Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1536
Views
0
Helpful
1
Replies

How does IOS IPS affect throughput performace?

m.renshaw
Level 1
Level 1

‎02-17-2012 08:32 AM - edited ‎03-10-2019 05:37 AM

Hi Support people,

I have been trialling IOS IPS on a number of Cisco ISRg2 routers and I have found that after enabling it the CPU jumps to 99% and I see packet drops (ingress) on the interface that IPS is applied.

Has anyone else successfully deployed IOS IPS? If yes what router/s have you used and what did you do to mitigate high CPU usage and packet drops?

Thank you in advance for all of your quick reply’s

Labels:
0 Helpful
1 Reply 1

svaish
Level 1
Level 1

‎03-07-2012 01:40 AM

Using IOS-IPS is recommended for some very basic use and small deployments only.

As there are limited resources available on the router; using IOS IPS has a direct impact on the speed/throughput of the router and generally not recommended to enable most of signature on it.

We only recommend enabling some  very basic signature package on the IOS-IPS for basic packet inspection.

Enabling all the signatures can result in high CPU on the router as well.'

Datasheet

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet0900aecd803137cf.html

Getting Started with IOS IPS ― A Step-by-Step Guide

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/prod_white_paper0900aecd805c4ea8.html

The above guide will be very helpful.

Regards

Sachin

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card