We have Ironport S670 in configured in transparent mode as a standalone device. Internet access is slow through the proxy. Whether below total connections of 30656 can be an issue? How much connections this model of proxy can handle without any impact to traffic?
Enter "status detail" for more information.
Status as of: Tue Mar 04 12:21:27 2014 AST
Up since: Fri Feb 28 10:59:23 2014 AST (4d 1h 22m 4s)
The appliance can handle more than 100k total connections without any performance impacts. When you have slowness the connection count does not normally come into play unless the WSA is not closing the connections properly. Based on the status detail output you provided the majority of your connections are in use which is normal. With regards to slowness you should be looking at requests per second against the proxy CPU usage. You can find this data by using the 'rate' or 'proxystat' commands from the CLI. This will show you the proxy process CPU usage which will directly correlate to any slowness seen. Anything over 80% will begin to show slow performance. With regards to the S370 there are a few known performance issues, one is the BIOS and the other is the software code running. There should be an available upgrade for a BIOS firmware update that needs to be applied to your S370. As far as the software version, there is an issue with 7.7.0 that is fixed in the GA release that is scheduled for availability in the next few weeks. Our recommendation is to run 7.5.2 on the S370 and apply the BIOS firmware update. If both of these are true, then you may be overloading the proxy process. If you need assistance verifying you are overloading the proxy CPU then you will need to open a service request with TAC.
To help you better understand what makes Secure Endpoint such a valuable tool in their arsenal, we’ve summarised top tips which customers can use which can avoid them getting stalled in their implementation stages of the solution. Data tells us, at the po...
We’re excited to announce new capabilities with Secure Endpoint that allow you to simplify your security and maximize your security operations: Unify your security stack and reduce agent fatigue with Cisco Secure Client; harness integrated risk-based vuln...
Listen: https://smarturl.it/CCRS8E47 Follow us: twitter.com/CiscoChampion
Ransomware, fileless malware, and zero-day attacks continue to target organizations around the world. In response, organizations have resorted to deploying a variety of di...
This is a general information page for Cisco Threat Centric (TC-NAC) with ISE
Threat Centric Network Access Control (TC-NAC) feature enables you to create authorization policies based on the threat and vulnerability attributes received from the th...
The 2021 IT Blog Awards, hosted by Cisco, is now open for submissions. Submit your blog, vlog or podcast today. For more information, including category details, the process, past winners and FAQs, check out: https://www.cisco.com/c/en/us/t...