Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
236
Views
0
Helpful
1
Replies

Router's IDS performance

ovt
Level 4
Level 4

‎01-14-2003 11:21 PM - edited ‎03-09-2019 01:41 AM

Hi all!

How does router's IDS affect router performance? In the output of "show ip

audit stat" I see that many signatures are handled in the process switching

mode, for example: 1004 (LSRR, SSRR), 2000 (echo replay !?), 2150

(fragmented ICMP), TCP scans, etc. Is that ok?

Thanks,

Oleg Tipisov,

REDCENTER,

Moscow

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎01-15-2003 07:00 PM

Turning on IDS affects a routers performance greatly. I would NOT do this on a busy router, use an IDS sensor for that purpose if you're really serious about IDS. Since the router has to look at all parts of the packet, not just the header, a lot of the traffic is then process switched. Plus the router only looks for a small subset of all the signatures that a sensor will capture.

0 Helpful
Customers Also Viewed These Support Documents