Solved

SonicWALL TZ 210N Killing Internet Performance

Posted on 2013-05-17
7
849 Views
Last Modified: 2013-11-29
Hi folks!

We use a SonicWALL TZ 210N as our router, firewall, and content filtering/intrusion prevention system. Basically, everything at the boundary between us and the Internet.

Overall, I've been satisfied with the level of security it has provided. However, Internet performance has left something to be desired, both in terms of the raw speeds we are seeing and also in that we see downloads of all types frequently stalling and having to be restarted multiple times.

Reading online, I have found many people who have encountered these issues with SonicWALL's Gateway Anti-Virus, content filtering, and intrusion prevention services. So, as a test, I disabled all of those and, voila, our speeds nearly doubled and no more stalls. But our network is also wide open.

Short of "dump the SonicWALL, buy something else," which is not really an option for us at this moment, does anyone have experience with this problem and suggestions how to get better performance out of this environment?

Thanks,
Ithizar
0
Comment
Question by:Ithizar
  • 3
  • 3
7 Comments
 
LVL 15

Expert Comment

by:ZabagaR
ID: 39175941
You can set up exception rules in SonicWALL's Gateway Anti-Virus, content filtering, IPs.
I've had the same expience as you, slow with it all running. If there are certain destinations and/or ports you know are safe, make an exception rule.
0
 

Author Comment

by:Ithizar
ID: 39175950
Thanks, but this is so general, it would be difficult to deal with it using exception rules. It really is impacting virtually all use of the Internet, particular whenever anything is being downloaded.
0
 
LVL 15

Expert Comment

by:ZabagaR
ID: 39176095
Can you tell which of the security services is causing the most performance hit? Maybe disable each one at a time and see which one impacts you the greatest. From there, you can tune each service a bit so it's not as aggressive. There's the "low" "medium" "high" settings or you can choose to only use the scans on the WAN interface and leave LAN alone.
Aside from the settings on those config screens, I think that's pretty much it inside "Security Services".
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 

Author Comment

by:Ithizar
ID: 39176177
I've been trying a test today with the same download over and over again -- the installer for GIMP, as it happens. If I disable Gateway AntiVirus, IPS, Anti-Spyware, and Content Filtering, I can consistently get good download speeds and no stalls. If I enable any one or more of those services, the downloads consistently stall and have to be restarted, as well as running at overall slower speeds.

I have seen several posts around the Interwebs like the following one that suggest changing a couple of key settings in the diagnostics mode of the SonicWALL. The two in particular that seem to be recommended again and again are "Enable enforcement of a limit on maximum allowed advertised TCP window with any DPI-based service enabled" and "Set a limit on maximum allowed advertised TCP window with any DPI-based service enabled (KBytes)." Many users report changing those settings solved their issues. But on our SonicWALL, in the diagnostic mode page, I can't find those two particular settings. Perhaps a setting not configurable on the TZ 210?

Example link:
http://www.acumen-corp.com/Blog/tabid/298/entryid/16/Sonicwall-Gateway-Antivirus-Security-causes-slow-and-failed-downloads.aspx
0
 
LVL 20

Expert Comment

by:carlmd
ID: 39177283
On the "Security Services" -> Summary page there is a setting for "Security Services Settings",
make sure that is set to "Performance Optimized".

Also turn off only "Content Filter" and see how much of a difference that makes.
0
 
LVL 15

Accepted Solution

by:
ZabagaR earned 500 total points
ID: 39178683
Before making changes on the diag page, you should open a support call with Dell Sonicwall and ask for their input regarding your problem.
0
 

Author Comment

by:Ithizar
ID: 39220696
I have an active support case with Dell. So far, the farthest they've gotten is having me update my firmware. It was woefully out of date, but updating it has made no difference.

Further, I've tried the suggested route of switching to Performance Optimized settings with no change, and disabling only the Content Filter doesn't seem to fix the problem either.

Thanks.
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
A customer recently asked me about anti-malware and the different deployment options available for his business. Daily news about cyberattacks, zero-day vulnerabilities, and companies that suffered a security breach made him wonder if the endpoint a…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now