Hi rwpatterson, Thanks for your reply, Yes I've tested our two isp every morning. The ISp is 50d and 50 up the other is 40 d and 40 up. Usually I will get 48 d and 45 up and 38 down and 25 up. When staff and students start using our network. The network will slowdown, browsing will be affected, downloading a small file will take ages to finish. Is it possible when the firmware was updated it will affect the configurations?

Soound more like the ISP and the network is  load-shard and saturated. What type of   internet is being provided?  DSL, VDSl, Cable-modem,etc.....

 

Also when they tested the router, was it during the same business hour? I would do the simple  test and look at  any   link-errors and also anything infected on the wire.

 

I'd say it's not totally unconceivable that the FGT is underpowered.

1- How many users and how many sessions do you see during 'slow' phases?

2- Do you apply the full UTM set, like AV, IPS, AC,...? For instance, if you just apply IPS and enable all available signatures it might kill nearly any size model.

3- Who has configured the FGT and the UTM features in particular? Sufficient background? His/her response to your complaints? Have you measured the vital parameters of the FGT during heavy load, such as # of sessions, free memory %, CPU load %?

Hello emnoc

Thank you for your reply.

IT is a DSL connection. Tested the router during school hours. Problem is she only has the access to the FG.

Tested the router by removing the FG connection. Comparing both results which is if FG connection is remove ISP is ok and the FG connection was put back our speed will massively goes down.

Hello ede_pafu

Thank you for your reply

[ol]

Cannot say how many users at the same time. But our school has 400 plus computers used by staff and students connected via wireless or lan, we 80 apple ipads. We SIMS servers SIMS, DNS & DHCP

Due to have no access to FG I have limited resources on proving to her that the issue is on FG. I can only show her the result of my speed test by comparing to results. Which is speed test remove the FG connection to ISP router and FG connection put back to the ISP router. Result is when FG remove ISP Speed is ok when put back ISP speed goes down. (this tested during office hours)

A certain company to set it up for her. But after the FG was setup. She is the one managing it already. I have no clue on what is happening inside FG. That sucks hehehe.[/ol]

I also contacted my superior just to have check just to be sure. But have no response

Hello Guys,

 

Thank you for all the replies. It was fixed already.

 

The only thing I know what was change on FG was youtube was blocked due to overloading. The other ISP was activated again. The rest of the changes I am no sure due to have no access.  Let just say that there is something happening inside the firewall. It takes time for my superior to notice it.

 

Thank you very much for you help.

 

I really appreciate it.

Good to know they've fixed it (kind of), thanks for the follow-up.

 

As FortiOS is a complex operating system it is possible to misconfigure it which might cause slow-downs. Maintenance/operation should really be left to a professional. Contrary to a common misbelief a security configuration is never static, it needs to be monitored and adapted from time to time.

The better questions is: Why isn't the one who is managing the Fortigate on these forums?