Question regarding throughput with AVS and IPS inspection in a multi instance setup.
As far as I can tell, enabling multi instance basically cuts your throughput in half when deploying rules with IPS policy inspection enabled.
Running iPerf tests through one instance with all cores (22) assigned I get 5Gb/s max throughput with default balanced security and connectivity IPS ruleset and default Network Analysis Policy (balanced security and connectivity)
this drops to 2.3 Gb/s when assigning 12 Cores. I see only 6 snort processes running on the device and all are maxed out in 100% usage during the tests.
Whitepaper says we should get 11 Gb/s AVS/IPS througput with balanced security and connectivity rule sets in regular native ftd install. I have not verified that this is the case.
Anybody else have any experience with this that can shed some light on my findings?