Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1136
Views
10
Helpful
6
Replies

fmc vm performace and internet performance?

baselzind
Level 6
Level 6

‎03-23-2021 07:27 AM

I have FMC with 2 ft 2110. Ever since we started having vm performance issues which our FMC is a part of, our internet performance started to slow down as well. Is internet performance through the FTD linked to fmc vm performace in anyway?

0 Helpful
6 Replies 6

Rob Ingram
VIP
VIP

‎03-23-2021 07:59 AM

Hi @baselzind 

Cloud lookups would go via the FMC.

What version of FMC are you running? From 6.7 the VM specs now require a minimum of 32Gb memory.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎03-23-2021 01:57 PM

this could be major issue with Logging people noticed, check if you can disable any logging option see that is better?

 

by the way what version of code in FMC and FTD, what compute resources given to FMC, is the FMC and FTD in the same geo location?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

baselzind
Level 6
Level 6
In response to balaji.bandi

‎03-23-2021 11:12 PM

it is fmc 6.4 and ftd 6.4 , fmc have the standard ova but with 32GB ram. so if FTDs are affected by FMC logging would that mean if FMC goes down the FTD would stop working as well?

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to baselzind

‎03-24-2021 02:23 AM

No FMC is management only if that goes down, still, FTD works as expected, and you can view or modify any FTD configuration until FTD joins back to FMC. or FMC restored.

 

looks like thee is 2 separate issue here, FMC performance can not affect FTD, so you need to go deeper to understand the issue.

 

this may be due to network overload ? network congestion? is your network overutilized? do you any drop on the interface where these devices connected? what kind of switch that is?

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

-Pili
Level 1
Level 1

‎03-23-2021 05:23 PM - edited ‎03-23-2021 05:27 PM

The performance that the FMC has is in no way linked to the performance of the firewall box, FMC manages the policies but does not take any action on the traffic(only FTD does).

 

Network performance is most often degraded because of the deep-inspection policies(Malware, Intrusion), be sure to tune the inspection only for those services that are required. 

0 Helpful

baselzind
Level 6
Level 6
In response to -Pili

‎03-23-2021 11:16 PM

you mean fmc would slow ftd for policies with deep-inspection? like the deep-inspection is performed on the fmc?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card