IPS Engine 1.092 is causing high CPU utilization on various models of Fortigate firewalls. As per Fortinet IPS Engine 1.096 should fix this issue and is due to be released via automatic update on Friday, June 27th.
Use the following command to determine which engine you are currently running
get system fortiguard-service status
You can use the following command to restart the IPS engine. This resolves the high CPU utilization temporarily without having to reboot the firewall.
diag test app ipsmonitor 99
Another command you can try is
diag test app ipsmonitor 5
This puts the IPS Engine into bypass mode. Issuing the same command again turns it back on.
executing this command
ReplyDeletediag test application ipsmonitor 4
should happen?