Users accessing WSS using explicit access method
Users can browse sites without issues
When installing a java based application however, the install fails to complete and a connectivity error is reported on the client after 60 seconds
Application install seems to download huge number of files with .deploy extension that appear to contain java classes
Malware scanning causing delayed responses for .deploy objects
Proxy sends back scanned payload one byte at a time, causing huge delays.
Web Services Security
Clients running on WIndows 10
Clients downloading and updating Java Application on local host
Exempt the Application domain name Under Content Analysis -> Scanning exceptions
PCAPs showed the GET/CONNECT requests from the user and 200 OK responses
During the exchange, the 200 OK responses start off with full TCP payloads of 1460 (1500 ethernet packet minus 20 byte IP and 20 byte TCP header). As the install goes on, we see the payload in the responses drop to 1 byte in size.
These one byte packets cause huge delays with the responses - we send 1460 packets instead of one!