Slow Firewall Performance
-
- New Member
- Posts: 24
- Joined: Sun Jul 04, 2010 2:53 pm
- Location: Sandy, UT USA
Slow Firewall Performance
We are in the midst of upgrading our internet to our meetinghouses but our initial tests are showing that the church firewall is slowing down the internet connection to 1/10 of the rated speed.
When the stake technology specialist contacted the church help desk they stated the speed degradation was normal. How can this be normal?
We are seeing a 21 Mbps connection drop to 2.5 Mbps and the ping time soar to 3000 ms. With those results a good modem will retrieve a page faster.
Does anyone have any further insight into this issue and are you seeing similar results?
When the stake technology specialist contacted the church help desk they stated the speed degradation was normal. How can this be normal?
We are seeing a 21 Mbps connection drop to 2.5 Mbps and the ping time soar to 3000 ms. With those results a good modem will retrieve a page faster.
Does anyone have any further insight into this issue and are you seeing similar results?
-
- Community Moderators
- Posts: 3183
- Joined: Sun Jan 13, 2008 6:48 pm
- Location: California
Both Sophos and the MLS software are memory hogs. One of the first things I'd check is the amount of RAM that each of these PC's is running. I'd recommend at least 1 Gig of RAM.JedWare wrote:We are in the midst of upgrading our internet to our meetinghouses but our initial tests are showing that the church firewall is slowing down the internet connection to 1/10 of the rated speed.
When the stake technology specialist contacted the church help desk they stated the speed degradation was normal. How can this be normal?
We are seeing a 21 Mbps connection drop to 2.5 Mbps and the ping time soar to 3000 ms. With those results a good modem will retrieve a page faster.
Does anyone have any further insight into this issue and are you seeing similar results?
When the PC is first booted Sophos goes out and performs an update of the definitions. This can take anywhere from a couple of minutes to several minutes depending upon how many days it's been since the last update and what the updates include. This update will result in a slower Internet performance until it's completed.
We have 4 wards in our stake and all are using the same Sophos package and performance is quite good. There is some variation in speed between the buildings as not all of the facilities are the same distance to the ISP, but this has nothing to do with the Sophos package.
Have you read the Code of Conduct?
-
- New Member
- Posts: 24
- Joined: Sun Jul 04, 2010 2:53 pm
- Location: Sandy, UT USA
-
- Community Moderators
- Posts: 3183
- Joined: Sun Jan 13, 2008 6:48 pm
- Location: California
I would suggest contacting the Global Support Desk and have them check the firewall. If you're speed is really dropping that much through the firewall, then it's possible that there's a problem either with the configuration or the hardware itself.JedWare wrote:I should clarify. The firewall I am talking about is the Cisco PIX hardware. This has nothing to do with Sophos software.
Connecting behind the Cisco you see 1/10 your bandwidth compared to connecting directly to ISP.
I assume that following the installation of the PIX that someone contacted support and had them do the original configuration. If not, then that may be the problem.
If, however, the problem has occurred recently and the firewall has been around for a while, it wouldn't hurt to contact support.
Just as an experiment, try shutting down the PIX completely, wait a few minutes, then re-apply power and see if that has any effect. If not, call support.
Have you read the Code of Conduct?
- johnshaw
- Senior Member
- Posts: 2273
- Joined: Fri Jan 19, 2007 1:55 pm
- Location: Syracuse, UT
We have seen this at one of the sites we are struggling with right now. GSD is currently blaming it on incompaitibility of our new ASA with the cable modem. But, during one of our support calls with GSD, there was a line commented out of the code, which significantly improved the performance (though it was set back after troubleshooting was over). This is all hearsay at this point as I wasn't the person who did the troubleshooting, but we're waiting on a new cable modem to see if that performance problem goes away.
-
- Community Administrator
- Posts: 34419
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
The last time I tested, I got at a reasonable number though our PIX. Something like 2.5Mbit on a 3Mbit line. I was using the speed test suggested by our ISP. If you go to another site, you can be running into issues with overloaded circuits to that particular server.
In order to get the kind of performance you describe, I'd have to think that something, somewhere is downloading a file causing erroneous results. Perhaps a computer was updating the LANDesk or Sophos. Or perhaps it's infected with something.
But by all means, talk to GSD and see if the issue can be resolved.
In order to get the kind of performance you describe, I'd have to think that something, somewhere is downloading a file causing erroneous results. Perhaps a computer was updating the LANDesk or Sophos. Or perhaps it's infected with something.
But by all means, talk to GSD and see if the issue can be resolved.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
-
- Member
- Posts: 228
- Joined: Fri Jan 19, 2007 1:13 pm
- Location: Provo, Utah, USA
-
- New Member
- Posts: 24
- Joined: Sun Jul 04, 2010 2:53 pm
- Location: Sandy, UT USA
So it looks like some people are experiencing the problem and others are not.
jshawut,
I would be interested in knowing what model modem you have and what you are replacing it with and whether it does indeed solve your problem.
RussellHltn,
There were no other computers connected to the network when tested and I used my personal laptop against the ISP's own testing site numerous times. I am glad to hear you are not experiencing this slowdown it gives me hope there is a solution out there.
rpyne,
Having used VPN both in work and personally I know there is a hit but this dramatic is not acceptable. It would mean the expense we are paying for the upgrade is not justified. Since other's are not experiencing this slowdown the closest explanation seems to be some incompatibilty as jshawut has alluded.
jshawut,
I would be interested in knowing what model modem you have and what you are replacing it with and whether it does indeed solve your problem.
RussellHltn,
There were no other computers connected to the network when tested and I used my personal laptop against the ISP's own testing site numerous times. I am glad to hear you are not experiencing this slowdown it gives me hope there is a solution out there.
rpyne,
Having used VPN both in work and personally I know there is a hit but this dramatic is not acceptable. It would mean the expense we are paying for the upgrade is not justified. Since other's are not experiencing this slowdown the closest explanation seems to be some incompatibilty as jshawut has alluded.
-
- Community Administrator
- Posts: 34419
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
If it helps any, the DSL modem we have is just a modem. It doesn't have anything else as part of it. I think many ISPs are providing modem/routers which adds to the complexity and adds a useless layer of stuff that may not be set for optimal performance.
If your modem has a router, I'd suggest trying to find a way of turning it off so the firewall gets a public IP.
If your modem has a router, I'd suggest trying to find a way of turning it off so the firewall gets a public IP.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.