This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intrusion Prevention causing slow internet speeds

Since upgrading the firmware to the latest version 9.312-8 my internet performance has fallen massively. I have a Gbit connection to the internet and with Intrusion prevention turned on, I get anything from 10mbit to 100mbit depending on number of users. If IP is turned off my internet download speed jumps up to 650-800 Mbit/s.

Can anyone shed some light on what is wrong?

Thanks


This thread was automatically locked due to age.
Parents
  • Hi, the host server is using Xeon E5-2430 CPUs
  • Hi, the host server is using Xeon E5-2430 CPUs


    snort is good for about 250-500 megabits max per core at about 3ghz depending on how many users you ahve ushing thngs.  Your 2.0ghz cpu's aren't going to be able to go much faster than 250 max depending on the amount of users AND ruleset tuning.  You need either more cores and lots more users or a much faster cpu(3.0ghz or faster) and probably more users still.  

    That type of cpu is used in the 5xx and higher sg series when there are more than 500 users.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

  • I have the UTM 9 on own hardware with 8GB ram, SSD, Intel I3(ni-aes HW chip included) . I have 200 Mbit internet down and 20 up; the UTM only allows 20Mbit up and down.

    what I keep reading is that everywhere the upload is what its provided but the download is every time only 10% EXACT of what has been provided.

    when doing a big and fast download, the processor utilization does not get higher than 3% !!! and yes; indeed turning of IPS does the trick. but this is not because of processor limitation

Reply
  • I have the UTM 9 on own hardware with 8GB ram, SSD, Intel I3(ni-aes HW chip included) . I have 200 Mbit internet down and 20 up; the UTM only allows 20Mbit up and down.

    what I keep reading is that everywhere the upload is what its provided but the download is every time only 10% EXACT of what has been provided.

    when doing a big and fast download, the processor utilization does not get higher than 3% !!! and yes; indeed turning of IPS does the trick. but this is not because of processor limitation

Children
No Data