topic Re: firewall utilisation very high in Network Security

firewall utilisation very high

Elango Murugan — Mon, 11 Mar 2019 08:57:53 GMT

Hi recentely i am facing problem in enterprice pix firewall.its goes up to 95

%.what is the average cpu utilisation and maximum utilisation for pix 525 series.

Re: firewall utilisation very high

a.kiprawih — Sat, 18 Nov 2006 18:33:36 GMT

A sudden increased of cpu utilization/processing can be anything, i.e PIX handling simultaneous/thousands of attack like DoS/DDoS, viruses, unreachable external syslog server and so on. Hard to pinpoint exact reason, but you need to check the PIX, i.e log entries for a clue, connection (who has highest no of connection and using which port, like 1 IP having hundreds of connected ports) and many more.

CPU utilization depends on how intensive of traffic inspection need to be performed by PIX. Basically, PIX handling bigger network with thousands on of clients probably has higher CPU utilization compared to smaller network with small no of traffic.

But at any time, it probably should not exceed 40% or even less.

HTH

Re: firewall utilisation very high

Patrick Iseli — Sun, 19 Nov 2006 01:18:35 GMT

Take a look at this guide.

Monitoring PIX Performance:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008009491c.shtml

General Troubleshooting Technotes:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_tech_notes_list.html

hope that give a starting point.

sincerely

Patrick

Re: firewall utilisation very high

lbhoang — Mon, 20 Nov 2006 15:00:16 GMT

When you experience high CPU utilization on your PIX issue the following command to show the number of connections:

show conn count

If the "in used" connections is both high and near the same level as "most used" then you're probably under denial-of-service attack such as TCP SYN half-open.