VPN tunnels cuz they cannot see inside of them. Tit for tat stuff.
__________________
- Pete

Automator

HS3 Pro & Lite Edition Beta 3.0.0.435

HS3 Wintel Touch | Ubuntu 16.04 64 bit | Oracle Windows Virtual Box ==> for Wintel only SAPI and HS3 plugins | Speech - Microsoft SAPI - Neospeech - Amazon Echo | Hardware | Haswell Intel iSeries 3 - 16Gb | Pine64 - 2Gb computers | Openpeak Intel Atom SoC tabletop touchscreens (15 HS tabletop tablets) | Touchscreens - Windows embedded POE connected |Light switches - X10,UPB, ZWave and Zigbee | Firewall - PFSense - 2 WAN plus 4 LAN interfaces | Network - Gb managed switches / POE WAP(s) | CCTV - Zoneminder IPHD cams - variety | Audio - Russound - AB8SS | Security - Leviton HAI Omni Pro 2 | Weather - Davis Vantage Vue - MeteoStick - WeeWx | 1-Wire - AAG, Midon and HB | OWFS - Mosquitto - Node Red - Python - RPi Stretch - OpenWRT

Last edited by Pete; August 19th, 2017 at 03:54 PM.
Reply With Quote
  #163  
Old August 19th, 2017, 03:53 PM
Teken Teken is offline
Seer
 
Join Date: Aug 2017
Location: The Bad Lands
Posts: 52
At the $200.XX price point what RAM & SSD does that offer?


Sent from my iPhone using Tapatalk
Reply With Quote
  #164  
Old August 19th, 2017, 04:16 PM
Pete's Avatar
Pete Pete is offline
OverSeer
 
Join Date: Jan 2001
Location: House
Posts: 15,288
Only 8 eMMC of soldered on memory, no RAM or SSD which is why I am making an issue out of it.

It is like when you purchase anything these days where you are shown the deluxe everything (like I did above) included package with prices starting at this and then when you ask everything is optional. The established NUC / nanoITX motherboard format has been around a long time. Same with AES-NI. It is not new such that many MFG have retooled their facilities a long time ago knowing this was coming but acting like it is new.
Reply With Quote
  #165  
Old August 19th, 2017, 04:40 PM
Teken Teken is offline
Seer
 
Join Date: Aug 2017
Location: The Bad Lands
Posts: 52
I have to agree it's frustrating to read *Sales Ads* for a product with all the bells and whistles. Only to find the model you're looking at is the bare bones version with nothing!!

I've been in contact with a few so called direct Chinese manufacturers of various nano ITX. Some have been pretty accommodating in RAM, SSD, WiFi, case size etc. While keeping a decent price point with shipping.

Others have been less than stellar to deal with in this regard and try to make up the upfront cost by sticking it to you via inflated shipping costs!!!

If there isn't any movement on this group buy I may consider making my own for a similar 4 port box. Based on initial contact with three direct vendors the minimum group buy is 10 units.

For me that seems like a pretty decent price break. It should be noted none of the vendors are capable of meeting a $100.00 USD price point in any meaningful configuration.

My basic requirement is Quad Core, 4 Intel ports, 8 GB RAM, 32 GB eMCC, 4 USB.

The specific version I choose had all of the above but included a 128 GB eMCC, with a larger case to support a extra SSD, WiFi, BLE.

All told with direct shipping to Canada was $334.40 CDN. This could have been a lot cheaper if I removed the WiFi, BLE, and used a 32 GB eMCC, and thinner case requirement.


Sent from my iPhone using Tapatalk
Reply With Quote
  #166  
Old August 19th, 2017, 06:32 PM
Pete's Avatar
Pete Pete is offline
OverSeer
 
Join Date: Jan 2001
Location: House
Posts: 15,288
For me that seems like a pretty decent price break.

Understood. I tend to push sometimes to extricate blood out of stones. That is me though. It is understood that they have to make monies.

Yeah here have ventured out of mainland China (virtually) and still staying in the Pacific Rim.

Shipping and monies has always been an issue or concern. I am not writing about this in a negative sense; rather that is the way it is type sense. It is always their money and their bank rules that get in the way of global stuff. Historically most reasonable shipping is using conventional shipping from China Post to US Post and it is fast versus anything else. There has been a push here of re shippers and that has caused delays here of up to a month which sucks.

I tested a new 8 drive NAS case a few years back and did the DIY on Serve The Home with pictures. It was only an 8 drive hot swap drive case that was hard to find and build. I didn't get really specific with the price and the shipping cost because the vendor had agreed to ship it to me almost gratis and sell me the product more to check it out than to sell it here (such that the price was OK). That and it did cost me to a la carte the device (power supply, memory, 4TB drives, LSi card et al - one piece at a time didn't really seem that expensive.)

I did get a nice price (under $100) for an almost barebones motherboard / CPU (no memory or mSATA or m.2Sata) for a J1900 with is old news now. The back and forth chatting did include much dialog but no mention of AES-IN; just PFSense every other sentence.

I may consider making my own for a similar 4 port box.

There have been other folks here on the Homeseer forum that that have done similar but just gone to Amazon and purchase the product via Amazon Prime.

Yeah here just going baby steps as I am doing this endeavor mostly pro bono and I already have a PFSense firewall with all of the bells and whistles. I just want something smaller than I can fit inside of my telco media can (Managed network, POE network, modem, power supply, punch panel, telephone managment, telephone VOIP such that the add of a firewall would be nice for my LAN (and WAN and Telco)) in a can solution (big at a Leviton 42" can and getting crowded a bit).

Last edited by Pete; August 19th, 2017 at 08:33 PM.
Reply With Quote
  #167  
Old August 19th, 2017, 06:33 PM
aptalca aptalca is offline
Seer
 
Join Date: Nov 2016
Location: Maryland, US
Posts: 53
Quote:
Originally Posted by Pete View Post
It does support AES-NI encryption. It is on the low end and priced a bit too high right now at under $200 (just under) which is still too high for me.

The current warranty on it is 2 years. I dunno about this and it could be related to the eMMC. It does wear down over time.

Baby steps here...and really so what that Intel is making a deal out stating that AES-NI is included and making it sound brand new.

Many folks are having a hard time trying to figure out why Intel just didn't include AES-NI in the first place on some CPUs in the last few years where as AMD / ARM has included AES-NI all along.

Personally I am only one person here and tend to make mountains out of mole hills sometimes.

It's been presented to me like a restaurant menu and picking food a la carte. (from design pieces put together to make a nice meal of sorts )


Have a read over here:


Intel-Celeron-Processor-N3450-2M-Cache-up-to-2_2-GHz


Security & Reliability
  • Intel AES New Instructions Yes *
  • Secure Key Yes
  • Intel Trusted Execution Technology ‡ No
  • Execute Disable Bit ‡ Yes
  • Anti-Theft Technology No
  • OS Guard No

Intel makes it sound new where as it is only new for this SOC chip set. Everybody else has done it now for over 3 years.*

Most at home SOHO routers have not been typically utilized for multiple VPN tunnels.

Concurrently now you have entities (countries) trying to figure out how to block VPN tunnels cuz they cannot see inside of them. Tit for tat stuff.
Yup, that's why I looked at a lot of boxes and decided on building my own.

I got the asrock j3255-itx for $59, it's apollo lake and supports aes-ni
Also got an Intel dual nic pci-e card (~25$)
Put it in a cheap case with built in psu (~$60)
Added a cheap 40GB ssd
And I already had some ddr3 ram lying around.

The whole thing cost me around $200

I use vpn for my whole internet connection. I can easily saturate my 50mbps with encrypted traffic and the cpu usage hovers at around 20%. Mine is dual core, and I'm sure the quad core version handles significantly higher traffic
Reply With Quote
  #168  
Old August 19th, 2017, 06:51 PM
Pete's Avatar
Pete Pete is offline
OverSeer
 
Join Date: Jan 2001
Location: House
Posts: 15,288
Personally here have historically enjoyed DIY built my computers; well and firewalls.

I do savor the time building the boxes piece by piece.

I have documented many of those builds right here on Homeseer over the years.

That and IT automation / SOHO stuff is more of a hobby than related to work I have done.

I did start automation though here using enterprise Cisco everything (which was a bit much for the home) because that is all I was familiar with; well and HP enterprise servers type stuff.

You could hear the stuff in the basement from the main floor of the home and the lights would flicker here when turning on stuff. Concurrently always looked for cheaper faster stuff that I could use at home.

The documented Zoneminder box here ==> Zoneminder Ubuntu Server Installation with ZMXAP,MCSXP & X10

I posted this in 2010 (7 years ago). xAP was being utilized for a bunch of stuff back then and it ran on Linux just fine (well and it does today). This was probably 3rd hardware build of a Zoneminder box (which originally was an analog NVR and I had to hand build the Zoneminder OS. I have now reduced the footprint some removing the analog 8 chip capture card) and I am up three revisions from this box. I did take pictures a bit at a time of the build. Well and used the build as an excuse to update my digital camera. Not really in to taking pictures here with my smartphone.

The NAS box I mentioned earlier was the end box of a few DIY boxes I built in to tower cases with much room for drive cages at the time. Finally I thought it would be nice to build a NAS in a NAS box. It is using an mITX board and I have extended the PCiE to the top of the case with the LSi card. Very tight and not for a novice DIYer.

This is a small forum of a collection of folks that have been automating with Homeseer from the late 1990's to a collection of folks automating for the first time. I have only done similar once in the last 20 years (group purchase). Personally just did a bulk purchase of a widget and packaged it one by one or two as one charging for USPS shipping and nothing much for time involved in shipping. I did this as a give back to the Homeseer users more than anything at the time.

Last edited by Pete; August 19th, 2017 at 07:26 PM.
Reply With Quote
  #169  
Old August 29th, 2017, 11:26 AM
adanchenko adanchenko is offline
Seer
 
Join Date: Jul 2016
Location: Florida
Posts: 26
I bought on ebay a thin client - "HP T610 Plus" for $60-and-change (with free shipping) and added a $20 HP NIC (bought on amazon, with free shipping as well). This thin client has a 16gb ssd and 4gb ram, which is more than enough for pfsense. Installed it and in couple minutes I have a corp-level firewall, no problems whatsoever..
Reply With Quote
  #170  
Old August 29th, 2017, 12:12 PM
Pete's Avatar
Pete Pete is offline
OverSeer
 
Join Date: Jan 2001
Location: House
Posts: 15,288
Very nice!!!! Good price!!!
Reply With Quote
  #171  
Old August 29th, 2017, 03:05 PM
logbuilder logbuilder is offline
Seer Master
 
Join Date: Nov 2016
Location: Pacific North West
Posts: 676
An update. I got impatient and went my own way. I ordered and have received a fanless mini PC. 8 GB ram, 32 GB SSD, I5, 4 intel ethernet ports, 4 USB ports, HDMI. I have it installed and am now learning about pfSense and how to configure. I'm going the route of having the pfSense box with three routers each attached on a unique subnet. I'm moving from a single 192.168.0.xxx to a 10.0.1.xxx, 10.0.2.xxx, 10.0.3.xxx structure (trusted, semi-trusted/guest, IOT devices). I first heard about this architecture on a podcast by Steve Gibson called Security Now. It made a lot of sense to me given my network.

Also, I am on a metered satellite connection with a monthly data cap so I want to make sure no devices are going outside my network unless I know about it. I certainly don't trust my cameras with all the recent news about them being hacked. Turns out that is creating a whole new set of challenges - being able to see all traffic on the WAN at the IP level. I'm getting there but dang it is a challenge. I love a good challenge. Should keep me busy for several weeks.
Reply With Quote
  #172  
Old August 29th, 2017, 04:08 PM
Pete's Avatar
Pete Pete is offline
OverSeer
 
Join Date: Jan 2001
Location: House
Posts: 15,288
Good news logbuilder!!!

Do you have a serial port on the fanless mini pc?
Reply With Quote
  #173  
Old August 29th, 2017, 05:57 PM
logbuilder logbuilder is offline
Seer Master
 
Join Date: Nov 2016
Location: Pacific North West
Posts: 676
Quote:
Originally Posted by Pete View Post
Good news logbuilder!!!

Do you have a serial port on the fanless mini pc?
Yep but I'm not using it. Is there a good use for it? My monitor is HDMI and I have a USB keyboard. But now, all I seem to use is the web interface. Its nice.
Reply With Quote
  #174  
Old August 29th, 2017, 06:01 PM
waynehead99 waynehead99 is offline
Super Seer
 
Join Date: May 2015
Location: Colorado
Posts: 1,982
Quote:
Originally Posted by logbuilder View Post
An update. I got impatient and went my own way. I ordered and have received a fanless mini PC. 8 GB ram, 32 GB SSD, I5, 4 intel ethernet ports, 4 USB ports, HDMI. I have it installed and am now learning about pfSense and how to configure. I'm going the route of having the pfSense box with three routers each attached on a unique subnet. I'm moving from a single 192.168.0.xxx to a 10.0.1.xxx, 10.0.2.xxx, 10.0.3.xxx structure (trusted, semi-trusted/guest, IOT devices). I first heard about this architecture on a podcast by Steve Gibson called Security Now. It made a lot of sense to me given my network.



Also, I am on a metered satellite connection with a monthly data cap so I want to make sure no devices are going outside my network unless I know about it. I certainly don't trust my cameras with all the recent news about them being hacked. Turns out that is creating a whole new set of challenges - being able to see all traffic on the WAN at the IP level. I'm getting there but dang it is a challenge. I love a good challenge. Should keep me busy for several weeks.


Your vlan setup is similar to mine and it works well. I have 3 right now, but might add more.

1. Trusted (all internal computers)
2. Cameras, I block them completely from the internet and have a pinhole in the firewall to the main vlan for viewing. I use HSTouch to proxy view them remotely.
3. Guest/iOT, access to only the internet and nothing internal. All my echos and streaming devices sit on this network.

I run a PBX in the house too utilizing SIP and plan to move this to its own vlan just to help with QOS.

It's worked really well and is much more secure.
Reply With Quote
  #175  
Old August 29th, 2017, 06:01 PM
Kerat Kerat is offline
Seer Master
 
Join Date: May 2016
Location: Colorado USA
Posts: 745
PFSense Firewall Group purchase interest

That sounds like a sweet rig. You should be able to accomplish:
1. An internal network
2. A guest network with internet access only
3. IOT Device - no internet access and only allow access to your NVR on the appropriate port

Using a managed switch, and an enterprise wireless AP (I recommend Ubiquiti- but note that enterprise APs have a learning curve). You would need to configure ACL lists, 3 VLANS, default routes, and a DHCP server with access to the three VLANS.

PFblockerNG is your friend when it comes to blocking outbound/inbound traffic. @Pete steered me to it and I love it. With it, You can create rules that block known ad, spam, malicious, and telemetry sources by default with IP lists that you can have continuously update from known reputable sources. You can also create dns black lists that deny dns queries to know ad, spam, telemetry, and malicious sites based on known reputable DNSBL lists. This configuration would follow very closely to what was done with the Pi-Hole Project.

Sent from my iPhone using Tapatalk

Last edited by Kerat; August 29th, 2017 at 06:27 PM.
Reply With Quote
  #176  
Old August 29th, 2017, 06:14 PM
Pete's Avatar
Pete Pete is offline
OverSeer
 
Join Date: Jan 2001
Location: House
Posts: 15,288
Is there a good use for it?

A GPS / PPS connection would give you good time sync.

Homeseer peer here is using hughes satellite and his time sync is always off a bit.

Here network ports are divided to two WAN and four LAN ports.
Reply With Quote
  #177  
Old August 29th, 2017, 06:40 PM
Blade's Avatar
Blade Blade is offline
OverSeer
 
Join Date: Aug 2003
Location: Ontario Canada
Posts: 7,431
Quote:
Originally Posted by logbuilder View Post
An update. I got impatient and went my own way. I ordered and have received a fanless mini PC. 8 GB ram, 32 GB SSD, I5, 4 intel ethernet ports, 4 USB ports, HDMI. I have it installed and am now learning about pfSense and how to configure. I'm going the route of having the pfSense box with three routers each attached on a unique subnet. I'm moving from a single 192.168.0.xxx to a 10.0.1.xxx, 10.0.2.xxx, 10.0.3.xxx structure (trusted, semi-trusted/guest, IOT devices). I first heard about this architecture on a podcast by Steve Gibson called Security Now. It made a lot of sense to me given my network.

Also, I am on a metered satellite connection with a monthly data cap so I want to make sure no devices are going outside my network unless I know about it. I certainly don't trust my cameras with all the recent news about them being hacked. Turns out that is creating a whole new set of challenges - being able to see all traffic on the WAN at the IP level. I'm getting there but dang it is a challenge. I love a good challenge. Should keep me busy for several weeks.
This sounds great. I would love to know which mini PC you ended up getting
__________________
Cheers,
Bob
Web site | Help Desk | Feature Requests | Message Board
Reply With Quote
  #178  
Old August 29th, 2017, 07:37 PM
Monk's Avatar
Monk Monk is offline
Seer Master
 
Join Date: Jan 2009
Location: USA
Posts: 860
Quote:
Originally Posted by logbuilder View Post
An update. I got impatient and went my own way. I ordered and have received a fanless mini PC. 8 GB ram, 32 GB SSD, I5, 4 intel ethernet ports, 4 USB ports, HDMI. I have it installed and am now learning about pfSense and how to configure. I'm going the route of having the pfSense box with three routers each attached on a unique subnet. I'm moving from a single 192.168.0.xxx to a 10.0.1.xxx, 10.0.2.xxx, 10.0.3.xxx structure (trusted, semi-trusted/guest, IOT devices). I first heard about this architecture on a podcast by Steve Gibson called Security Now. It made a lot of sense to me given my network.

Also, I am on a metered satellite connection with a monthly data cap so I want to make sure no devices are going outside my network unless I know about it. I certainly don't trust my cameras with all the recent news about them being hacked. Turns out that is creating a whole new set of challenges - being able to see all traffic on the WAN at the IP level. I'm getting there but dang it is a challenge. I love a good challenge. Should keep me busy for several weeks.
The Security Now Podcast is what got me motivated as well. Using the ~50.00 router I do a lot but not as much as a Pf-sense device.
https://www.amazon.com/gp/product/B0...?ie=UTF8&psc=1
Reply With Quote
  #179  
Old August 29th, 2017, 08:03 PM
logbuilder logbuilder is offline
Seer Master
 
Join Date: Nov 2016
Location: Pacific North West
Posts: 676
Quote:
Originally Posted by Blade View Post
This sounds great. I would love to know which mini PC you ended up getting
This one except with 32GB.

https://www.amazon.com/gp/product/B072Q872V9
Reply With Quote
  #180  
Old August 29th, 2017, 09:56 PM
Kerat Kerat is offline
Seer Master
 
Join Date: May 2016
Location: Colorado USA
Posts: 745
Quote:
Originally Posted by logbuilder View Post


That is a sweet rig. And it comes with Intel onboard controller NICS!!!


Sent from my iPhone using Tapatalk
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Using UltraLog3 HSPI Syslog with pfSense Firewall 2.3 Ultrajones UltraLog HSPI 0 February 21st, 2015 06:36 PM
PFSense VPN Tunnel Use Pete How-To's 0 August 21st, 2014 07:09 AM
TI203-RS232 group purchase (Aus TI103) Jumpyj HomeSeer X10 Plug-in 0 December 18th, 2013 05:54 PM
Potential Purchase Interest sckoman ISY Plug-in Beta (3P) 0 December 26th, 2008 05:44 PM
Louisville Group Interest fireball LUG General Discussion 17 February 27th, 2005 02:36 PM


All times are GMT -4. The time now is 09:52 AM.


Copyright HomeSeer Technologies, LLC