Hello to everybody !!!
Here is the case as simple as I can describe it.I have 4 WSA.Let's take for granted that everything else in my network has been checked and works as it should be.Sometimes during the day I experience high latency in traffic which in simple words has as a result a slow response to the Internet.I have already made an extensive research and investigation and I have conclude that it is normal because I have exceeded the recommended average of SSL traffic and as so I plan to add 2 more WSAs in my network.
I just wonder if anyone else faced the same issue and has anything else to suggest or an other solution that might work.
Thank you all for your time,
Latency can occurs in WSA due to multiple factors and combinations of them at the same time:
1. What WSA hardware model
2. What versions
3. What scanning engine enables in WSA (AMP, webroot, sophos, mcAfee) does it using authentication?
4. What is your RPS (request per second)?
5. What is your traffic pattern such as majority HTTPS traffic with decryptions? streaming traffic?
if you have a massive RPS especially during production hours with high decryptions and with all the scanning services enabled and you are running the very low end model, then this can definitely impact the performance handling the web traffic.
Exceeding the decryption threshold on the WSA can result is overall slowness of the traffic. Since you have narrowed it down to decryption, probably you can open up a TAC case and have them check the most decrypted url's. If there are url's which you think is safe and need not be decrypted and that is actually have lot of hits , you can actually set it as passthrough. It really depends on the number of hits though. An overall health check of the WSA performance by TAC would also be good as many factors can contribute to sluggishness.