This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Poor performance & timeouts after 9.703

I've seen problems with the Web Protection after updating to 9.703 on at least two UTMs, where intermittently websites will not load irrespective of client device or browser.  Turning the Web Protection off solves the problem immediately.  The fault is not consistent, and often the Web Protection will work fine for a few hours before stopping again. 

I've reviewed the Web Protection log and there is nothing in there that would indicate why it's preventing simple pages (like www.google.com) from loading.  The Web Protection config:

  • Transparent Mode
  • HTTPS - URL filtering only
  • Allow all except suspicious websites
  • AV scanning single engine; block PUA
  • The policy check indicates that the sites should load OK

My only fix so far is to disable Web Protection at a couple of sites to restore reliable web browsing.   Is anyone else experiencing this? 



This thread was automatically locked due to age.
  • Do you see anything relevant in the Firewall or Intrusion Prevention log?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • FormerMember
    0 FormerMember

    Hi Charlie E,

    Thank you for reaching out to the Community! 

    Have you noticed CPU to memory spikes during the time users experience this issue? Do you use internal DNS servers? 

    Could you please confirm the configured AV engine?

    Could you also provide the websites that you have bypassed that restored reliable web browsing? 

    Thanks,

  • FormerMember
    0 FormerMember

    Hi Charlie E,

    Could you please PM me the support access id from your firewall for further investigation? 

    Follow this KBA: Sophos UTM: How to grant access to Support using Support Access Management.

    Thanks,

  • Hi Balfson,

    I haven't seen anything related in the Firewall or IPS.  I'll turn the Web Protection back on and check again today. 

    H_Patel,

    I'll have to check the resource usage but I don't remember noticing it on either device.  I don't use internal DNS at either site - both are pointing to Cloudflare.  The AV engine is Sophos, and finally, I've actually had to disable Web Protection as the site bypass function wouldn't have been practical (even things like google.com wouldn't load in the browser). 

    I'll see if I can configure support access later today.  I'll need to get permission from one of the site owners. 

  • FormerMember
    0 FormerMember in reply to Charlie E

    Hi Charlie E,

    If you have a support cased already open for this issue, please provide the case Id as well as the support access id. 

    Thanks,