You have strict IPS corporate guidelines. This is having a performance impact on the firewall.
What steps could you take to minimize this impact without compromising the corporate policy?
A.
Without minimizing signatures you cannot improve performance
B.
Select “Protect Internal hosts only”
C.
Select “Bypass IPS inspection when gateway is under heavy load”
D.
Select “Perform IPS inspection on all traffic”
sk98348
Create a dedicated IPS profile for each Security Gateway (to fine-tune the performance of each individual Gateway).
Note that protections are categorized by performance impact. As such, enabling protections with “Critical” performance impact will highly increase CPU consumption.
Enable / Disable protections depending on your network devices and your needs (do not enable all the available protections).
Avoid setting protections to run in “Detect” mode – it might increase CPU consumption (without increasing the security).
Identify the protections that consume most of the CPU resources – follow sk43733 – How to measure CPU time consumed by IPS protections.
Disable protections that are not needed in your environment. To check, which protections are needed, you may use vulnerability tools (such as Nessus).
Set Protection Scope to “Protect internal hosts only” (SmartDashboard – Security Gateway properties – IPS pane).