5 Replies Latest reply on Oct 13, 2008 7:11 AM by bxs

    HIPS Firewall causes unexplainable slowness with some apps

      Environment: HIPS 7, patch 2. CMA 3.6.0, ePO 3.6.1, VSE 8.5 patch 6.1. All HIPS components are currently disabled EXCEPT for the Firewall component.

      I have noticed that HIPS causes considerable slowness on some network intensive applications. Obviously some of this is expected just due to the nature of a software firewall, but I am talking fairly large delays. One app (Cisco Desktop Agent for VOIP phone control) specifically takes 5 seconds to launch and connect to the remote server if the firewall is disabled, whereas if the firewall is enabled it can take upwards of 60 seconds to connect.

      The activity logs do not show any applicable traffic being blocked, so I am not clear how I can form a rule to help alleviate some of this slowness. This same application ran flawlessly on a DFW 8.5 machine. The current HIPS firewall ruleset was directly migrated from the DFW 8.5 ruleset -- so essentially the only new variable here is HIPS.

      Ideas?