cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Bookmark
|
Subscribe
|
480
Views
0
Helpful
2
Replies

IDSM inspection load on 100%

Now I have IDSM with 100% inspection load on busy hour and followed by missed packets percentage increasing at that time. 

The IDSM interface is setting as promiscuous interface

Is it means my network throughput will limited by IDSM max inspection load / throughput which is 600Mbps?

 

Thank you

 

Marcel.

1 Accepted Solution

Accepted Solutions

No, the throughput wil not be limited in the network when you are in promiscous mode. But your visibility for attacks is highly limited.

You should configure your span/capture settings on the 6k5 to only send as much traffic to the IDSM as this module can handle.

Just remember that the IDSM-2 is a ten years old system and can't catch up with the typical traffic-demand we are having nowadays. It's time to change the IDSM against an actual external sensor.

View solution in original post

2 Replies 2

No, the throughput wil not be limited in the network when you are in promiscous mode. But your visibility for attacks is highly limited.

You should configure your span/capture settings on the 6k5 to only send as much traffic to the IDSM as this module can handle.

Just remember that the IDSM-2 is a ten years old system and can't catch up with the typical traffic-demand we are having nowadays. It's time to change the IDSM against an actual external sensor.

Thank you Karsten, I will plan to change the IDSM 

Review Cisco Networking for a $25 gift card