Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

IDSM-2 Missed Packet Percent

We have two IDSM-2's in seperate Cat6 chassis. Each IDSM-2 misses approx 48 pc of traffic.

The sensor's are set in promisc mode, and currently monitor 12 vlan's at an average rate of 180 mps thorughput. This rate has been monitored via PRTG. Cisco advised for us to upgrade to the latest software versions but the problem persists. If we reset the modules then the problem goes away for about 1 hr.

Anyone got any ideas. I am thinking RMA, but am confused that it is doing it on both blades.

For further information we have 10 other IDSM-s in seperate chassis, which work fine.

Thanks,

Jon

1 REPLY
Silver

Re: IDSM-2 Missed Packet Percent

Do you know what the packet per second rate is? That might be killing the sensors more than the actual bits/sec bandwidth. Also, you might have to start disabling lots of signatures to keep the sensors up. I would open a TAC and make a stink about the rated performance.

Just so you know, most Cisco IDS devices do not perform at rated specs (we typically find they perform at about 1/3 of the 'marketing-specs' in the real world).

Good luck.

293
Views
0
Helpful
1
Replies
CreatePlease to create content