01-15-2010 11:52 AM
Hello,
I just purchased a SA 520 and I am trying out the IPS feature before I buy. During my tests I get around 85 mbps off a 100 mbps connection (which is relatively normal), however as soon as I enable IPS with very few options (trojan/virus, http, etc), it drops down to 18 or so. Anyway to improve this?
Thank you!
01-15-2010 06:54 PM
Hello and good evening,
I have passed this on to our internal teams.
In addition, it might be best to have you open a case. Here is the link to find the correct number:
http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html
HTH,
Andrew Lee Lissitz
01-16-2010 01:16 PM
I am seriously considering buying this unit but if the IPS performance is truely that bad, I don't know.
Is this still a problem in the lastest firmware (1.1.21)?
01-16-2010 02:26 PM
I think we should wait and see, I asked the product manager to take a look. Hopefully a case will be opened also.
Kindest regards,
Andrew
01-16-2010 02:48 PM
Hi,
We know from internal performance testing of other Cisco products, that the overhead of IPS Signature detection is alot.
I think we can realistically expect a significant drop in performance when IPS is enabled.
Since the datasheet was issued prior to having IPS, we have asked the PM to update it with the caveat of reduced performance when IPS is enabled.
The Solution test team will have to determine how significant.
I think this would be true for any vendors product that performs thouough packet inspection?
Steve
SE Field Channel Sales
01-16-2010 03:07 PM
Will the SA540 have a better IPS throughput?
I assume that the 540 has a faster processor since it claims 300Mb/sec SPI as opposed to 200Mb/sec for the 520.
I would be interested in the actual specs for the 520 and 540 with and without IPS.
01-16-2010 03:09 PM
Yes. Better than 520 is a safe assumption.
Without IPS is in the datasheets
01-16-2010 03:45 PM
With out IPS for the 520 and 540 would be the 200Mb/sec & 300Mb/sec respectively right?
At any rate, would this be faster than the RVS4000 IPS processing?
01-16-2010 06:47 PM
Hello and good evening,
We have a few internal folks as well as the product manager for some numbers, once we have these we can communicate them and assist you in buying the right product that meets the performance need. Both Steve and I have escalated this ... we hope to have an answer for you quickly.
Kindest regards,
Andrew
01-17-2010 08:36 AM
Do you still want me to open a case for this issue?
Primary Firmware Version: 1.1.21
Secondary Firmware Version: 1.0.15
I can't download the latest IPS update cause its seems you need a contract to do so (even on the free 60day trial). My highest bandwidth test so far was 97mbps without IPS. The highest with IPS was around 20mbps. The lowest without IPS was 80mbps, and the lowest with was 14mbps.
Granted these numbers do fluxuate cause I am on a 100mbps cable connection (Cisco modem with gbE), but not alot.
System up Time : 3 days, 16 hours, 0 minutes, 54 seconds
CPU Utilization
CPU usage by user: 2 %
CPU usage by kernel: 1 %
CPU idle: 97 %
CPU waiting for IO: 0 %
Memory Utilization
Total Memory: 234016 KB
Used Memory: 145304 KB
Free Memory: 88712 KB
Cached Memory: 70708 KB
Buffer Memory: 10556 KB
01-19-2010 08:11 AM
We are told a contract is not required to access the trial license... but you do need to have a CCO account... which takes just a few minutes to create.
Did you try to access with a valid CCO ID?
01-19-2010 08:53 AM
Thank you for getting back to me.
I tried to access it online, however no matter what I tried - I get an error (cannot access this file).
Also, this is the latest IPS info on the SA...
Signature File: SBIPS000001
Last Checked for Signatures: Sat Dec 12 03:04:57 GMT 2009
I even tried to put my username/password in and hit "Update Now", but it doesn't seem to update to anything other that the one I originally had.
01-19-2010 08:55 AM
Open a case with SBSC and let us know the solution. Sorry to hear it isnt working. This is new, so lets engage the support team who received some training on it and should be able to help.
Steve
02-01-2010 01:35 PM
Did you ever get those performance specs?
01-26-2012 03:18 PM
With IPS turned on, our SA540 has a max download throughput of ~22 Mbps. With IPS turned off we consistently achieve 30 Mbps (ISP cap).
On a side note, IPS also reduces our upload throughput to ~4.3 Mbps. With IPS turned off we consistently achieve 5 Mbps (ISP cap).
I wonder if the SA540 would perform better if we increased our cap to 50 Mbps?
Also, were the IPS performance specs mentioned above ever posted anywhere? I searched around, but couldn't find anything.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide