Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 32 replies
  • Subscribers 2 subscribers
  • Views 16229 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

High CPU Load for long time while up2date

dahardy
Hi,
I have a big problem with my sophos utm220 (9.306). Every time, when I want to make a manual up2date or an automatic up2date (Pattern Update) my system is getting a high cpu load for about 15 minutes. In this time nothing works. No internet acces , wlan is getting off. With my SSH client I can`t login.  After 5 mintues the login via ssh works but the "top" command doesn`t show me some useful information.

What can I do ? Where do I have to search ?

I`ve got some other utm220`s (9.306) - there are no problems.


This thread was automatically locked due to age.
  • 0
    Which patterns are being updated when you have high CPU load?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hello,

    which revision is your hardware?
    Which services are running (web/smtp proxys, ATP/IPS etc.)?
    How many users and bandwidth?

    You can try to disable dual-av scanning, if you're using the proxies + disable the ips and take a look on behaviour when it comes to an u2d process.
    When this constellation is running stable you can try to enable ips with only a few categories (windows/malware/office/browser) and an rule-ageing for 
  • 0
    Additionally:

    Run top from the console (not via ssh).

    Logs?
  • 0
    Hardwarerevision is : utm220v3
    The CPU load is high by ervery pattern-check
    40 Users with a 10Mbit Connection.


    Today we `ve orderd a SG230HA.

    Maybe it will run better.
  • 0
    it will cause better hardware...

    you could have "tuned" your utm220 yourself by setting ram to 4GB... 
    not "supported" by sophos but works.. and you have made it to a utm320 then...

    edit:
    a rev 3 got 1gb ram... you have to quad it to have better performance...

    greets

    zaphod
    ___________________________________________

    Home: Zotac CI321 (8GB RAM / 120GB SSD)  with latest Sophos UTM
    Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...

  • 0
    We have the same problem. The Sophos Support set our Reporting Settings under Logging&Reporting to "1 day".
    That´s only a workaround. We are still waiting for a solution.
  • 0
    Hi, and welcome to the User BB!

    It's difficult to tell if you have the same problem.  Did Sophos Support already try the following?

    /etc/init.d/postgresql92 rebuild


    What version of UTM - 9.307?  Are you using all subscriptions?

    If a Sophos appliance, what model?  How many users?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    @dahardy:  The SG230 will help a lot vs a 220rev3
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
  • 0
    Hello,
    we have the same problem with high cpu load during up2date pattern updates. Websurfing is not possible during up2date that takes up to 5 minutes.
    2x UTM220 Rev5 (active/passiv), 9.307-6, EndpointProtection 80 User, 1 AP, Full Subscription without using email.
    Regards,
    Ulrich
  • 0 in reply to UThomas
    Hello,
    we have the same problem with high cpu load during up2date pattern updates. Websurfing is not possible during up2date that takes up to 5 minutes.
    2x UTM220 Rev5 (active/passiv), 9.307-6, EndpointProtection 80 User, 1 AP, Full Subscription without using email.
    Regards,
    Ulrich


    possible solution:
    More RAM in both machines... we have 2x utm220v5 with 4gb ram and no problems with up2date....

    greets

    zaphod
    ___________________________________________

    Home: Zotac CI321 (8GB RAM / 120GB SSD)  with latest Sophos UTM
    Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...

Unfiltered HTML