Over-Provisioned Internet Bandwidth & Flagged Response Times in Health Check
search cancel

Over-Provisioned Internet Bandwidth & Flagged Response Times in Health Check

book

Article ID: 253998

calendar_today

Updated On:

Products

SG-S500 ProxySG Software - SGOS

Issue/Introduction

Customer is experiencing performance issues with internet access.  Both proxies have been rebooted last night but things deteriorated once there was a load on the appliances this morning.

Environment

Release : 6.7.4.9

Resolution

Having investigated the uploaded logs, for the reported performance issue, for both appliances, we see the below.

 

 

Cause

  • The Internet Bandwidth is over-provisioned for both appliances. From the logs, we see that "Default Total Client Bytes (bps)" = Total Provisioned Internet Bandwidth is almost at the max., for the first Edge SWG (ProxySG) appliance {577.38 Mbps (daily) & 594.74 Mbps (weekly)}, and for the second Edge SWG (ProxySG) appliance, we see bandwidth utilization that surpasses the designed threshold of 600 Mbps {653.89 Mbps (daily) & 516.48 Mbps (weekly)}. 

Resolution

For the SG-S500 appliance, please be informed that the maximum allowable internet bandwidth that should be provisioned for the appliance is 600 Mbps, with a recommended value of 500 Mbps. For optimum performance, it's recommended to not exceed 500 Mbps, for the total bandwidth provisioned for the appliance.

Each time the bandwidth utilization exceeds the recommended threshold of 500 Mbps, it will trigger a bump in the CPU utilization and will impact performance. At all times, it's recommended to not exceed the recommended threshold, for optimum performance. 

In addition to the over-provisioned bandwidth, there are evidences of potential network latency issues, for a large number of the external resources connected with the Proxy, and the values are way beyond the 4.99 threshold, for optimum performance.

Note: The typical response times, for optimal performance is between 0 > 4.99 sec. The response time will be flagged red, from 5.0 sec. These response times are a measure of how responsive the external resources are to the Edge SWG (ProxySG) appliance. The faster these resources respond to the Proxy, the better the performance of the appliance will be, with respect to web transactions, or others.

Overview of Health Checks

The Edge SWG (ProxySG) appliance performs health checks to test for network connectivity and to determine the responsiveness of external resources. Examples of external resources include: DNS servers, forwarding hosts, SOCKS gateways, authentication servers, and ICAP services (for example, anti-virus scanning services).

For all the basis for which the ProxySG appliance automatically generates health checks, please refer to the Tech. doc. with the URL below.

https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/edge-swg/7-3/getting-started/page-help-administration/page-help-health-checks/health-check-overview.html 

Recommendation: To track the responses of the external resources, in addition to ensuring network connections without latency issues, we recommend to configure heath check notifications. The appliance allows you to configure notifications that alert you to changes in health status and to emerging issues. By default, notifications for health check events and status are disabled. For guidance, please refer to the Tech. doc. with the URL below.

https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/edge-swg/7-3/config_health_checks_general_2.html