search cancel

Slow browser response on managed macOS clients


Article ID: 244469


Updated On:


Endpoint Security Endpoint Security Complete


Users might experience a slower browser response on managed Mac clients with the SEP Network Security profile enabled.  




This issue can happen when a TCP connection gets rejected by receiving a TCP RESET from a remote party.  The macOS Content Filter layer introduces a delay before the connection is closed.  An impacted TCP connection might be rejected by any remote party, including a middlebox network service or the destination server.

An example of when this can occur is with an organizational perimeter firewall that's configured to block all connections to ad providers. If a user is browsing a website that may result in a batch of connections to ad providers being blocked by the perimeter firewall, the website loading slows down.

This issue can happen to any network client.  However, certain browsers that use "C" sockets (such as Chrome) may appear more impacted when they are loading a resource-heavy website. Other browsers (like Safari and Firefox) might be impacted, but seem to handle this issue more gracefully.


Apple has acknowledged this issue as part of the macOS and is addressing it.

Below are suggested workarounds: 

  • Admins:  If the middlebox service is owned by the organization and can be customized, try to send a TCP FIN instead of RESET if it's necessary to block certain web resources. It helps to mitigate the macOS defect.
  • End Users:  Switch to a different browser, such as Safari and Firefox.