Maximum throughput of Virtual Sophos

Hi,

Jonas Keller said:

The Sophos VM has 40 vCPUs and 100 GB RAM. What kind of throughput can I expect. Or differently... how much of my 10Gb/s speed am I going to loose.

If you actually have a license that's capable of utilize 40 vCPUS and 100GB RAM, then you wouldn't even bee worrying about it not reaching 10Gbit/s.

In a modern CPU, with IPS/WebProxy/ATP, on v17.5.x you can reach around  >820Mbit/s on a single core.

The only problem you would face over a 10Gbit/s connection is: XG currently uses Snort, any application which uses a single connection for transferring anything, you will be forced to use only a single core of your VM.

If you disable IPS on v17.5.x you will be getting line-rate throughput over it. Well, a 4vCore with 6GB RAM has capable of it*, then I don't see why 40vCore wouldn't be.

*With VIrtiO Drivers, not vmxnet3.

Ian said on the post above - your currently using the Home License, so your limited with 4Cores/6GB RAM, if that's true then you will only archive 10Gbit/s without IPS on v17.5.x.

Currently on v18 EAP there's no Core/RAM limit on it*, you should try it out when EAP 3 Refresh comes out.

*EAP 3 Refresh should have performance improvements, since it's currently.... "weird"...

Thanks,

Hi,

Jonas Keller said:

The Sophos VM has 40 vCPUs and 100 GB RAM. What kind of throughput can I expect. Or differently... how much of my 10Gb/s speed am I going to loose.

If you actually have a license that's capable of utilize 40 vCPUS and 100GB RAM, then you wouldn't even bee worrying about it not reaching 10Gbit/s.

In a modern CPU, with IPS/WebProxy/ATP, on v17.5.x you can reach around  >820Mbit/s on a single core.

The only problem you would face over a 10Gbit/s connection is: XG currently uses Snort, any application which uses a single connection for transferring anything, you will be forced to use only a single core of your VM.

If you disable IPS on v17.5.x you will be getting line-rate throughput over it. Well, a 4vCore with 6GB RAM has capable of it*, then I don't see why 40vCore wouldn't be.

*With VIrtiO Drivers, not vmxnet3.

Ian said on the post above - your currently using the Home License, so your limited with 4Cores/6GB RAM, if that's true then you will only archive 10Gbit/s without IPS on v17.5.x.

Currently on v18 EAP there's no Core/RAM limit on it*, you should try it out when EAP 3 Refresh comes out.

*EAP 3 Refresh should have performance improvements, since it's currently.... "weird"...

Thanks,

Is v18 available for free... and where can I download it?

https://community.sophos.com/products/xg-firewall/sfos-eap/sfos-v18-early-access-program/b/blog/posts/sophos-xg-firewall-v18-eap-3-firmware-has-been-released

Be aware, there's performance issues right now on EAP 3, It's better for you to wait for EAP 3 Refresh.

There are limits on V18 EAP3 if you are using the home licence. When you first install EAP3 from the ISO you will get access to all available resources, but at first reboot after you synchronise your licence you will be restricted to the home licence maximums.

Ian

rfcat_vk said:

There are limits on V18 EAP3 if you are using the home licence. When you first install EAP3 from the ISO you will get access to all available resources, but at first reboot after you synchronise your licence you will be restricted to the home licence maximums.

Well, I didn't knew about that, I'll be checking it later, I believe It must be a issue in my end.

Thanks,

Hi Prism,

I think the config change was missing from one of the earlier v18 EAPs and only returned when an ISO was used to build EAP3.

Ian

rfcat_vk said:

I think the config change was missing from one of the earlier v18 EAPs and only returned when an ISO was used to build EAP3.

You're sure about it?

Thanks,

I am quite sure, because my XG was using 8gb of ram for sometime until I restarted it, then it reverted to 6gb. I only have 4 real CPUs so I can't tell whether the CPU limit has ben applied.

I could for the fun  of it later today rebuild the box with 8 cpus to see what happens. The weather has gone from very hot, dry and smokey to cold and wet.

ian

Hi,

I fired up my test XG running V18 EAP2 using top it shows 4 CPUs and 6gb of RAM.

Ian