Hello. I have a client who is looking at replacing an MX-450 for a Virtual MX that can handle a heavier load specifically when using Malware detection and Intrusion detection. They have a 2Gig fiber up and down that they regularly use 80% of. When the malware and intrusion detection is enabled it chokes the connection. My feeling is the MX-450 can physically handle the 2800 devices, they just need a bigger pipe to the net to handle the usage.
Does anyone have any experience with the virtual MX or have an MX-450 with a 3-10Gig pipe and about 3000 active devices that can give me some good feedback?
If the connection is “choking”, then probably need to investigate what that actually is (Wireshark etc) and where it’s coming from as it may well not be the MX450
I agree with you, a 450 can handle double that with all features enabled. And I agree with /u/ivantsp as well, it doesn’t sound quite like it’s the MX but something else. It sounds to me like the MX is sending lots of malware scanning data out to another site and that increase in traffic is the problem. What is your scanning tool, Unbrella?
If you want bells and whistles on a security appliance at a high throughput, you should look to Palo or Fortigate. We have a MX450 ha pair. It cannot keep up with 2 1gig wans. For example, uploading to a S3 bucket on wan1 slowed down when I ran a Speedtest from wan2. Different clients obviously. Circuits are geo diverse. Or high rates of cross vlan traffic. Our no amp group policy is used quite a bit.