Slashdot Mirror
Chipset Integrates Gigabit Ethernet, RAID, Firewall
EconolineCrush writes "Tech Report has a review of NVIDIA's latest Athlon 64 chipset, the nForce3 250Gb. The 250Gb is especially interesting because it's the first core logic chipset to integrate a Gigabit Ethernet MAC, hardware-accelerated firewall, and RAID across four Serial ATA and four "parallel" ATA devices. NVIDIA is even working with third party developers to help their software take advantage of the chipset's hardware firewall components. Looks like we've reached a point where chipsets will differentiate on features more than performance."
Now that motherboard chipsets for athlons don't use a memory controller (the 64 bit ones have em on the chip processor) is that why we're starting to see all this stuff integrated into the motherboard?
Photos.
It sounds nice except for the firewall which strikes me as misplaced. I do not want firewall duty being handled by my new systems, I would much rather have it handled by a nice router or really outdated system in a closet.
vampirical
How will we be able to patch it?
--- Grow a pair, liberals... stop letting the Republicans bully you!
Will any one from OSS support it? Because all there video drivers are Tainted module
Maybe Sun is not the first but its a core part of their ideology. This link to OS News has a link and discussion about this.
Your CPU is not doing anything else, at least do something.
But... Does it run linux?
:) I could actually have 8-12 in this machine and it be justified.
Cause if it's like the early nforce boards, I was much better off with Via's stuff.
Nvidia's great suff, but I just haven't been impressed with their provided drivers yet. Comparing several build ATI+VIA systems to Nvidia core systems, I have far less problems, hassles, and overall better performace out of the ATI+VIa ones.
Like take the Asus offerings. The A7NX's rocked, but the nforce eqivalent.. sure it had like extra nic's, and other goodies, just didn't hold pace with a clean linux kernel and 3 gig's of ram.
I switched the $150 nforce chipset board with a $60 Via, and ended up with a MUCH better high end workstation.
Of course, I guess not everyone needs 3 gigs of ram.
-=fshalor
It's an integrated hardware firewall. I RTFA'd and it seems pretty cool. It starts up along with your system, so you don't have to worry about malware infecting your system during the short period between booting your system and the operating system and necessary drivers loading up. It also has a software interface reminiscent of Smoothwall and has several security profiles available for those unfamiliar with firewall configurations, but there is also a command line interface. Combined with those nifty antivirus features in the new athlon 64 chips, you've got yourself a pretty secure box.
"NVIDIA is even letting third-party software developers take advantage of the nForce3 250Gb's dedicated firewall hardware."
It doesn't say that they've published the necessary APIs and/or documentation for taking advantage of this feature, only that they're "letting" people take advantage of it. Does this mean it will remain closed and non-free like the nForce ethernet driver on previous chipsets? While they do release a "tainted" Linux driver, they don't allow groups like the OpenBSD project access to the documentation in order to write their own driver.
All that hardware off-loading of processing from the CPU is not going to benefit everyone unless they freely provide documentation for using it.
Here's hoping they release the necessary documentation instead of hoarding it like Intel has done with their on-NIC IPsec off-loading.
Other than that, I really like the integrated firewall for two reasons:
1.) It starts before the OS would have the ability to start a firewall
2.) It (apparently?) works regardless of OS (that's a big question mark)
Someone is WRONG on the Internet!
Onboard audio I don't really care for
I thought the same as you.. but ever since I got my Asus A7N8X Deluxe, I've changed my mind about onboard audio. This baby has an amplified main output, 6.1-channel dolby digital capability, and an SPDIF output, onboard!
It also has *2* NICs onboard, an SATA controller (with RAID), Dual channel DDR 400mhz memory controller, AGP8x, 6 USB2.0 ports, 2 Firewire ports (both 4 and 6 wire), and something I thought had long gone missing from PCs: the midi/joystick connector!
This motherboard has everything, and the kitchen sink (the bus is actually 8-bit HyperTransport v1.0 from what AIDA32 claims), and it's ROCK SOLID stable.. what more could you ask.. oh yeah, it's relatively cheap too.
(Disclamier: I have nothing to do with Asus, just a very satisfied customer)
DJ kRYPT's Free MP3s!
I think we reached that point long ago. The chipset performance difference is often less than 5%, and usually less than 2%. Are you going to notice that in day-to-day activities? Not likely. Chipset loyalties, features, past experiences, these are the things that matter. After 2 years of rock solid performance on my Nforce 1, I would have to be hard pressed to switch to Via if they had a performance difference. Plus Nvidia's drivers generally work, and they try to make drivers that work no matter what board you have, just like their graphics cards.
Not that I'm a die-hard Nvidia chipset fan. At the time I bought the board two years ago, however, only the Nforce board provided all the features I wanted at the budget I was shooting for. The integrated video isn't horribe either, unlike Intel's Extremely Nasty solution.
Differentiating on features more than performance? I thing the legions of Small Form Factor junkies kind of make the argument that that bridge was crossed quite a while ago. They settle for less performance, and practially all reviews of those boxen focus on the features, and less on performance.
Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
> The big question is, will all this stuff, half of which I will never use, slow down my computer?
No, if anything it will be arguably faster than traditional north/south-bridge pairs.
The unofficial
Maybe they're trying to hide the fact that most "RAID" these days is actually just software RAID implemented in the driver.
Oh come on, its nothing like what Microsoft does. Microsoft uses underhanded tactics to search and destroy any company that they think they can take over and profit from. These guys added a logical feature (a firewall), and made a logical progression (from 100base to gigabit ethernet).
You say security is what you look for in a motherboard - how is this motherboard, with a well designed, built in, hardware level firewall, any less secure than any other motherboard that is the same except for the firewall. Or are you complaining about the SATA? Motherboards with SATA should be banned, and we should all still stick with ATA alone? Or maybe its the onboard RAID? Or is 100base onboard ethernet somehow better than GB?
The more I think about it, the more I realize that I shouldn't respond to this at all, but should have given you a -1:Flamebait. I mean if " Security, stability, and performance are the top features I look for in a motherboard", then RTFA and notice that performance is ahead of its class, and its very stable, not to mention the extra steps taken for security. Hopefully some mods will take care of this.
is it's ability to overclock. This is the first confirmed chipset with pci lock and agp lock.
NJ Local Music Scene
I realize you were making a joke but it reminded me of something that I think a lot of people around here will find interesting and intriguing. Check out the briQ. It's an entire PowerPC-based computer that has been squeezed into a 5.25" chassis (the size of an optical drive). So, while you can't have a Mac (per se) in your PC, you can have a computer that can run Mac OS. How freaky is that?
If it's as bad as the rest of nVidia's Linux support, it's nothing to be excited about. nVidia's drivers taught me why open source drivers are so important.
And they're "good" about Linux support. That just underscores why open drivers are a must.
Any home user doesn't need a hardware accelerated firewall. Windows XP comes with a simple firewall that handles this kind of stuff with ease. The only rules a home users needs are block every port, and maybe let a few through, nothing fancy. Additionally, this'll apply only to about 4 megabits of bandwidth at most, considering the speed of even the fastest broadband residential connections.
This may just be somehting that the people at compusa can read off the tag. "Integrated firewall firewall for increased security". Either that or another feature for power users to tick off. Possibly similar to how pentium ads talk about optimization for streaming internet video when any processor made after 1997 can stream anything on the net today.
Photos.
No difference between an Asus and an Abit motherboard?
From the numerous Abit NF7-M and Asus A7N8X-VM motherboards I've used to build all of the office machines for some time, I can tell you that there's a BIG difference between an Abit and an Asus motherboard:
The Abit works.
Now, I know, that sounds a bit cynical. And I can't say that none of the Asus boards have worked. But I *can* say that the Asus boards have been quirky, odd, and just plain wankery. The Abit boards have been solid, reliable, and terrific.
As an example, I've had to add a PCI NIC to most of the Asus boards. The onboard LAN is just too flaky. I've watched as users rebooted, only to have their onboard NIC disappear, even though still enabled in the BIOS.
I'm by no means anti-Asus. In fact, the Asus boards have some tweaks in the BIOS that I really like. But my time is valuable, and the Abit boards take a lot less of my time.
steve
Oh, you're not stuck, you're just unable to let go of the onion rings.
I also used to hate onboard audio... but all motherboards that use the Nforce/Nforce2 chipsets quickly changed my mind, enough so that I sold my creative soundblaster live because I didn't need it anymore. I like having a freed up pci slot and less clutter in the case. Not to mention the onboard audio on my Abit board using Nforce2 had one hell of a gui to control all the features. Nvidia does a great job with drivers, and their onboard sound is no different. I did have another Abit board using the nforce1 chipset, and the onboard nic started acting up so I had to turn it off in the bios. I knew 3 other people with the same board that eventually had the same thing happen. Eventually, the whole board started acting up... so having things onboard isn't always a great idea, especially if one of those things goes bad.
No. Think of it as a co-processor.
A hardware firewall implementation is intended to allow firewall software to process data at a much faster rate. Higher packet matching and filtering rates and less load on the CPU itself.
There are several such co-processing units available for encryption already. Just because you install a security co-processor doesn't mean your system is secure.
With Gigabit networks, it is very handy to be able to offload functions like packet matching to a chip other than the main processor. Even a with a very fast main processor, you will notice a severe system load with a complex firewall ruleset and a traffic load that can theoretically hit 120MB/s.
This is one of the reasons that ultra-high end routers and firewalls are so much more efficient at handing large traffic loads... they have processors specifically designed and dedicated to processing Ethernet/IP/whatever traffic.
My real question is how open is the spec? I would love to see security co-processor support in the Linux kernel. The Linux kernel is still lagging behind Free/OpenBSD in that it will not make use of crypto cards.
Do more firewalls make a more secure machine?
Yes.
It is clear that edge firewalls are not sufficient. A network with squishy insides is doomed the first time some "salesrep" wanders in from who-knows-where and plugs his broken, virus ridden, misconfigured, obsolete laptop into your switched network. Every cotton pick'n host connected to a network needs a basic stateful packet filter, and wouldn't it be nice if it was entirely OS independent?
There will be a firewall built into your chipset, your OS, your router...
Nothing wrong with that. Since when has choice been a problem? If it's responsible for passing packets it should have a means of filtering them. A simple principle, really.
A basic stateful packet filter (a.k.a firewall) is a fairly simple, well understood mechanism. Firmware is the ideal place to implement it. It will work regardless of which operating system is installed/upgrade/misconfigured. It will work before the OS boots! Many good commercial firewalls are based on only low-power embedded CPU's and flash memory, yet provide very comprehensive firewall functions, multiple interfaces with complex routing, VPN, SNMP, etc.
Maw! Fire up the karma burner!
Yes, assuming. Read up on Intel's plans for future motherboards and you'll find that lots of slots (or any slots) may not be on the menu. The idea is to produce machines with enough on-board I/O to serve the needs of the majority of users, and keep board costs down as much as possible. Slots will eventually become a luxury that you have to pay a premium to get.
And from a maintenance standpoint, I disagree with you. Yes, motherboards are cheap, but there's a considerable difference in the labor required to swap out a motherboard, and replacing a single card. That may not be important to you or me, but to a user that is dependent upon his local computer store (or a large corporation that has limited IT resources) it can be. Yes, you can just shotgun the entire motherboard, but the odds of the new one being register-compatible with the old one are low, and given that current Windows OSes aren't particularly drive-portable you're probably screwed.
A decent sound card goes for $30 and a decent NIC for $5 nowadays, so you really aren't saving much by going with onboard I/O. The idea is to save computer makers money, not necessarily to provide you with a better or more maintainable product. One of my favorite older motherboards was Abit's KT7A-RAID: no sound, no network, no video, just a bunch of PCI slots, AGP, and even an ISA slot. Their thought was that they were selling to people that wanted control. Ended up being one of the best boards I've ever owned.
The higher the technology, the sharper that two-edged sword.
MS and Phoenix are planning to incorporate several features including TCP/IP in the BIOS. With the prospect of an onboard firewall, nVidia may very well be both ahead of its time and an (un)intentional partner with MS and Phoenix.