Your 4260 has an incredibly high number of Tuned/Enabled signatures, which is causing sensorApp to run at 99% CPU. Many sequentially numbered signatures are tuned. Did this issue correlate to the enabling of a large amount of signatures?
I suggest reviewing your current configuration and noting those signature tunings that you truly require. Then default your signature configuration and only apply those signature tunings that are needed.
Your sensor also encountered CSCta96144, which is fixed in IPS 7.0(4). You can review the bug w/ the
Re: Health Status for Failed Applications ---> Red
Thank you very much for the help. Im actually working with a company that bought 2 4260 and a 4270 They need to tunned the signatures based on their needs that's why there are so many tunned signatures.. In many signatures I only modified the action which change the sig to a tunned signature. I will try to do the upgrade next week to avoid hitting the bug.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...