Connections time out when IPS enabled (sporadically)

This message means IPS has reached its maximum concurrent connection limit of 8192, and will start dropping connections. 

This limit is based on how much memory SFOS has, and 8192 is for 2GB. Did you deploy SFOS with only 2GB of memory? If so, you should increase the amount of memory. 

By default IPS is also not configured to fail close when it reaches this limit, did you set this yourself? 

You can turn off fail close through CLI: 

console> set ips failclose off

This message means IPS has reached its maximum concurrent connection limit of 8192, and will start dropping connections. 

This limit is based on how much memory SFOS has, and 8192 is for 2GB. Did you deploy SFOS with only 2GB of memory? If so, you should increase the amount of memory. 

By default IPS is also not configured to fail close when it reaches this limit, did you set this yourself? 

You can turn off fail close through CLI: 

console> set ips failclose off

Thanks for your answer.

No, the the system has 8GB memory available. 

Strange, as I also can see following error with a higher limit:
2022-09-07T03:50:59.085960Z [16155] No timedout sessions, Total 16384,dropping current packet. memory in use: 5874651 

We also have not set the failclose.
Is there a documentation somewhere?

Do you think it all could be related to memory?

It does seem like there are a lot of persistent connections on your network which is staying open/not closing. The limit of concurrent connections IPS can handle is determined by memory, so you can try increasing that further. 

You can turn off failclose with the command I gave you in the console above. 

Thanks for your input. I will add it to the support case as well