Hi, I am following the awesome post by elektroinside on setting up IDS/IPS. In regards to hardware offloading, I am not sure which option I should select for VLAN Hardware Filtering- enable/disable/leave default.
Not sure if my understanding is correct - enable means the NIC is doing the work and disable means the software is doing the work (ie higher CPU overheads).
Please help?
Hardware filtering or any other type of offload lets the CPU do less work when enabled by performing operations in dedicated silicon (usually an ASIC).
Bart...
Quote from: bartjsmit on January 01, 2019, 09:32:36 AM
Hardware filtering or any other type of offload lets the CPU do less work when enabled by performing operations in dedicated silicon (usually an ASIC).
Thanks Bart but I am still not sure if I should disable VLAN Hardware Filtering to setup IDS/IPS. I think this is enabled by default.
I would leave it enabled - IDS/IPS and VPN are workloads that are most capable of limiting the throughput of the firewall. The more streamlined, the better.
Bart...
Thanks Bart!