cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Understanding Throughput

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
ahmedessam
L0 Member
‎11-09-2016 04:26 AM
‎11-09-2016 04:26 AM

Understanding Throughput

i need help with understading how threat prvention throughput works ,i mean for all integrated features(ips,antivrus,..) what is the throughput of each alone ,as in specsheet only total throughput is mentioned 

0 Likes
Reply

Accepted Solutions
reaper
L7 Applicator
‎11-09-2016 05:31 AM
‎11-09-2016 05:31 AM

we use single pass parallel processing to process traffic, so that means for a platform that has 4gbps App-ID throughput, an estimated 2gbps will be achieved if all threat prevention (av + ips + fileblocking, ...) is enabled

 

so if the customer requires 2 gbps ips throughput, you would need the PA-3050 to comply with this requirement (the 1gbps AV is included in the 2 gbps throughput)

Tom Piens - PANgurus.com
Like my answer? check out my book! amazon.com/dp/1789956374

View solution in original post

Reply

All Replies
reaper
L7 Applicator
‎11-09-2016 05:12 AM
‎11-09-2016 05:12 AM

lease take a look at this information : Platform Specifications and Features Summary

 

as a rule of thumb, we estimate total throughput is halved if all bells and whistles are enabled. depending on your actual traffic mox, results may vary slightly

Tom Piens - PANgurus.com
Like my answer? check out my book! amazon.com/dp/1789956374
0 Likes
Reply
ahmedessam
L0 Member
‎11-09-2016 05:23 AM
‎11-09-2016 05:23 AM

ok if customer as example asks for 1Gb antivrius throughput , ips 2Gb,file block 1Gb, throughput ,a threat prevention with total 5gb comply  ?how will i specify antivrus with 1gb and ips with 2?

0 Likes
Reply
reaper
L7 Applicator
‎11-09-2016 05:31 AM
‎11-09-2016 05:31 AM

we use single pass parallel processing to process traffic, so that means for a platform that has 4gbps App-ID throughput, an estimated 2gbps will be achieved if all threat prevention (av + ips + fileblocking, ...) is enabled

 

so if the customer requires 2 gbps ips throughput, you would need the PA-3050 to comply with this requirement (the 1gbps AV is included in the 2 gbps throughput)

Tom Piens - PANgurus.com
Like my answer? check out my book! amazon.com/dp/1789956374

View solution in original post

Reply
Sly_Cooper
L4 Transporter
‎07-20-2018 10:53 AM
‎07-20-2018 10:53 AM

@reaperIs it possible to track throughput? I came across 'show session info' and 'show session statistic' commands to check for throughput. While 'show session statistics' commands shows aggregated values, it is real time and I have not seen a way to retrieve it programatically.

0 Likes
Reply
BPry
Cyber Elite
Cyber Elite
‎07-20-2018 12:20 PM
‎07-20-2018 12:20 PM

@Sly_Cooper,

Check out Pan(w)achrome. It can give you the Bitrate and Packet rate for the logical and hardware interfaces in a semi-realtime view. Otherwise you could utilize the API to get this information and essentially rebuild it for yourself, but this is a pre-packaged solution at least. +

Reply
vsys_remo
Cyber Elite
Cyber Elite
‎07-20-2018 12:32 PM
‎07-20-2018 12:32 PM

@Sly_Cooper

For continuous monitoring including storing these values to get also a historical view you should take a look at snmp and a monitoring software.

Examples are:

Reply
Sly_Cooper
L4 Transporter
‎09-11-2018 10:56 AM
‎09-11-2018 10:56 AM

@vsys_remoAre you monitoring these values using the software mentioned? Do you know if these are out of the box options or need specific snmp MIB compilation?

0 Likes
Reply
vsys_remo
Cyber Elite
Cyber Elite
‎09-11-2018 11:05 AM
‎09-11-2018 11:05 AM

@Sly_Cooper

Things like throughput, processorload and used diskspace can be monitored (I assume) with most software out of the box - in other words everything that could be monitored with standard mibs. Values where you need the Paloalto mib (like sessioncount) need at least an import of the mib (in most cases) and in case of PRTG they offer a little tool to convert mibs into the format used by PRTG.

0 Likes
Reply
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

Latest Blogs
Latest Posts
Privacy Policy Terms of Use
Copyright 2007 - 2021 - Palo Alto Networks