Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Maximum throughput of Virtual Sophos

I want to setup a virtual Sophos XG on VMware ESXi 6.7 which is running on a Cisco C220 M4 Rackserver (2x E5-4660 2.30Ghz | 128 GB RAM | OS is running an SSD) It has a 10Gb/s Connection for WAN and LAN.

The Sophos VM has 40 vCPUs and 100 GB RAM. What kind of throughput can I expect. Or differently... how much of my 10Gb/s speed am I going to loose.



This thread was automatically locked due to age.
Parents
  • Hi,

     

    Jonas Keller said:
    The Sophos VM has 40 vCPUs and 100 GB RAM. What kind of throughput can I expect. Or differently... how much of my 10Gb/s speed am I going to loose.

    If you actually have a license that's capable of utilize 40 vCPUS and 100GB RAM, then you wouldn't even bee worrying about it not reaching 10Gbit/s.

    In a modern CPU, with IPS/WebProxy/ATP, on v17.5.x you can reach around  >820Mbit/s on a single core.

    The only problem you would face over a 10Gbit/s connection is: XG currently uses Snort, any application which uses a single connection for transferring anything, you will be forced to use only a single core of your VM.

    If you disable IPS on v17.5.x you will be getting line-rate throughput over it. Well, a 4vCore with 6GB RAM has capable of it*, then I don't see why 40vCore wouldn't be.

    *With VIrtiO Drivers, not vmxnet3.

     

    Ian said on the post above - your currently using the Home License, so your limited with 4Cores/6GB RAM, if that's true then you will only archive 10Gbit/s without IPS on v17.5.x.

    Currently on v18 EAP there's no Core/RAM limit on it*, you should try it out when EAP 3 Refresh comes out.

    *EAP 3 Refresh should have performance improvements, since it's currently.... "weird"...

     

    Thanks,


    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v21 GA @ Home

    Sophos ZTNA (KVM) @ Home

Reply
  • Hi,

     

    Jonas Keller said:
    The Sophos VM has 40 vCPUs and 100 GB RAM. What kind of throughput can I expect. Or differently... how much of my 10Gb/s speed am I going to loose.

    If you actually have a license that's capable of utilize 40 vCPUS and 100GB RAM, then you wouldn't even bee worrying about it not reaching 10Gbit/s.

    In a modern CPU, with IPS/WebProxy/ATP, on v17.5.x you can reach around  >820Mbit/s on a single core.

    The only problem you would face over a 10Gbit/s connection is: XG currently uses Snort, any application which uses a single connection for transferring anything, you will be forced to use only a single core of your VM.

    If you disable IPS on v17.5.x you will be getting line-rate throughput over it. Well, a 4vCore with 6GB RAM has capable of it*, then I don't see why 40vCore wouldn't be.

    *With VIrtiO Drivers, not vmxnet3.

     

    Ian said on the post above - your currently using the Home License, so your limited with 4Cores/6GB RAM, if that's true then you will only archive 10Gbit/s without IPS on v17.5.x.

    Currently on v18 EAP there's no Core/RAM limit on it*, you should try it out when EAP 3 Refresh comes out.

    *EAP 3 Refresh should have performance improvements, since it's currently.... "weird"...

     

    Thanks,


    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v21 GA @ Home

    Sophos ZTNA (KVM) @ Home

Children