Our FG400 running 3.00 build 479 code seems to be really slowing things down. It is running at a smaller university as our main UTM device for approximately 1000 users with a 25Mb internet connection. It is has about 71 firewall policies enabled, Anti-Virus for SMTP and FTP, FortiGuard Web Filtering on several categories, logging (for AntiVirus, Web Filtering and Firewall violations) and Virtual IPs for about 50 servers. We have about 8500 current sessions at any time and are seeing the CPU bounce between around 60% - 90% and the memory is pretty steady at 72%. In general our internet seems unusually slow, but our Packet Shaper which is in-line right before this firewall is only showing approx 10Mb -12Mb of utilization. Below I have pasted the output of a " diag sys top" command and am particullary curious if anyone else is seeing the thttp process taking up so much CPU. Also I have posted a screen shot of our statistics for a 7 day period just for addition data. Has anyone else had a similar experience or any input? We were under the impression when we bought these they would scale just fine to this kind of scenario, but now we are starting to wonder...
thttp 384 R 43.2 11.3
miglogd 25 S 18.7 1.6
urlfilter 773 S 7.1 3.9
scanunitd 833 S < 6.5 2.4
ipsengine 996 S < 4.5 8.7
scanunitd 834 S < 3.9 2.4
ipsengine 997 S < 0.5 8.6
smtp 36 S 0.5 1.8
scanunitd 832 S < 0.5 1.6
newcli 890 R 0.3 2.0
cmdbsvr 14 S 0.0 6.0
httpsd 931 S 0.0 3.4
updated 48 R 0.0 3.3
httpsd 1013 S 0.0 3.2
httpsd 26 S 0.0 3.0
newcli 279 S 0.0 2.1
sshd 53 S 0.0 2.0
newcli 889 S 0.0 2.0
sslvpnd 27 S 0.0 1.9
ipsecd 47 S 0.0 1.7
