Disclaimer: This information is posted as-is and the content should be referenced at your own risk
I would like to share a scenario where was reported slow internet performance, even after removing the UTM from the production and putting it in a controlled environment with a dedicated ISP (WAN) connection with 50Mbps of throughput, and on the LAN interface was hookup with a single host machine for test purpose, without any scan filter the internet connection remained extremely slow.
After reviewing many logs and package capture, it was possible to get the root cause of the issue.
The TCP Window scaling option was turned off ( which is enabled by default). With this feature enabled it can allow more throughput on high latency high bandwidth connection.
Keep in mind to verify this option while you are troubleshooting slow internet performance issue.