Firepass is SLOW! Cisco Config Issue - 6.0.2_5

Hi Guys,

 

 

If i had a dollar for the number of times i've seen FirePass performance issues which came down to mis-matched link speed and duplexing between the FirePass and the switch I'd be a rich man. By default, all FirePass network ports are set to "Auto" and depending on which RFC you read different vendors will 'default' to a different 'Auto' configuration. The only 'Auto negotiation' I've seen work reliably is GigE ports on both the FirePass (4100/4300) and the switches. So if this isn't your environment I'd strongly recommend hard setting both ends to be the same (set the FirePass to 100Mb/Full Duplex and the switch the same - for example). I even had one time where i did this on a FirePass 4300 with a Nortel switch and the FirePass still came up at 100Mb Half Duplex cause the Nortel switch was doing some whacky stuff so the point is even after you configure it - go back and check!

 

 

The other things to look for in regards to FirePass performance is caching and compression. As a rule of thumb, caching is generally good and compression is generally bad. Depending on what you're using FirePass for (Network Access, Application Access, etc) try messing about with the compression and/or caching settings to see if that helps. Generally, these should only be an issue if you're CPU bound (check the CPU load graphs on the device or via SNMP monitoring if you have it setup).

 

 

Hope this helps you out.

 

 

Cheers,

 

Mal