10-27-2012 03:04 PM
Hi,
I have a PA-200 at home and am doing some tests with regard to the reported throughput speed using the "show system statistics session" command. To give an idea: I have a PA-200 sitting between my desktop computer and the internet, which is connected through a 60 Mbps line. I am testing with an SSL encrypted constant download, which went up to 6-7 MB/s before I put the PA-200 in place.
If the download is not running, the firewall reports a throughput of 0 to a couple of kbps. When I start the download, the throughput hangs stable around 80 Mbps. However, my download tool reports an actual download speed of 4.8 MB/s. If I'm calculating correctly, that should be around 40 Mbps 
I have created an application override and custom application for this specific download, in order to bypass the App-ID engine. There is no SSL decryption in place, the firewall is letting the traffic go through using a plain any-any-any rule (with threat prevention enabled, but should not be used since there's an app override). So the question is: why is the firewall reporting double the throughput of the actual transfer?
10-28-2012 11:33 AM
Is it possible for you to connect a Cisco 2960 or such to get a second opinion and use snmp against that device to find out the actual raw throughput (along with monitor the uplink port and save that stream as tcpdump to see how much raw data is actually being pushed)?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
