Cisco Cisco IPS 4520 Sensor 白書
© 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 3 of 13
1. Introduction
1.1. Purpose
This white paper illustrates how different IPS performance metrics can be used to help customers determine the
appropriate sizing for their IPS deployments. Customers can use this information to help interpret the different
performance numbers that are presented in the Cisco
®
IPS 4500 and 4300 Series data sheets. The paper also
provides detailed performance results for various testing methodologies.
1.2. Interpreting Data Sheet Metrics
The Cisco IPS 4500 and IPS 4300 Series data sheets provide several performance-related metrics, including real-
world average throughput and maximum inspection throughput. These metrics and the testing methodologies
behind them are detailed in this white paper.
Note:
The throughput numbers in this white paper are higher than the numbers listed on the data sheets. This
is because a margin is used for the data sheet numbers to ensure our appliances can achieve a performance
above what is listed. The results presented in this white paper are the raw results of our testing, without the margin
included in the data sheets.
The data sheets include other metrics, such as maximum connections, connections per second, and average
latency. These metrics and their testing methodologies are also explained in detail in this white paper.
Table 1 includes some of the key data sheet performance metrics for Cisco IPS 4300 and IPS 4500 Series
sensors.
Table 1.
Key data sheet performance metrics for Cisco IPS 4300 and IPS 4500 Series.
IPS 4345
IPS 4360
IPS 4510
IPS 4520
Real-World Average Throughput
750 Mbps
1.25 Gbps
3 Gbps
5 Gbps
Maximum Inspection Throughput
1.8 Gbps
2.4 Gbps
5 Gbps
10 Gbps
Maximum Connections
750,000
1,700,000
3,800,000
8,400,000
Connections/Second
30,000
45,000
72,000
100,000
Average Latency (µs)
< 150
< 150
< 150
< 150
Performance is dictated by several factors, including traffic conditions on the network the IPS is deployed in,
signature tuning and software signature versions. Although Cisco provides numbers based on realistic traffic
mixes and network conditions, actual performance may vary.
1.3. The Importance of Accurate Performance Metrics
Network design success hinges on multiple factors, including the expected performance of the elements involved.
Without proper throughput alignment, chokepoints can arise, impacting network traffic availability. Cables,
interface cards, and other simple elements have fairly predictable and accurate performance guidelines. More
sophisticated components, such as switches and routers, can exhibit a greater range of variance. Security
elements have an equal if not greater range of performance results.