This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPS Performance Problem with 100Mbit Fiber

Hi there,

We have an ASG220 with Firmware-Version: 9.105-9 and a very strange behavior with the IPS (4507 of 15947 patterns).
Last week we did a fiber upgrade from 30Mbit to 100Mbit.

With IPS enabled we only get around 50Mbit throughput. (Tested with speedtest.net, cifs sharing and iperf)
With IPS disabled we get around 95Mbit, which is good. (Tested with speedtest.net, cifs sharing and iperf)

It makes no difference if I remove the LAN from the Local networks option in the Global IPS Settings. The problem persists.
The only solution is to disable IPS globally with the On/Off Button, to get an acceptable throughput rate.

The snort process uses around 10-20% CPU. There are no special warnings or error messages in the IPS Log.

Does anybody have an idea or recommendation?

This thread was automatically locked due to age.

Parents

0 chumbri over 11 years ago

Hi Barry

I changed the IPS instances back to 0.

The device is a new UTM220. We used the hardware exchange program around April to get a new device for the old ASG220. Sorry for the misinformation. We than got a backup from the old ASG220 and restored the backup on the UTM220.

UTM 220 A180... rev.5 Intel Celeron Dual Core E1500 2,2GHz 2GB

So cat /proc/cpuinfo produces the following output:

processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 15
model name      : Intel(R) Celeron(R) CPU        E1500  @ 2.20GHz
stepping        : 13
microcode       : 0xa4
cpu MHz         : 2194.632
cache size      : 512 KB
physical id     : 0
siblings        : 2
core id         : 0
cpu cores       : 2
apicid          : 0
initial apicid  : 0
fpu             : yes
fpu_exception   : yes
cpuid level     : 10
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good nopl aperfmperf pni dtes64 monitor ds_cpl est tm2 ssse3 cx16 xtpr pdcm lahf_lm dtherm
bogomips        : 4389.26
clflush size    : 64
cache_alignment : 64
address sizes   : 36 bits physical, 48 bits virtual
power management:

processor       : 1
vendor_id       : GenuineIntel
cpu family      : 6
model           : 15
model name      : Intel(R) Celeron(R) CPU        E1500  @ 2.20GHz
stepping        : 13
microcode       : 0xa4
cpu MHz         : 2194.632
cache size      : 512 KB
physical id     : 0
siblings        : 2
core id         : 1
cpu cores       : 2
apicid          : 1
initial apicid  : 1
fpu             : yes
fpu_exception   : yes
cpuid level     : 10
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good nopl aperfmperf pni dtes64 monitor ds_cpl est tm2 ssse3 cx16 xtpr pdcm lahf_lm dtherm
bogomips        : 4389.26
clflush size    : 64
cache_alignment : 64
address sizes   : 36 bits physical, 48 bits virtual
power management:

On the dashboard the device identifies itself as ASG220:

Model: ASG220
Subscriptions: Base Functionality
                        Network Protection
                        Web Protection
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 chumbri over 11 years ago

Hi Barry

I changed the IPS instances back to 0.

The device is a new UTM220. We used the hardware exchange program around April to get a new device for the old ASG220. Sorry for the misinformation. We than got a backup from the old ASG220 and restored the backup on the UTM220.

UTM 220 A180... rev.5 Intel Celeron Dual Core E1500 2,2GHz 2GB

So cat /proc/cpuinfo produces the following output:

processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 15
model name      : Intel(R) Celeron(R) CPU        E1500  @ 2.20GHz
stepping        : 13
microcode       : 0xa4
cpu MHz         : 2194.632
cache size      : 512 KB
physical id     : 0
siblings        : 2
core id         : 0
cpu cores       : 2
apicid          : 0
initial apicid  : 0
fpu             : yes
fpu_exception   : yes
cpuid level     : 10
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good nopl aperfmperf pni dtes64 monitor ds_cpl est tm2 ssse3 cx16 xtpr pdcm lahf_lm dtherm
bogomips        : 4389.26
clflush size    : 64
cache_alignment : 64
address sizes   : 36 bits physical, 48 bits virtual
power management:

processor       : 1
vendor_id       : GenuineIntel
cpu family      : 6
model           : 15
model name      : Intel(R) Celeron(R) CPU        E1500  @ 2.20GHz
stepping        : 13
microcode       : 0xa4
cpu MHz         : 2194.632
cache size      : 512 KB
physical id     : 0
siblings        : 2
core id         : 1
cpu cores       : 2
apicid          : 1
initial apicid  : 1
fpu             : yes
fpu_exception   : yes
cpuid level     : 10
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good nopl aperfmperf pni dtes64 monitor ds_cpl est tm2 ssse3 cx16 xtpr pdcm lahf_lm dtherm
bogomips        : 4389.26
clflush size    : 64
cache_alignment : 64
address sizes   : 36 bits physical, 48 bits virtual
power management:

On the dashboard the device identifies itself as ASG220:

Model: ASG220
Subscriptions: Base Functionality
                        Network Protection
                        Web Protection
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data