Hello Tejas-

Do you have that traffic going through a "Trust" rule or is it being permitted through a regular ACP rule? The reason I ask is because "Trust" rule essentially bypasses the deep packet inspection, which is recommended for traffic such traffic (Backups, database replication, large file transfers, etc.) This type of traffic is classified as "elephant/fat flow" and if you want to inspect the traffic then your throughput will be limited since each flow is tied/inspected by a single Snort instance and each snort instance is tied to a single CPU core. For more information on Elephant Flows, you can check the following document:

https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/200420-Processing-of-Single-Stream-Large-Sessio.html

Alternatively, if you don't want to use a "Trust" rule then you can look into configuring IAB (Intelligent Application Bypass). This feature essentially allows the flows to be skip deep packet inspection after the initial inspection is performed. For more info on IAB, please take a look at the following link:

https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/intelligent_application_bypass.html

I hope this helps!

Thank you for rating helpful posts!