cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
457
Views
0
Helpful
1
Replies

IPS CPU usage

NicholasGaba
Level 1
Level 1

I'm in the process of studying for my CCNA Security and just finished the section about IDS and IPS. I knew about them before, but didn't know that they could be configured on a standard ISR through the SDM. I have a 2811 as our main router, then goes out to our ASA and then to our WAN router. If I implement IPS on my main 2811 router without the network modules or aim cards, about how much cpu usage does it us? Is it going to greatly slow down our network, or will I really even notice?

On the 2811, we have 2 point to point T1's, and does all the main routing. Will having IPS run off the same CPU slow down my network? Or would it be best to look into the AIM module, or something else?

1 Reply 1

vmoopeung
Level 5
Level 5

Do not enable all IPS signatures. The router may not be able to able to compile all signatures, resulting in high CPU and memory usage, degraded performance, and a system crash.

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/ips_v5.html#wp1093849

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: