Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 30 subscribers
  • Views 16189 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG 135 browsing is terrible

Louie Saldivar

Have XG 135 and browsing is terrible. Pages are taking 30 sec. to load. We currently have 50/50 fiber speeds.



This thread was automatically locked due to age.
Parents
  • 0

    Hi Louie,

    Do you have any malware scanning or web filtering etc.. enabled on the firewall rules?

     

  • 0 in reply to Vadym Orlyak

    Hello Vadym,

    Thank you for replying. 


    Here is my config. 

     

    Malware Scanning
    Scan Engine Selection
    Single Engine (Optimal Performance) Dual Engine
    Single scan engine is set to Sophos.
    Malware Scan Mode
    Real-time (Faster User Experience) Batch (Maximum Protection)
    Do not scan files larger than
    MB
    Content that could not be scanned
    Block (Best Protection) Allow
    Files that cannot be fully scanned because they are encrypted or corrupted may contain undetected threats.
    Advanced Settings
    Maximum file scan size for FTP
    MB
    Scan audio and video files
    Scan video and audio content for malware and threats. Scanning can cause issues with streaming audio and video players.
    Enable pharming protection
    Protect users against pharming and other domain name poisoning attacks by repeating DNS lookups before connecting.
    ______________________________________________________________________________________________________
     
     
    Rule Name
    Action
    AcceptDropReject
    Description
     
    Source
    Source Zones
    • LAN
    Add New Item 
    Source Networks and Devices
    • Any
    Add New Item 
     
    During Scheduled Time
    All the Time 
     
    Destination & Services
    Destination Zones
    • WAN
    Add New Item 
    Destination Networks
    • Any
    Add New Item 
     
    Services
    • Any
    Add New Item 
     
    Identity
    Match known users


    Malware Scanning
    Scan FTP

    Scan HTTP

    Decrypt & Scan HTTPS
    Advanced
     
     
     
     
     
     
     
    User Applications
    Intrusion Prevention
    None 
    Traffic Shaping Policy
    None 
    Web Policy
    Default Workplace Policy 
    Apply Web Category based Traffic Shaping Policy
    Application Control
    None 
    Apply Application-based Traffic Shaping Policy
    Synchronized Security

    Minimum Source HB Permitted:
    GREEN
    YELLOW
    No Restriction
    Block clients with no heartbeat




    Minimum Destination HB Permitted:
    GREEN
    YELLOW
    No Restriction
    Block request to destination with no heartbeat
    NAT & Routing
    Rewrite source address (Masquerading)
    Use Gateway Specific Default NAT Policy
    Use Outbound Address
    MASQ 
    MASQ (184.17.147.6)
    Primary Gateway
    WAN Link Load Balance 
    Backup Gateway
    None
    DSCP Marking
    Select DSCP Marking 0-Best Effort 1 2 3 4 5 6 7 8-Class 1(CS1) 9 10-Class 1,Gold(AF11) 11 12-Class 1,Silver(AF12) 13 14-Class 1,Bronze(AF13) 15 16-Class 2(CS2) 17 18-Class 2,Gold(AF21) 19 20-Class 2,Silver(AF22) 21 22-Class 2,Bronze(AF23) 23 24-Class 3(CS3) 25 26-Class 3,Gold(AF31) 27 28-Class 3,Silver(AF32) 29 30-Class 3,Bronze(AF33) 31 32-Class 4(CS4) 33 34-Class 4,Gold(AF41) 35 36-Class 4,Silver(AF42) 37 38-Class 4,Bronze(AF43) 39 40-Class 5(CS5) 41 42 43 44 45 46-Expedited Forwarding(EF) 47 48-Control(CS6) 49 50 51 52 53 54 55 56-Control(CS7) 57 58 59 60 61 62 63
    Log Traffic
    Log Firewall Traffic
     
Reply
  • 0 in reply to Vadym Orlyak

    Hello Vadym,

    Thank you for replying. 


    Here is my config. 

     

    Malware Scanning
    Scan Engine Selection
    Single Engine (Optimal Performance) Dual Engine
    Single scan engine is set to Sophos.
    Malware Scan Mode
    Real-time (Faster User Experience) Batch (Maximum Protection)
    Do not scan files larger than
    MB
    Content that could not be scanned
    Block (Best Protection) Allow
    Files that cannot be fully scanned because they are encrypted or corrupted may contain undetected threats.
    Advanced Settings
    Maximum file scan size for FTP
    MB
    Scan audio and video files
    Scan video and audio content for malware and threats. Scanning can cause issues with streaming audio and video players.
    Enable pharming protection
    Protect users against pharming and other domain name poisoning attacks by repeating DNS lookups before connecting.
    ______________________________________________________________________________________________________
     
     
    Rule Name
    Action
    AcceptDropReject
    Description
     
    Source
    Source Zones
    • LAN
    Add New Item 
    Source Networks and Devices
    • Any
    Add New Item 
     
    During Scheduled Time
    All the Time 
     
    Destination & Services
    Destination Zones
    • WAN
    Add New Item 
    Destination Networks
    • Any
    Add New Item 
     
    Services
    • Any
    Add New Item 
     
    Identity
    Match known users


    Malware Scanning
    Scan FTP

    Scan HTTP

    Decrypt & Scan HTTPS
    Advanced
     
     
     
     
     
     
     
    User Applications
    Intrusion Prevention
    None 
    Traffic Shaping Policy
    None 
    Web Policy
    Default Workplace Policy 
    Apply Web Category based Traffic Shaping Policy
    Application Control
    None 
    Apply Application-based Traffic Shaping Policy
    Synchronized Security

    Minimum Source HB Permitted:
    GREEN
    YELLOW
    No Restriction
    Block clients with no heartbeat




    Minimum Destination HB Permitted:
    GREEN
    YELLOW
    No Restriction
    Block request to destination with no heartbeat
    NAT & Routing
    Rewrite source address (Masquerading)
    Use Gateway Specific Default NAT Policy
    Use Outbound Address
    MASQ 
    MASQ (184.17.147.6)
    Primary Gateway
    WAN Link Load Balance 
    Backup Gateway
    None
    DSCP Marking
    Select DSCP Marking 0-Best Effort 1 2 3 4 5 6 7 8-Class 1(CS1) 9 10-Class 1,Gold(AF11) 11 12-Class 1,Silver(AF12) 13 14-Class 1,Bronze(AF13) 15 16-Class 2(CS2) 17 18-Class 2,Gold(AF21) 19 20-Class 2,Silver(AF22) 21 22-Class 2,Bronze(AF23) 23 24-Class 3(CS3) 25 26-Class 3,Gold(AF31) 27 28-Class 3,Silver(AF32) 29 30-Class 3,Bronze(AF33) 31 32-Class 4(CS4) 33 34-Class 4,Gold(AF41) 35 36-Class 4,Silver(AF42) 37 38-Class 4,Bronze(AF43) 39 40-Class 5(CS5) 41 42 43 44 45 46-Expedited Forwarding(EF) 47 48-Control(CS6) 49 50 51 52 53 54 55 56-Control(CS7) 57 58 59 60 61 62 63
    Log Traffic
    Log Firewall Traffic
     
Children