I apologize in advance if this is not the correct forum - please redirect me if there is a better area for general utm performance questions. I also apologize for the length.
I am hoping someone with experience can point us in the right direction for enhancing the overall performance of our current UTM while spending the minimum amount on hardware/licensing. ;-)
Here are the details;
- Qty 2 (Clustered) UTM220 Rev 5 Black/Orange Hardware under current support subscription, we update it very frequently. Only one unit is online at any time in the cluster in a failover configuration.
Firmware version: 9.106-17
Pattern version: 52771
Concurrent connections average: 660
Memory average (4GB ea - shhh!): 52% (little over 2GB)
Swap average: 51% (why?)
CPU average: 11% with a max of 61%
Log has plenty of space available
Complete Full Guard Subscription with the following services running;
- Firewall
- Transparent Web Proxy (dual scanning enabled with about 50 active Windows & Linux Clients - would like to enable login via LDAP)
- DNS (inside:about 300 static entries, outside: recursive lookup to ISP)
- IPS
- VPN (Three Red 10 devices active)
- HTML5 VPN connections (average 1 outside connections at any one time against one of 100 available hosts, this has a maximum of 5 outside connections a few times a month)
- Wireless Management/Protection (Three AP50 with about 10 active devices on a guest network, perhaps 5 devices on a network integrated into the main lan)
- Endpoint Protection managing about 5 clients on a trial basis, would like to expand to 75.
So where do we go from here? Why is the swap file use so high when there is so much ram available? Long term - should we break our cluster and split services among the two utm's? How are others managing this? Appreciate any insight, as performance is barely acceptable now and as add services and grow we are concerned...
This thread was automatically locked due to age.
