Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 17 replies
  • Subscribers 2 subscribers
  • Views 159361 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos IPS Kill My internet speed

okaenrique
Hello!

I have UTM VERSION 9.314-13 on my ESXI 

ssd HARDIDSK
CPU intel core i5-4690k cpu 3.50GHZ  4 cpu 

in Vmware i have 4 virtualsockets and 5120MB memory .

every think is work but when i active Attack Patterns on IPS my internet speed change from 950Mbit/s to 300Mbit/s , 

i have tried active just ( Operating system specific attacks  ) and get same issue .

in my Sophos FW i have 
FW is active with 7 rules.
webfiltering is active with 0 requestes.
remote access .
Web Aplication Firewall is active .
Antivirus .
Antispyware .








Any help please ?


This thread was automatically locked due to age.
Parents
  • 0
    But you will never reach more than ~500 MBit/s with a single Download, even with the most powerful hardware...

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
  • 0 in reply to scorpionking
    But you will never reach more than ~500 MBit/s with a single Download, even with the most powerful hardware...


    With UTM you typically won't see faster than 350 megabits per instance.  Snort is highly single threaded.  The problem is modern cpu are NOT designed for single threaded software.  Luckily cisco is pushing development of a new highly multi-threaded snort.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Reply
  • 0 in reply to scorpionking
    But you will never reach more than ~500 MBit/s with a single Download, even with the most powerful hardware...


    With UTM you typically won't see faster than 350 megabits per instance.  Snort is highly single threaded.  The problem is modern cpu are NOT designed for single threaded software.  Luckily cisco is pushing development of a new highly multi-threaded snort.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Children
No Data
Cookie Information Banner