I'm searching for new firewall hardware and came across the PC Engines APU boards. The APU.2E4 and the APU.4D4 look promising.
I'd like to run this box in a small network. It would have a WAN interface, a VLAN tagged interface and a DMZ interface. In the DMZ would be a NAS and a DNS. I'd like to run Suricata which should monitor the DNS and the SMB traffic of the NAS. In addition, I'd like to monitor the WAN for various traffic. As operating system a light weight Debian installation with no additional services could be used running iptables or nftables.
My question are:
1. Are these APU devices capable of handling 100 MBit Download and 40 MBit upload when running Suricata?
I found mixed opinions. Some seem to indicate that this is too much for the small CPU, some seem to indicate it works.
2. If they are capable, would the APU.2E4 with the Intel 210AT NIC have any benefits over the APU.4D4, since it has a better NIC?