Scenario is this
100Mbit internet connection
About 3000 clients who simply connect on port 9090 to browse the web
There's no authentication in place, and default policy used which is pretty basic.
At peak period (lunchime) the system is unusable. A speedtesting website (I know these aren't reliable, but it gives an indication) was showing downstream of .75mbit
As the load reduces the speed picks up, but still not good enough.
If I bypass the webwasher (so, same firewalls internet connection etc) the same speedtest reports 98Mbit and response is excellent. So the internet pipe itself is not to blame.
We see a constant 40-50 proxy requests a sec
CPU is about 40%
Memory utilisation is 1.9GB
swap utilisation is 5.9GB (!)
network utilisation about 1.3 MB/s
Any ideas anyone?
Hello,
which appliane model do you have?
thanks,
Michael
Thanks for the quick response
I *think* it's a WW1100E (I'm 100 miles away from the box) but can't seem to find the model number via the web interface.
I should also say it's been like this since it went live earlier this year.
k - can you check what max. requests you had on the dashboard on: Home > Dashboard > McAfee Web Gateway
Have a screengrab..
http://i43.tinypic.com/351wktf.jpg>
k - looks good though. The sizing tool tells me that a 1100 is very suitable.
Just to make sue is 1100 model, could you ssh to the OS - shell and execute "cat /proc/cpuinfo"?
It also might make sense to open a support ticket - as some deeper investigation is possibly required.
thanks,
Michael
Just had it confirmed as a 1100
Support ticket is opened and information across to McAfee - just wanted to post here to see if there is any wider experience of this.
Edit to say - hopefully a dumb question, but I assume it's not supposed to be this slow! ?
Message was edited by: chaplic2 on 23/04/10 07:22:43 CDTHi,
while Thread Count and Memory Usage look pretty well I find that the load seems a bit too high. However this MAY be okay, but also may indicate that there is something causing a lot of resources being wasted. Probably there is a filtering thread very busy with a resource hungry object or so. A feedback would show this, I assume you have forwarded one to Support, so they should be able to give you additional advices.
What happens if you put an object to the Bypass list? Does this perform well or is this slow as well?
Is it only the initial request being slow or everything?
About what delays are we talking, 5 seconds, 10 seconds, 30 seconds?
You can monitor the delay with Firebug for Firefox in a very nice fashion. That may also be interesting to take a look at.
Best,
Andre
Everything appears to be quite slow - though its' more of noting...nothing..nothing..BOOM..some content....nothing... the rest of it
The www.bbc.co.uk website took 70 seconds to load the front page the other day.
I used the website www.broadbandchecker.co.uk and added this site to the "bypass ICAP server" list
Three results with it bypassed
10352 Kbps
14320
9792
With the bypass turned on:
11000
560(!)
10982
Not conclusive
Loading the page felt slower too, but I cannot say for sure as at the moment I'm on the end of a slowish link (though I'm RDPd into a server with a fast connection to the proxy)
So I brought up news.bbc.co.uk - this took 40 seconds to load.
Flushed IE cache and added it to the ICAP bypass - 3 seconds to load. Subsequent pages I looked at came up v.quick, too
I turn off the ICAP bypass and..... it's dog slow again.
Hmmm!
We have 1100E, 4MB internet, 28 users. the same issue. pages are very slow. certificate authentication also an issue (firefox addon download, etc...) when we connect directly, its damn fast. as far as I know 1100E supports to 5000 users. another wasted investment from last year. planning to move back to ISA 2010 if things dont improve.
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA