- Posts: 29
- Thank you received: 0
Watchguard
21 years 1 month ago #1109
by pndennie
Watchguard was created by pndennie
I have a watchguard firewall and users are complaining that internet connectivity is slow. I have over 300 users through a FB1000. Any ideas on performance tuning and should I move to another type of firewall.
21 years 1 month ago #1111
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: Watchguard
Can you post a url with the firewall's specs?
Most small size firewalls are adequate for up to 200 concurrent session.. after that, they start to drag and packet routing is extremely slow.
I'm not sure about your make/model as I haven't heard of it. Post the url so we can check it and let you know what our opinion is.
Most small size firewalls are adequate for up to 200 concurrent session.. after that, they start to drag and packet routing is extremely slow.
I'm not sure about your make/model as I haven't heard of it. Post the url so we can check it and let you know what our opinion is.
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
21 years 1 month ago #1112
by pndennie
Replied by pndennie on topic Re: Watchguard
21 years 1 month ago #1118
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: Watchguard
ndennie,
I've definately seen these firewall devices before, but didn't really know who made them.
The specific model you have seems to be more than adaquate for the amount of users your network has.
Its highly advised to make use of the performance monitoring utilities the system has to see if there is any specific task that might be bringing the device to its knees.
Moving away from your LAN, towards your WAN, what type of connection to your ISP does the company have? Also, is the slow down permanently or during peak hours? It could be possible that your ISP is not able to cope during these peak hours, therefore everyone’s connection slows down.
As you can see, there are quite a few different scenarios, so in order to make some sence out of everything and put things into prospective, you need to follow a step by step checkup to determine where the problem is, and then see how it can be fixed.
My proposal is this:
Monitor the network response and Internet activity using the firewall's tools. Try and see when the slowdowns are happening and during which hours.
While the Internet connection is slow, try and connect one workstation after the firewall, effectively bypassing the firewall and connecting it straight to the Internet. Test the speed to see if the results are the same or different and make a note of it.
At the same time, see if you can run a packet sniffer (available in our download section) and monitor the traffic that’s going in and out of the network... you might find yourself surprised in some cases when you figure that users are doing things they are not suppose to, and believe me, it happens!
Once you complete the above steps, I'm sure you will have a better understanding on what is causing these slowdowns.
You can then let us know and we can take it from there.
Keep us informed on the situation.
Cheers
I've definately seen these firewall devices before, but didn't really know who made them.
The specific model you have seems to be more than adaquate for the amount of users your network has.
Its highly advised to make use of the performance monitoring utilities the system has to see if there is any specific task that might be bringing the device to its knees.
Moving away from your LAN, towards your WAN, what type of connection to your ISP does the company have? Also, is the slow down permanently or during peak hours? It could be possible that your ISP is not able to cope during these peak hours, therefore everyone’s connection slows down.
As you can see, there are quite a few different scenarios, so in order to make some sence out of everything and put things into prospective, you need to follow a step by step checkup to determine where the problem is, and then see how it can be fixed.
My proposal is this:
Monitor the network response and Internet activity using the firewall's tools. Try and see when the slowdowns are happening and during which hours.
While the Internet connection is slow, try and connect one workstation after the firewall, effectively bypassing the firewall and connecting it straight to the Internet. Test the speed to see if the results are the same or different and make a note of it.
At the same time, see if you can run a packet sniffer (available in our download section) and monitor the traffic that’s going in and out of the network... you might find yourself surprised in some cases when you figure that users are doing things they are not suppose to, and believe me, it happens!
Once you complete the above steps, I'm sure you will have a better understanding on what is causing these slowdowns.
You can then let us know and we can take it from there.
Keep us informed on the situation.
Cheers
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
21 years 1 month ago #1122
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: Watchguard
Out of curiousity, what made you isolate the bottleneck to the firewall ? If you're well within the load ratings (as it appears you are), I'd be looking elsewhere for the problem.
Cheers
Cheers
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
21 years 1 month ago #1128
by pndennie
Replied by pndennie on topic Re: Watchguard
The public router is not very busy and our T-1 seems to be fine. I think my problems lies in the fact that our DNS setup sucks and that I do not have a proxy server. Mst people are happy with the speed. the people who complain are the check signers. I am still trying to figure out what they are comparing speed to. I do not think it is my firewall at this time....
Time to create page: 0.136 seconds