Skip to main content
rgs-araujo
rgs-araujo
Visitor III
October 3, 2024
Question

Forticlient slowing down Windows 11 update 24h2

  • October 3, 2024
  • 1 reply
  • 6343 views

Hello there,

We are having issues on machines trying to update to the last windows 11 update 24h2.

The updates are taking way too long, some of them taking 5 hours to complete. Our machines all have SSDs installed, so, don't think it is an I/O issue.

We tested machines without forticlient and they finished updating in about 10 minutes.

Our forticlient versions are 7.2.4.0972 and 7.2.5.1053 (tested in both of them and the issue persists).

I tried disabling Cloud based protection and refining antivirus exclusions, to no avail. Exclusions are as follows:

 

Paths:

%windir%\SoftwareDistribution\Datastore
%systemroot%\System32\Spool

 

Files:
%windir%\Security\Database\*.log
%windir%\Security\Database\*.sdb
%windir%\SoftwareDistribution\Datastore\Logs\Edb.chk
%windir%\SoftwareDistribution\Datastore\Logs\Tmp.edb
%windir%\Security\Database\*.chk
%windir%\Security\Database\*.jrs
%windir%\Security\Database\*.csv
%windir%\Security\Database\*.edb
%windir%\Security\Database\*.xml
%windir%\SoftwareDistribution\Datastore\Logs\Edb*.jrs
%windir%\Security\Database\*.cmtx
C:\pagefile.sys
C:\swapfile.sys
C:\hiberfil.sys
%allusersprofile%\NTUser.pol
%Systemroot%\system32\GroupPolicy\registry.pol

 

I collected some logs from a machine that took almost 4 hours to complete the update (from october 3rd, 10:40 to 14:05). I couldn't find any explanation for what I found. Some entries I repeatedly see on these logs are:

 

03/10/2024 11:17:29 debug update update process sending request: 07002000FVDB01300000920772499999 ##this numer seems random.

03/10/2024 11:59:58 debug av <appdbClient.msg 6> [file: , pid: 0]
03/10/2024 12:00:34 debug firewall scheduler called us

 

 

1 reply

Atul_S
Staff & Editor
Atul_S
Staff & Editor
October 4, 2024

Hi,

 

Just to confirm, if the host machine has already got window 11 and you are trying to run normal updates or you are experiencing slowness while updating from win 10 to 11? If you are using full tunnel, how is the access speed for rest of the things?

 

Thanks,

rgs-araujo
rgs-araujoAuthor
Visitor III
October 4, 2024

Hello,

Thank you for trying to help.

All the machines have windows 11 already. So, it is an update from windows 11 (any version) to windows 11 24h2.

If by 'full tunnel' you mean ssl vpn through forticlient: then the access speed is fine. So far, no issues reported on vpn speed.

But anyway, just to make myself clearer, the slowness on this update happened on machines off-fabric (using vpn) and on machines on-fabric (connected directly to the company's network without the need for vpn).

Tks.

Atul_S
Staff & Editor
Atul_S
Staff & Editor
October 4, 2024

Hi,

 

Thanks for your reply. Since you have mentioned that the no access speed issue is noticed when connecting to another resource via FortiClient, may I suggest the below:

 

-To isolate the issue, do you mind trying to download a decent-sized file from https://www.thinkbroadband.com/download and note the speed? FYI, this link has nothing to do with the FTNT recommendation. I just googled to find resources available on the Internet.

 

-Review the link https://community.fortinet.com/t5/FortiGate/Technical-Tip-Using-DTLS-to-improve-SSL-VPN-performance/ta-p/193881 and try to disable and enable DTLS tunnel to see any difference in behavior.

 

Thanks,

Atul

 

Terms & ConditionsAccessibility statement