Cisco IOS IPS CPU impact

Hi,

I've been testing the IOS IPS feature on both an 1841 and a 3845 - both running 12.4(3) Adv. Sec.(both maxxed on DRAM); and I'm seeing a doubling of the CPU utilization when I invoke IPS with the built-in signature file on one Gig interface.

If I bump that sig file to attack-drop I see another doubling of the CPU - is everyone seeing similar jumps in the utlization? I see a doubling again if I bump it to the next level of sigs.

I ran a very limited production test on a 3845 in our larger branches - applying the built-ins to the LAN interface inbound only - and the 5 min CPU went from 11% to 26% over a 30 minute period.

I haven't begun tweaking the sigs yet - I just wanted to get a feel for other's performance experience with this feature.

Thanks, Paul

Reply to
streamfile
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.