Sonicwall NSA 5500

My users encountered slow internet connection. I have monitor the Sonicwall interface but it only use half of the max bandwidth 100Mbs.

Will there be a possible that there are too many session opened on the Sonicwall that causes the problem ? We have around 1000 devices on the site. Any advise will be appreciate. Tks
AXISHKAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Anthony CarterCommented:
Make sure you define the port link speed and "full-duplex" for both sides, LAN side and WAN side (don't rely on auto-negotiate)

I have been burned by that too many times.

These are the limits on that device:

Stateful Throughput2      3.9 Gbps
Full DPI Performance3      850 Mbps
Gateway Anti-Virus Throughput3      1.0 Gbps
Intrusion Prevention Throughput3      2.0 Gbps
IMIX Performance3      1.1 Gbps
3DES/AES VPN Throughput4      1.7 Gbps
Maximum Connections5      750000
Maximum DPI Connections      500000
New Connections/Sec      15000

Remember, those numbers are for when that single feature is on.  So if you have Gateway AV and Intrusion Prevention, you will get less than 1.0Gbps.  Add Full DPI and you have even more off of that.
AXISHKAuthor Commented:
Is there a way to tell (or warn) me that the max session has reached ?

 if you have Gateway AV and Intrusion Prevention, you will get less than 1.0Gbps.  What's your assumption to estimate this ?

Gateway Anti-Virus Throughput3      1.0 Gbps
Intrusion Prevention Throughput3      2.0 Gbps
Blue Street TechLast KnightCommented:
Hi AXISHK,

You can view your current connections on the System > Status page under Connections. It will show you the Peak, Current and Max based on your configuration. What is your Peak Connections count?

The NSA 5500 can max out at 500,000 connections (DPI). Let's not discuss SPI for security reasons. :)

Your max throughput should be a moot point here. Even if you were running fully secured with hardening (including max DPI) and all CGSS services running on all Zones your smallest throughput would be 850 Mbps!!!! Your WAN connection is only 100 Mpbs (assuming its dedicated and symmetrical). That means you have roughly a 750 Mbps is not even being touched...don't worry about your device not being robust enough to process traffic coming in on the front door...that isn't your problem - at least mathematically speaking.

I'd look size your MTU first off. Read this to find out how: http://www.experts-exchange.com/articles/12615/Unstable-Slow-Performing-Networks-or-VPNs-just-go-grocery-shopping.html

When you say slow internet...have you tested this? What are you clocking in on speed tests? http://speedtest.net and http://speakeasy.net/speedtest/

Is it occurring during specific times of the day or all day? Is it occurring with specific sites or all sites?

Can you stream video or music without degradation or buffering issues?

What device is handling your backplane? Are your switches stacked? What's their make/model?

Let me know how it goes!
SolarWinds® IP Control Bundle (IPCB)

Combines SolarWinds IP Address Manager and User Device Tracker to help detect IP conflicts, quickly identify affected systems, and help your team take near instantaneous action. Help improve visibility and enhance reliability with SolarWinds IP Control Bundle.

AXISHKAuthor Commented:
Tks. Is it fine ? Should I reduce the kinds of inspection to see whether it can help or not.

Attached is the connection for my NSA 5500. For the connection, we are only talking about the no. of packet, rather than number of devices using the Sonicwall.

There are around 1000 devices (mobile + workstation) within the organization. We are using H3C stacking switches. The problem appear slow when they have join some elearning class, either on workstations or mobile device.

Any advise to identify the problem is appreciate ? Tks again.
DPI-Inspection.png
AXISHKAuthor Commented:
also attach the network zone filtering for reference. Any comment ?

"Can you stream video or music without degradation or buffering issues?"

what do you mean ? Can I configure something in Sonicwall to achieve it ? Tks
NetworkZone.png
Benjamin Van DitmarsSr Network EngineerCommented:
What is the cpu load of the firewall when it gets slow. you can see this under system diagnostic.
this sounds like a problem we had in the past. with a lot of ssl traffic and the firewall was trying to inspect all off this and it got locked up in this process.

what os version are youre running. and did you ask support to look in this for you ?
a os bug is also a posibility.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
AXISHKAuthor Commented:
Tks
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.