Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 8605 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos SG 125 slowing down internet by 80%

IT Guy

Good Day Everyone!

Recently (this week) I've upgraded my company's Cyberoam CR25iNG to Sophos SG 125. We have increased our Internet Speed from 100MBPS to 500MBPS - Static IP. When Intrusion Prevention is ON, I get only 20% of my Internet Speed via Ethernet only for Server and other Ethernet powered devices, but when IPS is OFF I get 500MBPS for my server but only 20% of the speed for other Ethernet powered devices. Worse, laptops that connect via WiFi I get only about 30 - 40 MBPS.

Devices in Use:

  • Sophos SG 125
  • DLink 24-Port UTP 802.3AF POE
  • Cisco WAP321 (WiFi Router)

Please let me know if it is something I have to fix with Policies?



This thread was automatically locked due to age.
  • 0

    Hi,

    IPS can affect performance and bandwidth since every single packet traversing the networks defined under 'Local networks' are being intercepted and evaluated against hundreds or thousands of Attack Patterns. These potential performance and bandwidth effects can be mitigated through the following methods:

    1. Do not enable IPS on hosts, networks or services which are time-sensitive (VoIP etc).
    2. Ensure that you only enable Attack Patterns for hosts, operating systems and services which are actually running on your network.
    3. Add all internal HTTP, DNS, SMTP and SQL Servers to the appropriate dialog box in the 'Advanced' section for IPS configuration.
    4. Add a second UTM for High Availability and activate in "Active/Active" mode for load balancing of IPS processing.
    5. Upgrade to version 9.2x of the UTM firmware.

    Alongside, WiFi connected devices can be affected due to frequency band congestion or improper channel selection. Our concentration should be on improving the bandwidth received through the Ethernet connections before troubleshooting the wireless connections.

    Hope that helps.

  • 0 in reply to sachingurung

    Hello,

    Thank for that tip, I had to take down the new firewall and replace it with older one for time being. Everyone's WhatsApp Calls were blocked, our fax didn't work. So until it is figured out, I have to get back to the older firewall.

    I will keep you posted.

    Regards
    Kesavan