This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SG230 throughput problems

SG230 UTM @ 9.707-5 firmware.

We just upgraded our Comcast internet to 1Gbps and are finding that traffic through the SG230 is limited to about 300-350 Mbps, using speedtest.net or looking at download speeds of multi-GB files.

Connections:

  • Internet<>ComcastRouter<>Netgear1GbSwitch<>SG230WAN1Gbport<>SG230InternalLAN1Gbport

Tests:

  • Notebook w/wired Gb connection to Comcast router ~ 810 Mbps
  • Notebook w/wired Gb connection to Netgear 1Gb switch on WAN side of SG230 ~ 810 Mbps
  • Notebook w/wired Gb connection to built-in SG230 internal LAN 1Gb port ~300-350Mbps
    • Logging>Network usage>WAN interface usage shows maximum of 347Mbps, confirming speedtest.net numbers
    • Logging>Network usage>internal LAN interface usage shows maximum of 336Mbps, confirming speedtest.net numbers

Tried all of these combined, with no improvement:

  • Removed this internal LAN from the Network Protection>IPS>Global>Local Networks List
  • Removed this internal LAN from the Web Protection>Web Filtering>Global>Allowed Networks List
  • Unchecked all logging under Network Protection>Firewall>Advanced>Logging Options
  • Disabling Web Protection>Application Control

Shouldn't the SG230 be able to do better than this?? What else can I try?



This thread was automatically locked due to age.
Parents
  • Hi Tagin,

    The SG 230 has a dual-core 3.2 GHz processor.  This is the most throughput I would expect for a single connection.  When you run Speedtest from 2 or 3 different machines simultaneously, do you see that more of your pipe is being filled?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I have not run Speedtest from multiple clients yet. I am extremely disappointed that the SG230 is incapable of performing as advertised.

    The Sophos SG Series Appliances PDF says the SG230 firewall throughput is 14,500Mbps and the IPS throughput is 3,000Mbps. This seems disingenuous advertising.

  • That's just the way all manufacturers compile their data sheets.  They turn off everything except the one thing they want to measure.  At least Sophos gives some Real World numbers, but even those are affected by only measuring specific things.

    Depending on what your needs are, you might consider replacing the 230 with a software version running on a box with a very fast 6- or 8-core processor.  Your reseller should be able to advise you.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • That's just the way all manufacturers compile their data sheets.  They turn off everything except the one thing they want to measure.  At least Sophos gives some Real World numbers, but even those are affected by only measuring specific things.

    Depending on what your needs are, you might consider replacing the 230 with a software version running on a box with a very fast 6- or 8-core processor.  Your reseller should be able to advise you.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data