IPS on ASA 5545-X and 5515-X is slowing down user's traffic
I have two separate issues where IPS seems to be causing issues for user's traffic and it's reducing the bandwith available.
1) ASA 5515-X with IPS, it is running 7.1(7) software, we configured action filters that filter out every available action, for every signature for very IP address as victim or atacker, and at the end, pretty much any traffic was about 30-40% slower than without IPS inline. Inspection load was about 40-50% on IPS
2) ASA 5545-X with IPS, version 7.2 (1) software, IPS inline is getting about 50% slower file transfers than without forwarding any traffic to IPS. Inspection load is at 7-10%, and we configured same action filters, to make sure no signature will cause any packet drops...
Speedtest.net shows eved more drastical change, drop from 88Mbps to 11 Mbps.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...