This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[9.200] Web filtering causing slow internet browsing?

I upgraded to 9.200 a few weeks ago and noted no decrease in internet browsing speed.  The unit is a 320 with max 100 users behind it.  Most features turned on, including IPS and now ATP.

As of the past few days, browsing is... SLOWWWW.  All of a sudden, sites with lots of images, say, a shopping website, are extremely slow to load.  I went in, turned Web Filtering off, and boom, right back to instant load.  Anyone else experiencing this?

As far as the web filtering config, pretty much default.  Transparent mode, single scan, only block p0rn, all other traffic allowed.

I rebooted the UTM which didn't help.
Thoughts?

-Jim

This thread was automatically locked due to age.

Parents

0 stealthmatt_01 over 11 years ago

1/ Also, I would like to know if this affects not just endpoint deployment from the UTM, but sophos endpoints deployed by a Enterprise console with malware/web protection enabled?

We don't deploy our AV from our UTM, but we do see alot of the "http.00.t.sophosxl.net". from our Sophos AV deployed from our Enterprise console on our network.

2/ when you say "Remove any workarounds currently in place" The sophos UTM as a default install has Filtering Exceptions for the Web Protection, that skip these type of sites - Do we remove this or just turn it off?

Sophos LiveConnect [Allow endpoints to connect to Sophos LiveConnect]
Skipping: Authentication / Caching / Antivirus / Extension blocking / MIME type blocking / URL Filter / Content Removal / SSL scanning / Certificate Trust Check / Certificate Date Check / Block by download size
Matching these URLs: ^https?://mcs[0-9]*-[A-Za-z0-9]{4}\.broker\.sophos\.com/
^https?://mcs[0-9]*-[A-Za-z0-9]{4}-d\.broker\.sophos\.com/
^https?://[A-Za-z0-9.-]*-wdx-[A-Za-z0-9.-]*\.broker\.sophos\.com/
^https?://[A-Za-z0-9.-]*\.upe\.p\.hmr\.sophos\.com/

Sophos Services [Allow Sophos Services]
Skipping: Authentication / Antivirus / Extension blocking / MIME type blocking / URL Filter / Content Removal / SSL scanning / Certificate Trust Check / Certificate Date Check / Block by download size
Matching these URLs: ^https?://[A-Za-z0-9.-]*\.sophosupd\.com/
^https?://[A-Za-z0-9.-]*\.sophosupd\.net/
^https?://[A-Za-z0-9.-]*\.sophosxl\.net/
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 stealthmatt_01 over 11 years ago

1/ Also, I would like to know if this affects not just endpoint deployment from the UTM, but sophos endpoints deployed by a Enterprise console with malware/web protection enabled?

We don't deploy our AV from our UTM, but we do see alot of the "http.00.t.sophosxl.net". from our Sophos AV deployed from our Enterprise console on our network.

2/ when you say "Remove any workarounds currently in place" The sophos UTM as a default install has Filtering Exceptions for the Web Protection, that skip these type of sites - Do we remove this or just turn it off?

Sophos LiveConnect [Allow endpoints to connect to Sophos LiveConnect]
Skipping: Authentication / Caching / Antivirus / Extension blocking / MIME type blocking / URL Filter / Content Removal / SSL scanning / Certificate Trust Check / Certificate Date Check / Block by download size
Matching these URLs: ^https?://mcs[0-9]*-[A-Za-z0-9]{4}\.broker\.sophos\.com/
^https?://mcs[0-9]*-[A-Za-z0-9]{4}-d\.broker\.sophos\.com/
^https?://[A-Za-z0-9.-]*-wdx-[A-Za-z0-9.-]*\.broker\.sophos\.com/
^https?://[A-Za-z0-9.-]*\.upe\.p\.hmr\.sophos\.com/

Sophos Services [Allow Sophos Services]
Skipping: Authentication / Antivirus / Extension blocking / MIME type blocking / URL Filter / Content Removal / SSL scanning / Certificate Trust Check / Certificate Date Check / Block by download size
Matching these URLs: ^https?://[A-Za-z0-9.-]*\.sophosupd\.com/
^https?://[A-Za-z0-9.-]*\.sophosupd\.net/
^https?://[A-Za-z0-9.-]*\.sophosxl\.net/
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data