SRX

1.When I enable UTM policies internet surfing gets dead slow. Why?

2. How to Block Application sets- Like Peer-peer sites,KAAZAA,edonkey,limewire.

 3. Logging - How can I get detailed logging for ip based website access

1) Try this in you config

set security flow traceoptions file flowtrace size 5 files 2

set security flow traceoptions flag basic-dtapath

set security packet-filter my_filter source-prefix <source-ip>

commit

Then try to browse and look in the output from the trace with show log flowtrace to see what's going on.

when you're ready: rollback 1 to disble the tracing

2) In the IDP module you can do application recognition en set the block action

3) set logiing to your policy and review in the rtlogd log file.

   To enable loging set log session-close on the permit level of the policy (then log session-close) 

   To view the log: show log rtlogd

How much BW do you have for your Internet connection? Reason I ask is if you are constantly utilizing max bandwidth then your SurfControl web-filtering check traffic will also need to contend with that traffic. SurfControl will use UDP 9020 so it could take some time before the UF receives a response which will slow down your web surfing. One thing that can be done to help is to maximize your cache size and duration to decrease the amount of UF traffic, though that really would only help if you surf same sites constantly. If I find any other things that could help, I'll let you know.

-Richard