cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 24
‎04-23-2010 03:56 AM

Very, Very slow access through web gateway

Scenario is this

100Mbit internet connection

About 3000 clients who simply connect on port 9090 to browse the web

There's no authentication in place, and default policy used which is pretty basic.

At peak period (lunchime) the system is unusable. A speedtesting website (I know these aren't reliable, but it gives an indication) was showing downstream of .75mbit

As the load reduces the speed picks up, but still not good enough.

If I bypass the  webwasher (so, same firewalls internet connection etc) the same speedtest reports 98Mbit and response is excellent. So the internet pipe itself is not to blame.

We see a constant 40-50 proxy requests a sec

CPU is about 40%

Memory utilisation is 1.9GB

swap utilisation is 5.9GB (!)

network utilisation about 1.3 MB/s

Any ideas anyone?

0 Kudos
Reply
23 Replies
MSchneider
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 24
‎04-23-2010 04:24 AM

Re: Very, Very slow access through web gateway

Hello,

which appliane model do you have?

thanks,

Michael

Michael Schneider
Senior Manager of PM
for Web Protection and UCE
(•‿•)
0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 3 of 24
‎04-23-2010 04:33 AM

Re: Very, Very slow access through web gateway

Thanks for the quick response

I *think* it's a WW1100E (I'm 100 miles away from the box) but can't seem to find the model number via the web interface.

I should also say it's been like this since it went live earlier this year.

0 Kudos
Reply
MSchneider
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 24
‎04-23-2010 04:38 AM

Re: Very, Very slow access through web gateway

k - can you check what max. requests you had on the dashboard on: Home > Dashboard > McAfee Web Gateway

Michael Schneider
Senior Manager of PM
for Web Protection and UCE
(•‿•)
0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 5 of 24
‎04-23-2010 04:45 AM

Re: Very, Very slow access through web gateway

Have a screengrab..

http://i43.tinypic.com/351wktf.jpg>

Message was edited by: chaplic2 on 23/04/10 06:45:56 CDT
0 Kudos
Reply
MSchneider
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 24
‎04-23-2010 04:53 AM

Re: Very, Very slow access through web gateway

k - looks good though. The sizing tool tells me that a 1100 is very suitable.

Just to make sue is 1100 model, could you ssh to the OS - shell and execute "cat /proc/cpuinfo"?

It also might make sense to open a support ticket - as some deeper investigation is possibly required.

thanks,

Michael

Michael Schneider
Senior Manager of PM
for Web Protection and UCE
(•‿•)
0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 7 of 24
‎04-23-2010 05:19 AM

Re: Very, Very slow access through web gateway

Just had it confirmed as a 1100

Support ticket is opened and information across to McAfee - just wanted to post here to see if there is any wider experience of this.

Edit to say - hopefully a dumb question, but I assume it's not supposed to be this slow! ?

Message was edited by: chaplic2 on 23/04/10 07:22:43 CDT
0 Kudos
Reply
asabban
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 24
‎04-23-2010 07:05 AM

Re: Very, Very slow access through web gateway

Hi,

while Thread Count and Memory Usage look pretty well I find that the load seems a bit too high. However this MAY be okay, but also may indicate that there is something causing a lot of resources being wasted. Probably there is a filtering thread very busy with a resource hungry object or so. A feedback would show this, I assume you have forwarded one to Support, so they should be able to give you additional advices.

What happens if you put an object to the Bypass list? Does this perform well or is this slow as well?

Is it only the initial request being slow or everything?

About what delays are we talking, 5 seconds, 10 seconds, 30 seconds?

You can monitor the delay with Firebug for Firefox in a very nice fashion. That may also be interesting to take a look at.

Best,

Andre

0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 9 of 24
‎04-23-2010 07:41 AM

Re: Very, Very slow access through web gateway

Everything appears to be quite slow - though its' more of noting...nothing..nothing..BOOM..some content....nothing... the rest of it

The www.bbc.co.uk website took 70 seconds to load the front page the other day.

I used the website www.broadbandchecker.co.uk and added this site to the "bypass ICAP server" list

Three results with it bypassed

10352 Kbps

14320

9792

With the bypass turned on:

11000

560(!)

10982

Not conclusive

Loading the page felt slower too, but I cannot say for sure as at the moment I'm on the end of a slowish link (though I'm RDPd into a server with a fast connection to the proxy)

So I brought up news.bbc.co.uk - this took 40 seconds to load.

Flushed IE cache and added it to the ICAP bypass  - 3 seconds to load. Subsequent pages I looked at came up v.quick, too

I turn off the ICAP bypass and..... it's dog slow again.

Hmmm!

0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 10 of 24
‎04-23-2010 08:03 AM

Re: Very, Very slow access through web gateway

We have 1100E, 4MB internet, 28 users. the same issue. pages are very slow. certificate authentication also an issue (firefox addon download, etc...) when we connect directly, its damn fast.  as far as I know 1100E supports to 5000 users. another wasted investment from last year. planning to move back to ISA 2010 if things dont improve.

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com for Enterprise

Legal   |   Privacy   |   Copyright © 2021 Musarubra US LLC