Performance Impact of Using NBAR-Based Access Control Techniques
Using NBAR can incur some performance penalties on a router. Based on testing done using typical traffic originated to and from an enterprise network, the increase in CPU utilization can be from 12 to 15%. This is based on testing done for classification of protocols that have their ports dynamically assigned or negotiated with 300-byte packets with average flow lengths of 90 Mbps. This range of performance degradation is similar for the 2600, 3600, and 7200 series routers.
Although NBAR can be used to classify traffic for protocols that have statically assigned port numbers, this can also be done using ACLs. The performance impact of both methods is similar in this case.
NBAR uses ...
Get Network Security Principles and Practices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
