I finally upgraded my production XG210 firewall to v18 MR1 about a week ago. I turned on the new DPI engine as part of that. Since then I have receiving sporadic but increasing complaints about "the internet" being slow and sluggish. Some of it I was able to determine (via the SSL/TLS Control panel) was due to the decryption profile being a little too aggressive so I created a new decryption profile somewhere between max compatibility and block insecure to alleviate that. Today it came to a head because the system we use (all web based) for payroll was so slow just going from one page to the next it was practically unusable. Of course the logs for TLS/SSL Inspection show no problems at all. On a whim I changed the firewall rule back to using the web proxy engine and boom, the problem disappeared immediately.
So my question is, does anybody else use this in large scale production? Have you encountered this behavior? With the provided logging I can't see any problems being reported and I can't just take a daily poll asking people if the sites they're visiting are slow so I can add them to an exception list. I mean this site is a plain web based portal, there's nothing fancy or magical about it that DPI should be choking on.
Thanks.
This thread was automatically locked due to age.
