Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SonicWALL TZ 210N Killing Internet Performance

Posted on 2013-05-17
7
Medium Priority
?
890 Views
Last Modified: 2013-11-29
Hi folks!

We use a SonicWALL TZ 210N as our router, firewall, and content filtering/intrusion prevention system. Basically, everything at the boundary between us and the Internet.

Overall, I've been satisfied with the level of security it has provided. However, Internet performance has left something to be desired, both in terms of the raw speeds we are seeing and also in that we see downloads of all types frequently stalling and having to be restarted multiple times.

Reading online, I have found many people who have encountered these issues with SonicWALL's Gateway Anti-Virus, content filtering, and intrusion prevention services. So, as a test, I disabled all of those and, voila, our speeds nearly doubled and no more stalls. But our network is also wide open.

Short of "dump the SonicWALL, buy something else," which is not really an option for us at this moment, does anyone have experience with this problem and suggestions how to get better performance out of this environment?

Thanks,
Ithizar
0
Comment
Question by:Ithizar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 15

Expert Comment

by:ZabagaR
ID: 39175941
You can set up exception rules in SonicWALL's Gateway Anti-Virus, content filtering, IPs.
I've had the same expience as you, slow with it all running. If there are certain destinations and/or ports you know are safe, make an exception rule.
0
 

Author Comment

by:Ithizar
ID: 39175950
Thanks, but this is so general, it would be difficult to deal with it using exception rules. It really is impacting virtually all use of the Internet, particular whenever anything is being downloaded.
0
 
LVL 15

Expert Comment

by:ZabagaR
ID: 39176095
Can you tell which of the security services is causing the most performance hit? Maybe disable each one at a time and see which one impacts you the greatest. From there, you can tune each service a bit so it's not as aggressive. There's the "low" "medium" "high" settings or you can choose to only use the scans on the WAN interface and leave LAN alone.
Aside from the settings on those config screens, I think that's pretty much it inside "Security Services".
0
Turn your laptop into a mobile console!

The CV211 Laptop USB Console Adapter provides a direct Laptop-to-Computer connection for fast and easy remote desktop access with no software to install.

 

Author Comment

by:Ithizar
ID: 39176177
I've been trying a test today with the same download over and over again -- the installer for GIMP, as it happens. If I disable Gateway AntiVirus, IPS, Anti-Spyware, and Content Filtering, I can consistently get good download speeds and no stalls. If I enable any one or more of those services, the downloads consistently stall and have to be restarted, as well as running at overall slower speeds.

I have seen several posts around the Interwebs like the following one that suggest changing a couple of key settings in the diagnostics mode of the SonicWALL. The two in particular that seem to be recommended again and again are "Enable enforcement of a limit on maximum allowed advertised TCP window with any DPI-based service enabled" and "Set a limit on maximum allowed advertised TCP window with any DPI-based service enabled (KBytes)." Many users report changing those settings solved their issues. But on our SonicWALL, in the diagnostic mode page, I can't find those two particular settings. Perhaps a setting not configurable on the TZ 210?

Example link:
http://www.acumen-corp.com/Blog/tabid/298/entryid/16/Sonicwall-Gateway-Antivirus-Security-causes-slow-and-failed-downloads.aspx
0
 
LVL 20

Expert Comment

by:carlmd
ID: 39177283
On the "Security Services" -> Summary page there is a setting for "Security Services Settings",
make sure that is set to "Performance Optimized".

Also turn off only "Content Filter" and see how much of a difference that makes.
0
 
LVL 15

Accepted Solution

by:
ZabagaR earned 2000 total points
ID: 39178683
Before making changes on the diag page, you should open a support call with Dell Sonicwall and ask for their input regarding your problem.
0
 

Author Comment

by:Ithizar
ID: 39220696
I have an active support case with Dell. So far, the farthest they've gotten is having me update my firmware. It was woefully out of date, but updating it has made no difference.

Further, I've tried the suggested route of switching to Performance Optimized settings with no change, and disabling only the Content Filter doesn't seem to fix the problem either.

Thanks.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out the latest tech news, community articles, and expert highlights in August's newsletter.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question