05-16-2018 04:16 PM
So - I have enabled IPS. I have the standard USG. I have noticed a significant drop in network speed conducted using speedtest.net. Its 60 mbps down and 35 up. My stated ISP speed is 200 down / 35 up.
With IPS disabled, after 10 min if I run the same test I get 180 down / 35 up.
Is this really the expected behavior here?
I do have multiple VLANs in the network, but my USG and the computer in which I'm running the test / connecting to Unifi controller are in the same VLAN - actually its the default VLAN.
05-16-2018 04:55 PM - edited 05-16-2018 04:56 PM
That sounds about right. IPS/IDS disables hardware offload, so overall throughput will be lower. There is a warning right in Settings>IPS, which I've also attached it to my post. That said, personally I've always used the rough guidelines from EdgeOS (found HERE):
ERLite-3 and ERPoe-5: below 60 Mbps most likely will work, above 200 Mbps most likely will not work. ERPro-8: below 200 Mbps most likely will work, above 550 Mbps most likely will not work.
I removed other hardware from this list. The ER-Lite-3/PoE-5 is the equivalent of USG, and ER-Pro-8 is the equivalent of USG-Pro.
05-16-2018 06:52 PM
Question: Will removing VLANs and making everything work off the default LAN improve performance? Asking since in some other thread I gathered IPS only is applicable during inter LAN communications, i.e. with USG is involved.