Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 13909 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Issue with throughput - IPS exception do not work

MindaugasBuitvydas

I have a problem with bandwith when IPS is ON and exclusion is used, which do not work, as i get the same speed with or without exeption ON.

Copy from ftp to video IPS off:

Copy from ftp to video IPS on with exception:

IPS exception:

Copy from ftp to video IPS on withOUT exception:

Would be very thankful for any help!



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to MindaugasBuitvydas

    I've just started using the UTM home edition and have a similar problem.

    If I enable IPS then my download rate is halved from 200MBits to 100MBits. 

    I realise this is probably caused by Snort maxing out a single CPU core on my lowly HP N40L, however if I deselect ALL the attack patterns it makes no difference. 

    What is the IPS doing when these patterns are all disabled, are there some defaults that cannot be disabled? 

    Turning port scan on/off makes no difference either. 

    If I disable IPS fully then my download rate returns to 200MBits.

    Any ideas how to get some IPS protection and my full download speed back?

    thanks

  • 0 in reply to ianwhite

    Search for me for tons of info on how ips works.

    Short answer is no...your cpu is too weak to run anything more than what you are getting with ips on.

  • 0 in reply to William Warren

    Thanks, I'll search for you.

    I just assumed that if all the patterns were off then the IPS wasn't scanning the packets and there would be very little load on the CPU, I guess not :-(