Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 2 subscribers
  • Views 3086 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPS is killing my WAN Speed

ZeroEnna
Hey everyone,

for quite some time now, I search for whatever limits my WAN connection.

I use a Sophos UTM9 on a Intel D2500CCE mainboard, which is...not overwhelming but it's enough to run and operate Sophos UTM.

I have network over cable with 100 Mbit/s down and 5 Mbit/s up.
However, when I made some speed tests downloading Debian DVD ISOs, I never exceeded the 25 Mbit/s threshold. So I disabled the UTM features one by one and voila, after I disabled the IPS completely, my download speed skyrocketed and almost reached the 100 Mbit/s.

So I wonder:

Is my hardware undersized or is there some other "hidden switch" I have to activate to have both speed and IPS?

Thank you in advance.

Kind Regards

ZeroEnna


This thread was automatically locked due to age.
  • 0
    Hi, 

    Your Atom CPU is far too slow for 100mbits through the IPS.

    I get 17mbps through my Atom n270.

    9.2x has some IPS improvements but it's not going to get you to 100mbps; you need a fast i3 CPU.

    Barry
  • 0 in reply to BarryG
    Hello BarryG,

    thank you for your reply.
    That's very interesting to hear, because one of my buddys set up an UTM with an even lower CPU (Atom D525) and he gets the full 100Mbit/s despite using IPS)
  • 0
    With a D525 and IPS enabled, you'll reach 100 megabit or more with P2P traffic, however, not a single stream HTTP session (read: speedtest, single download, etc). 

    Hope that shines a bit of light on this for you.
  • 0
    IPS performance is CPU-bound; if you have a slower CPU, or a low amount of RAM, these results would be typical.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0
    Yes, I was talking about HTTP performance.
    I can about max out my 50+ mbps connection with BitTorrent with the IPS running.

    Barry
  • 0
    What do you have in 'Local networks' in Intrusion Prevention?

    Cheers - Bob

    Sorry for any short responses.  Posted from my iPhone.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Cookie Information Banner