Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
689
Views
0
Helpful
3
Replies

ASA CPU and MEM usage percentages

danielciscoswart
Level 1
Level 1

‎05-30-2013 01:49 AM - edited ‎03-11-2019 06:51 PM

Hi Everyone.

I am looking for Cisco Recommended values for opperational enviroments of ASA's. Example CPU 0-30% Low , 31-60% Meduim and 60-100% High.

When is it considered low meduim or high usage on ASA's? As I can custom create a document. but would like to know what Cisco Themselfs recommend?

Kind Regards

Daniel           

Labels:
0 Helpful
3 Replies 3

rmeans
Level 3
Level 3

‎05-30-2013 04:44 AM

I am not Cisco but this is my experience.

CPU

0-20% - low

20-50% - medium

50-90% - high

90+% - means you are in trouble

Memory is completely different.  The tool I use for monitoring my systems suggests the amount of memory used rarely changes.  Each device model uses a different amount of memory.  Excluding any memory leaks, the memory used statistic doesn't change.

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to rmeans

‎05-30-2013 04:57 AM

Hi,

I would have to say that the environment I manage the typical CPU usage is around 0-40%.

I would also have to say that 0-10% is the more typical range where the ASA CPU usage usually is.

All this ofcourse depends on the device model used.

Ours are all the way from 5505 to 5585-X SSP20

For example on a virtualized ASA5585-X one context has currently 80k active connections through it and its CPU usage is at 5%

Some firewall used in hospital and school environments are at about 5-20% with few thousand active connections. ASA models used might be ASA5540.

I would have to agree with the values you have mentioned. I would say  anything between 0-30% in our environments is pretty normal. Anything  around 50% or more I would already consider unusual.

With regards to the ASA memory usage, I for example have the VERY basic model ASA5505 with no additional licensing at home. Its constantly using around 85% of the memory (running 8.4(5)) but it works just fine. Though as this is a home environment I am not concerned.

However if it were a production environment at a customer we would probably be looking at hardware replacement or memory upgrade. Most of the time it would mean completely replacing the hardware.

I would imagine the new ASA models have a lot more resources and dont really suffer from any of these problems.

Still waiting for my first ASA5500-X model for testing

- Jouni

0 Helpful

danielciscoswart
Level 1
Level 1
In response to Jouni Forss

‎05-30-2013 06:23 AM

Thanks for the feedback peeps. Currently i am working on a 5585X SSP60   Yes it is awesome.  But yeah was wondering if there is any official Cisco documentation on device parameters.

Thanks Again for the imput it helps alot.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card