Speed through UTM 9

Hi Claus,

Any insight after checking #7 in the Rulz by Bob?

Cheers-

Hi,

thank for the suggestion. I checked as much as possible:

1. Does not apply – I do, however, have a Realtek 8139 onboard NIC for my DMZ. I assume that should not influence the internal→external running on Intel
2. Confirmed
3. Completely block communication ?!?
4. No change
5. No change
6. Not possible – however testing directly there, the speed is as expected
7. Tried, however the switch is not managed – and externally on the ISP equipment I do not have access to that tuning. Changing on the UTM didn’t yield any difference – at least not to the better: Running the UTM at fixed FD1000 was bad.
8. My NICs for internal and external are indeed Intel, the Intel Corporation 82541PI Gigabit Ethernet Controller. Could that be influenced by the bug? Since the MB in the host only support PCI my options are a bit limited.
   • Could it be a limitation related to the motherboard bus?

Does that shed light on anything?

BR, Claus

Claus, you won't get much better speed than that with your old CPU.  If you temporarily disable Intrusion Prevention (Snort), you should see a substantial increase, but you probably can't get to 300Mbps unless you also disable antivirus and Application Control.  Even then, maybe not.  Since Snort is single-threaded, only one of the newest, fastest Intel processors will get you close to 300 with Intrusion Prevention active.

At the top of the Hardware & Installation forum, you will find a thread that's an unofficial HCL.  You might want to read the last page or two of that thread.

Cheers - Bob

Hi Bob,

thank you.

1) Yes - disable IPS certainly helps: 190/200 Mbit

2) Do you have Web Protection, Application Control and Endpoint Protection, Antivirus in mind?

Thank for the reference to the unofficial HCL, which I have browse. However, few cases which actually mentions the throughput, so limited progress.

In your opinion: Main bottleneck would be the CPU?

Best regards

I have tested a UTM120 vs my self-build Celeron J1900 setup, CPU power DOES make a difference, even when you're not using IPS. my WLAN throughput with UTM120 was around 25 MBit/s, with the J1900 it went up to 35 MBit/s with the same Sophos AP15 as Accesspoint. My internet connection is 200/10 MBit.

I don't know where my poor WLAN speed generally comes from, maybe too much WLANs in the neighborhood as I was having bad speed even without an UTM and AP15... sender and receiver are in the same room. Sometimes it's hard to stream in 1080p from Amazon Prime or any other streaming services.

I have tested a UTM120 vs my self-build Celeron J1900 setup, CPU power DOES make a difference, even when you're not using IPS. my WLAN throughput with UTM120 was around 25 MBit/s, with the J1900 it went up to 35 MBit/s with the same Sophos AP15 as Accesspoint. My internet connection is 200/10 MBit.

I don't know where my poor WLAN speed generally comes from, maybe too much WLANs in the neighborhood as I was having bad speed even without an UTM and AP15... sender and receiver are in the same room. Sometimes it's hard to stream in 1080p from Amazon Prime or any other streaming services.