Hotspot voucher definition. Policies and exceptions. Data control list. General settings. Address group. Web server. Web servers. Protection policies. Authentication policies. Authentication templates.
Advanced protection. VPN overview. IPsec policies. WAN link manager. IPv6 router advertisement. Cellular WAN. IP tunnels. Dynamic DNS. Static routing. SD-WAN policy routing. Upstream proxy. LDAP server. Active Directory server.
Multi-factor authentication MFA. Web authentication. Guest users. Clientless users. Guest user settings. Generally speaking, the highest load will be generated by the http proxy, which usually correlates to settings in the Web Protection module. Now that you have an accurate view of what the CPU is doing, you can make changes to the system and watch the effect. Making changes to the policies that deal with majority of traffic is a great place to start in order to make the largest improvement to CPU usage.
In this particular case the issue was simply the ordering of the filter profiles. I noticed there were Web filter profiles higher up the list than the profile being used by the bulk of the connections. This meant that the traffic was evaluated against multiple profiles before the matching profile was used.
Simply by reorganizing the profiles I was able to significantly reduce the amount of CPU that was required. The system stabilized and has been far more robust from a user browsing perspective. So much so that it even showed up on the CPU graph! Using the right tools to manage Sophos UTM allows you to extract the most value from it.
However, if you need more real-time or more detailed information, it is great to know you can turn to the shell and Fastvue. Hopefully this article has provided a few Sophos UTM CPU performance monitoring tips, and shown how the right combination of tools can lead to a faster resolution of any performance issues you might experience on Sophos UTM.
Etienne is a technical trainer, writer, and blogger. Related Posts One Comment Mark May 31, at pm - Reply Any chance you could drop an edited screenshot showing your Web Filter Profiles and their ordering after you made your changes to accompany this article just so we could compare it with your UTM Reporter screenshot?
Save my name, email, and website in this browser for the next time I comment. Today's hardware usage snapshot I've rebooted each time this happened this last week and it seemed to settle back to normal however today is the exception.
Even after rebooting the master node, the high CPU returns. Best Answer. Thai Pepper. NashBrydges This person is a verified professional. Verify your account to enable IT peers to see that you are a professional. View this "Best Answer" in the replies below ». Br d This person is a verified professional. Martin This person is a verified professional.
Reset the logging, sounds like a db issue to me Shorten the logs retention to a few days so it clears the db. Hi Brad. Here is the perf top screenshot Looks like this 9. Thanks for pointing that out Martin. I'll keep an eye on that thread. Ghost Chili. This is really bad I just updated a UTM to 9. I tried disabling Web control on SEC but that didnt stop the broker comms but wasnt an option anyway as roaming web control is a must have So I applied the broker web block and the CPU came down immedatelly As far as I can see if I take a laptop off the network it can communicate with Sophos broker and use web control via endpoint, all I am doing is stopping it talking to broker service when behind a v9.
Thought I would update this thread.
0コメント