Cisco IOS IPS CPU impact


I've been testing the IOS IPS feature on both an 1841 and a 3845 - both running 12.4(3) Adv. Sec.(both maxxed on DRAM); and I'm seeing a doubling of the CPU utilization when I invoke IPS with the built-in signature file on one Gig interface.

If I bump that sig file to attack-drop I see another doubling of the CPU - is everyone seeing similar jumps in the utlization? I see a doubling again if I bump it to the next level of sigs.

I ran a very limited production test on a 3845 in our larger branches - applying the built-ins to the LAN interface inbound only - and the 5 min CPU went from 11% to 26% over a 30 minute period.

I haven't begun tweaking the sigs yet - I just wanted to get a feel for other's performance experience with this feature.

Thanks, Paul

Reply to
Loading thread data ... Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.