XG Firewall v18 MR-5: Feedback and experiences

I just downgraded back to MR-4 as web browsing speeds tanked after MR-5 upgrade.
Watching page load in inspector showed long TTFB, between 3 and 5 seconds for most sites.
Suspect possible issue with IPS, didn't have time to dig into troubleshooting it.
Rollback to MR-4 went smoothly, web page loads are no longer delayed.

Your suspicions are correct. Since March 22nd we have been working with support on downloads pausing when TLS decryption is enabled. They have narrowed it down to firewall acceleration. When Acceleration is disabled and TLS is enabled, we can download large items, albeit slower than our throughput. Web browsing in general seems delayed across  the estate even without TLS decryption. The handling of this case has been abysmal and we’ve extended patience wayyyyy beyond what should be required for enterprise gear. A solution is still unmentioned at this point. I’ve always enjoyed Sophos support, but as soon as they sold to private equity, things immediately went downhill. Prove us wrong Sophos and you’ll keep customers for life. 

Your suspicions are correct. Since March 22nd we have been working with support on downloads pausing when TLS decryption is enabled. They have narrowed it down to firewall acceleration. When Acceleration is disabled and TLS is enabled, we can download large items, albeit slower than our throughput. Web browsing in general seems delayed across  the estate even without TLS decryption. The handling of this case has been abysmal and we’ve extended patience wayyyyy beyond what should be required for enterprise gear. A solution is still unmentioned at this point. I’ve always enjoyed Sophos support, but as soon as they sold to private equity, things immediately went downhill. Prove us wrong Sophos and you’ll keep customers for life. 

First of, this is already work in progress as a fix. See: https://community.sophos.com/sophos-xg-firewall/f/discussions/123913/sophos-xg-18-mr3-dpi-slow-download/462938#462938

Expecting to be fixed in the next upcoming version. 

The part about the download and issue with downloading files. Do you have anykind of Antivirus scanning enabled for big files (Increase the size of the download file in Proxy)? 

Where is the “Known issues” section of the release notes? Why then, is support still wasting my time logging into the device and collecting logs and atop monitoring multiple times, not clearly laying out the known problem? This has not to my knowledge been mentioned that a solution is in play already. I’ve sunk 30+ hours of customer support into this so far. To their credit, support has been apologetic and I feel bad even mentioning it here, but serious, how are things going to change if we don’t squeak loudly enough that this is not an okay process. I’ve experienced great support from Sophos, so I know it can be done. Finding out about a known issue here from a “community forum” rather than from my escalated support techs is frustrating to say the least. Were 8 weeks into the abyss on this problem. 
thank you for your link however and I suppose we should be glad a fix is on the way, but Sophos MUST stop beta (read: Upgrade as soon as possible) testing on its users of XG Firewall, and update release notes when a known issue this significant is understood. 

 Only Sophos default scanner is enabled. No change to download size has been made in proxy.