[Feedback] Performance 1Gbit Cable Ger.

Another Update - 15/12/2019

Optimization of Firewall Services:

What I did was to turn off Antispam Service - (I do not use E-Mail Clients on my PC System) -> Antispam and IPReputation will shutdown!

That is a strange but funny Service Call -> So Services show if nothing else is configured:

Heartbeat = ON

Enhancedappctrl = ON

Then I configured "Central synchronization" and turned off "Security Heartbeat" / "Synchronized Application Control" then the Services:

Heartbeat = Stopped

Enhancedappctr = Stopped

Allot of resources got allocated and general performance grew?!

I also deactivated the "Hotspot" Service since I do not own APs.

Now a Question:

Is it by design that the services:

Heartbeat

Enhancedappctr

Always run even if not configured or is it a flag thing that if activated once it will show in services alert?

Sincerely 

Eli.

Another Update - 15/12/2019

Optimization of Firewall Services:

What I did was to turn off Antispam Service - (I do not use E-Mail Clients on my PC System) -> Antispam and IPReputation will shutdown!

That is a strange but funny Service Call -> So Services show if nothing else is configured:

Heartbeat = ON

Enhancedappctrl = ON

Then I configured "Central synchronization" and turned off "Security Heartbeat" / "Synchronized Application Control" then the Services:

Heartbeat = Stopped

Enhancedappctr = Stopped

Allot of resources got allocated and general performance grew?!

I also deactivated the "Hotspot" Service since I do not own APs.

Now a Question:

Is it by design that the services:

Heartbeat

Enhancedappctr

Always run even if not configured or is it a flag thing that if activated once it will show in services alert?

Sincerely 

Eli.

How did you disable all these services permanently?

For example Enhancedappctr.

Hello Mario Ostwald 

to disable those services there is a little trick to it:

1. Enable Cloud Synchronization

2. Connect and Authenticate the Firewall to your Sophos Central Account

3. Disable "Security Hartbeat" and "Advanced Application Control"

4. Done

Example:

The other Services I disable over at "System Services" -> "Services"

Last but not least I disabled modules like the SIP Helper:

1. Logon to your Firewall with SSH
2. Choose 4
3. Run the command "system system_module show" to list all modules and afterwards "system system_module sip disable"
4. Run the command "system system_module show" to make sure it is "not loaded"
5. Done

That is all what I did to unload all the stuff I do not need!
But be careful some services are essential if you want to take full advantage of "Synchronized Security" - "Intercept X Advanced" since I do not have that I'll shut everything down to minimize load.

Never forget Test your Firewall protection features with: http://sophostest.com/ to see that ATP - WEBfilter - AV and so on work as intended.

Best regards

Eli.

Hello Sophos Community,

time for a update 21.12.2019

What happun...? 

- Updated the Firmware via Sophos Central of my Firewall appliance (EAP3) and it went thru with no issues. (Happy)

- Rebooted appliance with no issues. (Still Happy)

- Made some Benchmark Tests with www.dslreports.com / www.speedtest.net / MyISP with "iftop -i [WAN Interface]" and "psmon" that is were I got (sad)

Why...?

- The performance degraded about 50% with no changes made to settings!

(Cable = Shared-medium) Can not get over 450... Down - Upload still good! 

My Question:

- Was something added or activated?

Best regards

Eli. 

Now your throughput seems realistic for a J2900 on v18 EAP. It's getting the same throughput as my old J1900 with multiple connections.

I believe there has something wrong with your setup before.