ASA5520 performance

Unanswered Question
Jul 16th, 2009
User Badges:

Hi everyone

We're noticing under stress testing that our ASA5520 is maxing its CPU out at about 3900 TCP connections per second. This is way lower than what Cisco quotes, and our rule set is quite small (a few dozen rules).

Is this normal? We are using an AIP-SSM-20 module - could that have an effect on the firewall CPU?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
branfarm1 Thu, 07/16/2009 - 14:25
User Badges:
  • Bronze, 100 points or more

What are you using to stress test your 5520?

Do you have any of the advanced threat-detection or scanning-threat detection enabled? Those can both place high CPU stress on your device in certain situations.

osiristrading Thu, 07/16/2009 - 22:19
User Badges:

No advanced threat detection enabled. We are using the Microsoft web application stress test tool - all it does it a simple HTTP get on an object on the web server.


This Discussion