Poor UTM Performance after Zywall 110 to USG Flex 500 Upgrade

triJRO
triJRO Posts: 10  Freshman Member
First Anniversary Friend Collector First Comment
edited April 2021 in Security
Hi,

I just upgraded from a Zywall 110 to a USG Flex 500 in the expectation that all the UTM-Features can be used and I should still be able to fully saturate our 500/110Mbit/ Internet connection. As Soon as I enable all the UTM-Features the measured bandwidth drops from 520Mbit with no features enabled to around 230Mbit when enabled. The specification lists a UTM Performance of 800Mbit for the Flex 500. Am I doing something wrong here or is this to be expected? Can this somehow be improved? 

Thanks in advance,

Jann
Tagged:

Accepted Solution

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,039  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Hi @triJRO

    What kind of testing tool/application are you currently using? The result seems to be normal if you did the test by using single session, the throughput will not as high as the datasheet speed.

    In our lab testing, what we did is to test the throughput by using a testing machine with multiple sessions in multiple ports.

    In addition, when the UTM features are turned on, since the device will scan those traffics packet by packet which will bring some overhead to the system. The performance will not as high as purely routing scenario.


All Replies

  • dkyeager
    dkyeager Posts: 69  Ally Member
    First Anniversary 10 Comments Friend Collector
    Upgraded two USG110s to two USG Flex 500s.  We use most of the features except no AV (too much of a bandwidth hog) and no bandwidth management.  Very little degradation on our 1Gbps synchronous connection.  Same with lesser speeds from other ISPs.  (3 on 1, 2 on the other).  I figure our max speed should be about 1.5Gbps, but have not tested this yet.  Hopefully this helps to narrow down the issue.
  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,039  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Hi @triJRO

    What kind of testing tool/application are you currently using? The result seems to be normal if you did the test by using single session, the throughput will not as high as the datasheet speed.

    In our lab testing, what we did is to test the throughput by using a testing machine with multiple sessions in multiple ports.

    In addition, when the UTM features are turned on, since the device will scan those traffics packet by packet which will bring some overhead to the system. The performance will not as high as purely routing scenario.


Security Highlight