SonicWALL TZ 210N Killing Internet Performance

Hi folks!

We use a SonicWALL TZ 210N as our router, firewall, and content filtering/intrusion prevention system. Basically, everything at the boundary between us and the Internet.

Overall, I've been satisfied with the level of security it has provided. However, Internet performance has left something to be desired, both in terms of the raw speeds we are seeing and also in that we see downloads of all types frequently stalling and having to be restarted multiple times.

Reading online, I have found many people who have encountered these issues with SonicWALL's Gateway Anti-Virus, content filtering, and intrusion prevention services. So, as a test, I disabled all of those and, voila, our speeds nearly doubled and no more stalls. But our network is also wide open.

Short of "dump the SonicWALL, buy something else," which is not really an option for us at this moment, does anyone have experience with this problem and suggestions how to get better performance out of this environment?

Thanks,
Ithizar
IthizarAsked:
Who is Participating?
 
ZabagaRConnect With a Mentor Commented:
Before making changes on the diag page, you should open a support call with Dell Sonicwall and ask for their input regarding your problem.
0
 
ZabagaRCommented:
You can set up exception rules in SonicWALL's Gateway Anti-Virus, content filtering, IPs.
I've had the same expience as you, slow with it all running. If there are certain destinations and/or ports you know are safe, make an exception rule.
0
 
IthizarAuthor Commented:
Thanks, but this is so general, it would be difficult to deal with it using exception rules. It really is impacting virtually all use of the Internet, particular whenever anything is being downloaded.
0
Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

 
ZabagaRCommented:
Can you tell which of the security services is causing the most performance hit? Maybe disable each one at a time and see which one impacts you the greatest. From there, you can tune each service a bit so it's not as aggressive. There's the "low" "medium" "high" settings or you can choose to only use the scans on the WAN interface and leave LAN alone.
Aside from the settings on those config screens, I think that's pretty much it inside "Security Services".
0
 
IthizarAuthor Commented:
I've been trying a test today with the same download over and over again -- the installer for GIMP, as it happens. If I disable Gateway AntiVirus, IPS, Anti-Spyware, and Content Filtering, I can consistently get good download speeds and no stalls. If I enable any one or more of those services, the downloads consistently stall and have to be restarted, as well as running at overall slower speeds.

I have seen several posts around the Interwebs like the following one that suggest changing a couple of key settings in the diagnostics mode of the SonicWALL. The two in particular that seem to be recommended again and again are "Enable enforcement of a limit on maximum allowed advertised TCP window with any DPI-based service enabled" and "Set a limit on maximum allowed advertised TCP window with any DPI-based service enabled (KBytes)." Many users report changing those settings solved their issues. But on our SonicWALL, in the diagnostic mode page, I can't find those two particular settings. Perhaps a setting not configurable on the TZ 210?

Example link:
http://www.acumen-corp.com/Blog/tabid/298/entryid/16/Sonicwall-Gateway-Antivirus-Security-causes-slow-and-failed-downloads.aspx
0
 
carlmdCommented:
On the "Security Services" -> Summary page there is a setting for "Security Services Settings",
make sure that is set to "Performance Optimized".

Also turn off only "Content Filter" and see how much of a difference that makes.
0
 
IthizarAuthor Commented:
I have an active support case with Dell. So far, the farthest they've gotten is having me update my firmware. It was woefully out of date, but updating it has made no difference.

Further, I've tried the suggested route of switching to Performance Optimized settings with no change, and disabling only the Content Filter doesn't seem to fix the problem either.

Thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.