[Oisf-users] Tuning Suricata Inline IPS performance
Victor Julien
victor at inliniac.net
Mon Nov 21 18:37:13 UTC 2011
On 11/21/2011 09:00 AM, Hariharan Thantry wrote:
> When I turn on Suricata (latest 1.1 release version), with the defaults,
> the speeds range between 350kbps-1Mbps (using emerging threats ruleset).
Those numbers are way to low. I run a 8k ruleset in nfq mode on an Atom
N270 and it easily keeps up with 12mbit (which is my internet
connection). So on that hardware you should see much better speeds.
Do you see one of the threads hit 100% all the time?
How many rules are you using? And are you using the specific Suricata ET
version?
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list