FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article provides CLI commands to correct the High CPU and MEMORY usage Problem in the short term.
Scope
High CPU and Memory cause of IPS engine.
Solution
Use below CLI command:
diag test application ipsmonitor IPS Engine Test Usage: (Values for > 1: Display IPS engine information 2: Toggle IPS engine enable/disable status 3: Display restart log 4: Clear restart log 5: Toggle bypass status 6: Submit attack characteristics now 97: Start all IPS engines 98: Stop all IPS engines 99: Restart all IPS engines and monitor
The most common command used to deal with the IPS Engine running high is the following which restarts the IPS process:
diag test application ipsmonitor 99
diag test application ipsengine 99
When possible, use 'diag test application ipsmonitor 5' to disable IPS engine scanning and the inspection feature only instead of 98: Stop all IPS engines
Note: Do not run the restart or stop commands during production hours, as it will affect the ongoing session. Make sure to run them in the maintenance window.
