I have seen similar results with dropping packets on a 40 mbps Internet connection. What is the size of your network? Speed? Number of users? Also in the counter, what are your "Number of TCP streams"? What sensors are you using 4220/4230?
DLPI drops is the total number of packets that your system has been unable to process for the entire duration that it has been up. You can not infer anything more than that from this number unless you are certain that no more than 4,000,000,000 have been processed during this time. If this is the case you can use the DLPI Drops/IP Packets to get a rough idea as to the percentage of traffic that is being missed.
As was mentioned by our friend from the House of Representatives there are other factors besides the absolute bandwidth that affect the perfromance of the sensor. We have recently provided an engineering build that has resolved his problems and are working towards releasing this perfromance enhancement in the 3.1 release.
How can I obtain statistics from my two (2) 4230 sensors? The option is grayed out in the Event Viewer. As is "Block List", "Connection Status", and "Network Device". "Services", is the only item enabled.
The Statistics are only available IMMEDIATELY after a signature update. 17 to 18, 18 to 19, etc. If I shut down the CSPM console (from the actual CSPM server), and re-launch the application, all the options are grayed out. I've seen this happen with 3 different upgrades to signature revisions.
I've got a TAC case open, but wanted to see if anyone else has been experiencing the same problem.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...