*** I would contact TAC to see if they have some better suggestions. Q0: how many sessions are generated by "RANGER_Prx-FTP-HTTP-HTTPS-01-02" ? Q1: Does rule "RANGER_Prx-FTP-HTTP-HTTPS-01-02" have threat, wildfire, SSL decryption, URL enabled? Q2: Can you try write an application override rule for "RANGER_Prx-FTP-HTTP-HTTPS-01-02" , that will bypass all Layer 7 inspection. Based on the rule name, it is allowing FTP, HTTP, HTTPS traffic. It will be interesting to see the session counts during peak hours. Since many of those HTTP and HTTPS sessions are short live and it could be high frequencies. >> And why does DP1 shows 100% and DP0 only 40%. Shouldn't it be evenly distributed? It has to do with the DP hashing algorithm, since DP0 already needs to handle new session creation on 5000 series. I believe to 5050 only has 2 DP. That is pretty much the best it can do.
... View more