Over a period of a few days or less an administrator of Symantec Protection Engine (SPE) observed that scan requests were building up and not completing. This caused very slow access to files that users were trying to access from the NAS. The slow access was caused because the files needed to be scanned before access could be granted. But the files could not be scanned because they were stuck behind other scan requests that had not yet been completed.

It was discovered that, if the SPE service was restarted and, or the application on the other end-- that the problem would go away for a day or two. But then, over a period of time (depending on scan request activity) the problem would start over again.

Protection Engine for NAS 9.2

Windows Server 2016, 2022

On a Windows server OS, the value of TcpTimedWaitDelay, which defaults to 120 was working against the current configuration in the form of wait times that were too long.

TcpTimedWaitDelay determines the length of time that a connection stays in the TIME_WAIT state when being closed. While a connection is in the TIME_WAIT state, the socket pair cannot be reused. This is also known as the 2MSL state because the value should be twice the maximum segment lifetime on the network.

Create the following DWORD which does not exist by default. If it does exist then modify it:   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\TcpTimedWaitDelay

The recommended value to start with is 30 decimal or 1e hex.  The default vale is 120 decimal, 0x78  hex.

Refer to Microsoft Document:  https://learn.microsoft.com/en-us/biztalk/technical-guides/settings-that-can-be-modified-to-improve-network-performance