PA-2050 have problem performance CPU dataplane. (80 -95% all time)
Deploy paloalto 4 zones (inside, outside, DMZ, Server)
Enable IPS, Antivirus, Antispyware
firmware version 4.0.7
Throughput avearage 200 - 250 Mbps
Connection 20000 - 30000 session
Testing disable layer 7 application with create Application overide policy between inside and Server zones (All TCP and UDP Port)
result CPU dataplane 40-50 %
after 1 days
I create security policy allow ssh application between inside to outside
then paloalto firewall is down
Please propose solution to me ? (My customer want to view application traffic log between inside and server zone)
It's worst if use application overide solution.
Upon initial review of the network diagram and your description, there may not be a problem. The PA2050 is rated for 500Mbps threat prevention throughput under optimal condition. The average throughput you're seeing is 200M-250Mbps, which means the PA2050 would be at ~45-50% CPU at the very best. Other factors to consider are: types of traffic mix, packet size, zip contents that have to be scanned, etc. These factors would affect CPU usage.
You may want to contact Support or your local Palo Alto team to review your environment in more details.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!