Sophos Central Endpoint and SEC: Computers fail/hang on boot after the Microsoft Windows April 9, 2019 update. Please follow knowledge base article 133945
Learn about the Benefits of Multi-Factor Authentication (MFA). Turn your MFA on now!
We'd love to hear about it! Click here to go to the product suggestion community
I am using an UTM 330 in our school which has a 100Mbps up/down Fiber link from our ISP, Just recently we have added 250 chromebooks in our environment which consisted of 150 chromebooks around 150 laptops 100 or so desktops, Users are now complaining of random slow internet speeds. When this is occurring a speed test indicates about 40-50 up down, I have enabled QOS on the wireless vlans the chromebooks are on in an effort to keep them from using all the bandwidth this does not seem to be helping. The QOS does seem to be working from the network usage logs. I have also attempted to change DNS to google and opendns this did not seem to help either. When they are having the issue I see a spike in the traffic up to 80 or 90 Mbps for a few minutes the it calms down again. I am trying to determine if I need to increase my ISP connection or if I might need a bigger UTM, the UTM does not seem to be getting bogged down from what I see in the cpu memory logs. I turned off IPS to see if this might help but it has not. Just trying to get some others advice on this situation. I am updated to the newest release.
Show us pics of the Edits of your QoS settings, Tim, including the Internal and External interfaces on the 'Global' tab, the Bandwidth Pools and the Download Throttling rules.
Cheers - Bob
From the dashboard, click on the interface that has high usage when the problem is occurring. After a brief delay, UTM will bring up a list of applications and their bandwidth usage.
(Note for others: This data collection only occurs if QoS is enabled. From my reading, enabling QoS is beneficial even if you are not applying any traffic rules.)
I wonder if your problem is caused by all of those Chromebooks downloading Google Updates, Antivirus updates, Adobe updates, or something similar.
In reply to BAlfson:
Hopefully this is what your were asking for
In reply to timbreck:
remove the tick by DNS -> Forwarders.Otherwise the definied dns Servers are not used.
In the Traffic Selector, replace "External (WAN) (Network)" with the "Internet IPv4" object - these are not identical!
Configure DNS as in DNS best practice. As DKKDG implies, slow access is often because of a DNS mis-configuration that causes all lookups to go to the root name servers.
If you want to pursue the QoS issue, show us the Edits of the two enabled Interfaces on the 'Status' tab and the Edits of any Bandwidth Pools or Download Throttling rules bound to either interface.
I thought I had the DNS configured properly. I have read the DNS best practices several times in the past. Any recommendations would be greatly appreciated.
DNS best practice suggests that you populate the 'Allowed Networks' box and that you do as DKKDG suggests.
Cheers - Bob
I have removed the tick, and I will add the internal networks to the global tab. Thanks.