Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1361
Views
0
Helpful
0
Replies

Multi instance throughput on the 4110

Skjalg Eggen
Level 1
Level 1

‎07-24-2019 07:17 AM - edited ‎02-21-2020 09:20 AM

Question regarding throughput with AVS and IPS inspection in a multi instance setup.

 

As far as I can tell, enabling multi instance basically cuts your throughput in half when deploying rules with IPS policy inspection enabled. 

 

Running iPerf tests through one instance with all cores (22) assigned I get 5Gb/s max throughput with default balanced security and connectivity IPS ruleset and default Network Analysis Policy (balanced security and connectivity)

 

this drops to 2.3 Gb/s when assigning 12 Cores. I see only 6 snort processes running on the device and all are maxed out in 100% usage during the tests.

 

Whitepaper says we should get 11 Gb/s AVS/IPS througput with balanced security and connectivity rule sets in regular native ftd install. I have not verified that this is the case. 

 

Anybody else have any experience with this that can shed some light on my findings?

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card