GEN7 performance affected by Enhanced Security
Enzino78 Enthusiast ✭✭
Hello Community, have you any experience in how much performance degraded if the Enhanced Security option is enabled?
The above setting is the default value: can this may be dope the performance?
Category: Entry Level Firewalls
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
Well... considering there is currently no way to monitor the CPU core usage except for staring at it in web UI its going to be hard to tell. (SNMP MIBs have been requested for Gen 7 but have never been provided that include CPU AFAIK.)
Also to consider is on Gen6 the default setting was Maximum Security. On all the Gen 6's with Advanced Security I've ever deployed I've only had occasional performance issues that were either corrected with specific exceptions or a fix in a newer firmware.
I may try turning this on though and see what I can determine.
If I'm not mistaken, this option essentially tells the device to not even load the "low" level threat database. It's the largest of the threat db's and as such, you save a ton of resources on the device. Since most people don't detect/block on low-level threats, it can provide you with a much better-performing box when you start getting up towards the upper limits.
Are you sure? I'm currently using SNMP through PRTG and the specific Sonicwall's sensor is showing also CPU % and they are included also in the docs: SONICWALL-FIREWALL-IP-STATISTICS-MIB.MIB
@pmelchiori AFAIK there are no OIDs per Core available for SNMP, the overall 3 CPU usage metrics are OK but insights might be limited if you have no way to see if there are only a few of the available CPU cores are maxed out. This might have an impact on throughput if the load is not shared across all cores.
@BWC correct, it has always been an average value between all the CPU... 🙁 also for the old firmwares