Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
864
Views
0
Helpful
2
Replies

IPS 300Mbps Performance

alsayed
Level 1
Level 1

‎05-17-2010 07:16 AM - edited ‎03-10-2019 04:59 AM

Hi Guys

what is the performance mean in the IPS lets say IPS with performance 300mpps,what this means

Thanks

Labels:
0 Helpful
2 Replies 2

rhermes
Level 7
Level 7

‎05-17-2010 08:18 AM

The throughput performance numbers Cisco puts on their sensors are a fantasy.

In the real world we see the sensors max out at about half the Cisco rated performance threshold.

So if you're looking at a 4240 sensor that is rated for 300 Mb/s, you should expect to be able to feed it traffic up to about 150 Mb/s before seeing missed packet events in your logs.

The 150 Mb/s is the total of BOTH DIRECTIONS of transmission added together.

- Bob

0 Helpful

Panos Kampanakis
Cisco Employee
Cisco Employee
In response to rhermes

‎05-17-2010 09:21 AM

300Mbps of rich media throughput means that the IPS has been tested with ips signatures etc and it could achieve deep packet inspection without performance deterioration up to 300Mbps. In real world traffic were the packets are smaller, there is packet loss and your configuration is different, that number could be less. So, if you have a network requirement of about 300Mbps or more you would probably need to use a bigger IPs like the 4255 or 4260.

The throughput performance numbers Cisco puts on their sensors are a fantasy.
In the real world we see the sensors max out at about half the Cisco rated performance threshold.
So
if you're looking at a 4240 sensor that is rated for 300 Mb/s, you
should expect to be able to feed it traffic up to about 150 Mb/s before
seeing missed packet events in your logs.
The 150 Mb/s is the total of BOTH DIRECTIONS of transmission added together.

In general, in ALL networking data sheets the tests to produce the name numbers are based on certain circumstances. For example, for throughput performance benchmarks big packets of few UDP connectionless transactions are used.. That is not a lie, the numbers are real and they are achieved. Real world traffic is not always the same, so the actual performance could be less in a real world with packet loss, smaller packets etc scenarios.
Generalizations like "The throughput performance numbers Cisco puts on their sensors are a fantasy" are too vague and misleading.

Here is a sample link http://www.miercom.com/dl.html?fid=20080509&type=report where a third party evaluated similar firewall products from different vendors for your reference. There you will see that Cisco outperformed same scale boxes, and that real world HTTP traffic is less than the market name value for all vendors because of the reason I mentioned.

I hope it clarifies it a little.

PK

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card