High PIX Memory Utilization

Question

When I look at the top 10 Nodes by Percent Memory Used, 5/10 are PIX firewalls running at 70% memory utilization. Is there a certain feature that I might have enabled on these firewalls that is memory intensive? What are certain features that I need to be careful of that could be heavily taxing on our firewalls, as well as other network devices?

ecklerwr1 · Accepted Answer

Here are some possible causes and resolutions for high memory utilization on PIX and ASA's:

Event logging: Event logging can consume large amounts of memory. In order to resolve this issue, install and log all events to an external server, such as a syslog server. such as NPM
Memory Leakage: A known issue in the security appliance software can lead to high memory consumption. In order to resolve this issue, upgrade the security appliance software. Some versions have real problems with this.
Debugging Enabled: Debugging can consume large amounts of memory. In order to resolve this issue, disable debugging with the undebug all command.
Blocking Ports: Blocking ports on the outside interface of a security appliance cause the security appliance to consume high amounts of memory to block the packets through the specified ports. In order to resolve this issue, block the offending traffic at the ISP end.
: The threat detection feature consists of different levels of statistics gathering for various threats, as well as scanning threat detection, which determines when a host is performing a scan. Turn off this feature to consume less memory.