Bug on 4.0MR2 currently. Disabling IPS on your email server policy avoids this for the moment. Had to reboot after disabling IPS on my mail server policy to clear the CPU spike
High CPU with IPS engine enabled
April 22, 2010
Description: After upgrading a FortiGate device to v4.0 MR2 (B0272), under certain conditions the CPU may spike to over 90%. The issue is caused by a bug in the MIME parser of the IPS engine code when handling the header line of some emails. Some cases have been reported to FortiCare support where the CPU usage returns to a normal state on its own after a short period.
Affected Products: All FortiGate models running FortiOS v4.0 MR2 B0272 and using IPS Engine version 1.161.
Resolution: This bug is fixed with an interim IPS engine that is available from Customer Support for manual update. An updated IPS engine, version 1.162, will be released to customers running FortiOS v4.0 MR2 by Tuesday, April 27, 2010.
Bug on 4.0MR2 currently. Disabling IPS on your email server policy avoids this for the moment. Had to reboot after disabling IPS on my mail server policy to clear the CPU spike
ReplyDeleteHigh CPU with IPS engine enabled
April 22, 2010
Description:
After upgrading a FortiGate device to v4.0 MR2 (B0272), under certain conditions the CPU may spike to over 90%. The issue is caused by a bug in the MIME parser of the IPS engine code when handling the header line of some emails. Some cases have been reported to FortiCare support where the CPU usage returns to a normal state on its own after a short period.
Affected Products:
All FortiGate models running FortiOS v4.0 MR2 B0272 and using IPS Engine version 1.161.
Resolution:
This bug is fixed with an interim IPS engine that is available from Customer Support for manual update. An updated IPS engine, version 1.162, will be released to customers running FortiOS v4.0 MR2 by Tuesday, April 27, 2010.