Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 2 subscribers
  • Views 2172 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

V9.101-12 Web Proxy speed degraded

bryans2k
Anyone else getting degraded download speed on V9.101-12 versus what it was previously?

I came from V9.006-5 on this setup and the thing is operating at half the speed it was just minutes before the upgrade with the exact same config.

Bryan


This thread was automatically locked due to age.
  • 0
    Bryan, try what I call Rule #1 (enhanced):

    Whenever something seems strange, always check the Intrusion Prevention,
    Application Control and Firewall logs.


    Anything there?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    I can turn off intrusion control for everyone and it will return to normal but the fact is that it has always been on. I also have the test box on the exception list for everything possible even though it makes no difference.

    I tested the speed minutes before and minutes after the upgrade. So who knows what caused it. I've gone up and down the config checking everything support wanted so that's why I'm now asking if anyone else noticed a change who has the protection features turned on.

    Bryan
  • 0
    Hi ,

    What kind of hardware you use ?
    What is the CPU and RAM state ?
    Do you have any logs that shows the difference ?
    More information is needed.

    All my best.

    Gilipeled

    Gil Peled.

    CEO- Expert2IT LTD.

    SOPHOS Platinum Partner.

    Gil@expert2it.co.Il.

  • 0 in reply to gilipeled
    It's a HA UTM 220 (latest rev) Active/Active setup. Wouldn't have logs of speed tests.
  • 0
    CPU ,MEM. Status ?

    Gil Peled.

    CEO- Expert2IT LTD.

    SOPHOS Platinum Partner.

    Gil@expert2it.co.Il.

  • 0 in reply to gilipeled
    Whatever these boxes come with from the factory and a single user load at the time of testing with two dozen fw rules and the typical web/intrusion protection turned on. Most everything else off outside of some RED/VPN tunnels. QoS is turned on but it's just to equalize bandwidth usage currently as all rules have been turned off. I get the same result regardless of QoS settings.

    The only thing that makes a noticeable difference is of course turning IPS on or off but it was on previously.

    We use single av scanning. We also don’t use caching. All equipment is at 1 Gbps Full Duplex with a default MTU 1500. TCP Window scaling is on. Not using Application control.
  • 0
    I can turn off intrusion control for everyone and it will return to normal but the fact is that it has always been on.

    Yet you looked in the Intrusion Prevention log and there was nothing related?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Actually, it's showing:

    snort[15745]: S5: Session exceeded configured max bytes to queue 1048576 using 1050000 bytes (client queue)

    looks related to this:

    https://community.sophos.com/products/unified-threat-management/astaroorg/f/75/t/64002
  • 0
    If anyone having this problem has paid support, please arrange to have a ticket submitted to Sophos to be sure this issue is addressed.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    I sent it to them yesterday.

    Bryan
Cookie Information Banner