Re: IDSM-2 Analysis engine is showing 100% utilization
I have a 5510 ASA-SSM-10 with the 6.1(2)E3 version and my inspection load was stuck at 4%, and my processor was stuck at 100%
One of our websites have a SQL Injection attack this morning so I went to check the IDS/IPS and found the above problems. My signature version was 383.0 when I tried to update it to 385.0 it told me it was already installed, it was then I knew I had and issue.
I rebooted the sensor and everything seems to be fine now. I wonder if it got locked up when updating the sig to 384.0 or 385.0
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...