High CPU is not an issue in-and-of itself. There was a change made with the releae of the E3 analysis engine which makes more use of the CPU during idle periods. This issue is outlined in the release notes from the time of the E3 release:
The change was made in response to bug CSCsu77935. Here is the explanation from the release notes:
"The idle time algorithm of the sensor has been modified. Additional CPU has been applied to polling the NICs to decrease the polling interval and reduce latency. The CPU usage is thus reported as higher than in previous releases, including external tools such as top and ps. You will notice the additional CPU load on single-CPU platforms and on the primary CPU of multicore systems.
Because the additional CPU load reported while polling is actually available to process packets, and is reduced as inspection load goes up, it does not negatively affect the overall throughput of the IPS.
The best indication of sensor load is shown under the Processing Load Percentage section in the show statistics virtual-sensor command output and on the IME Home Page."
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...