Issue with throughput - IPS exception do not work

try turning off anti-portscan.  That also routes through the ips and is unaffected by the exceptions settings.

Tried that - did not help.

Quote from Sophos maunual  „Exceptions tab you can define source and destination networks that should be excluded from intrusion prevention“.

I've just started using the UTM home edition and have a similar problem.

If I enable IPS then my download rate is halved from 200MBits to 100MBits. 

I realise this is probably caused by Snort maxing out a single CPU core on my lowly HP N40L, however if I deselect ALL the attack patterns it makes no difference. 

What is the IPS doing when these patterns are all disabled, are there some defaults that cannot be disabled? 

Turning port scan on/off makes no difference either. 

If I disable IPS fully then my download rate returns to 200MBits.

Any ideas how to get some IPS protection and my full download speed back?

thanks

I've just started using the UTM home edition and have a similar problem.

If I enable IPS then my download rate is halved from 200MBits to 100MBits. 

I realise this is probably caused by Snort maxing out a single CPU core on my lowly HP N40L, however if I deselect ALL the attack patterns it makes no difference. 

What is the IPS doing when these patterns are all disabled, are there some defaults that cannot be disabled? 

Turning port scan on/off makes no difference either. 

If I disable IPS fully then my download rate returns to 200MBits.

Any ideas how to get some IPS protection and my full download speed back?

thanks

Search for me for tons of info on how ips works.

Short answer is no...your cpu is too weak to run anything more than what you are getting with ips on.

Thanks, I'll search for you.

I just assumed that if all the patterns were off then the IPS wasn't scanning the packets and there would be very little load on the CPU, I guess not :-(