Join Date: Jul 2001
Location: southern California
09-07-2012, 08:21 PM
The IPS and the Application Detection / Traffic Classifier can both use a lot of CPU.
The IPS can normally process one network stream per CPU, so you may not be noticing the high single-threaded CPU usage. You should be able to see it better in 'top' if you press '1' to show all the CPUs.
Anyways, as a test, try disabling the IPS and Application Detection / Traffic Classifier and PortScan/Flood prevention and see if there's a performance improvement.
If it helps, try tuning the IPS settings (remove unneeded rule groups, define your SMTP, WEB, SQL servers, etc.)
Also see http://www.astaro.org/gateway-produc...-tweaking.html
IT Consultant specializing in high-performance Web Infrastructure and Security.
Astaro End-user since v1.x
- ASL 9.2x, HP DL360G5 - FW, IPS, VPNs
- ASL 9.2x, 2 Dell 1950's as WAF/proxy w HA
- UTM 9.1x, Atom n270, 2GB RAM, 2 Intel GigE
Netgear GS108T gigE switch & Astaro AP30 Access Point with 4 VLANs.
60/60mbit FiOS internet.
- Pending - UTM 9.2x, i5-4670, 4GB RAM, 2 Intel GigE
Needs new NIC drivers before deploying