Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 38 subscribers
  • Views 3014 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

High CPU Usage SG310 by AVD

Guilherme Silva1

Hello,

I am investigating a situation on an SG310 device that runs on version SFOS 19.0.1 MR-1-Build365, which shows high CPU consumption at specific times.

I'm almost sure that the increase in CPU occurs due to the actual use of the device, as it occurs at opening office hour times, CPU consumption peaks and then gradually reduces.

By monitoring consumption via TOP, I obtain some indications that the AVD is consuming most of the resource.

I wonder if this CPU consumption that I see in the TOP due to the AVD would be within "normal" and if there is any way to reduce the use of the AVD.

The environment has approximately 220 users in total (including actives of network, clientless and real users).



This thread was automatically locked due to age.
  • 0

    Hi Guilherme,

    Thank you for reaching out to Sophos Community.

    For the AVD consumption, consuming a high CPU resource would be normal during hours when there’s an increase in network activity.

    I would suggest checking the reports, logs, and wan utilization graph when the issue re-occurs.

    You may try to create a custom web report also, to check if there are any users that are causing unnecessary CPU usage.

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • 0 in reply to Erick Jan

    Hi Erick, thanks for your response.

    I will be reviewing the graphs as per your suggestion, I had already done this at another time and I did not identify any unusual consumption.

    SG310_WP01_SFOS 19.0.1 MR-1-Build365# grep -c "^processor" /proc/cpuinfo
    4

    Above the number of CPUs on the device (4), viewing the CPU usage with "TOP" in irix mode, we obtained AVD utilization peaks of around 102%, then 265%, 200% and 286%. Do you think the usage is within normal limits according to my number of users? I had a total consumption of less than 200 Mbps on my WAN.

    Another question I would like to answer, the AVD is the device's antivirus engine, correct? Currently I use it as "Single Engine Sophos", would you recommend testing it with "Avira" Or would it not make a difference?

  • 0 in reply to Guilherme Silva1

    Hi Guilherme,

    For these kinds of queries, this would be best answered by your Sales Engineer/Partner. I would recommend reaching out to them.

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

Unfiltered HTML