I have 120+ users and my ASG320 with 2GB RAM handles it.
Current system configuration
Firewall is active
Intrusion Prevention is inactive
Web Filtering is active
Network Visibility is active, 18 Application Control rules active
FTP Proxy is inactive
SMTP Proxy is active
POP3 Proxy is inactive
Web Application Firewall is active
Antivirus is active for protocols HTTP/S, SMTP, WAF
AntiSpam is active for protocols SMTP
AntiSpyware is active
Email Encryption is inactive
Site2Site VPN is inactive
Remote Access is active
HA/Cluster is inactive
Endpoint Protection is active
Wireless Protection is active

Enabling the IPS ,FTP proxy ,pop3 proxy will bring your swap close to the figures that most of the other users report

I have only 3 uses and I am having such issues (well Support confirmed that there is a memory leak that is going to be resolved wt version 9.005)

__________________

• R.T.F.M. – A hitchhiker's guide to IT
  
• How To Ask Questions The Smart Way
  
• My Astaro Feature Requests

Astaro ASG 120 Rev. 4 |Version 9.0** |1 X Astaro wireless AP10
Sophos UTM 120 Rev. 5 |Version 9.1** | 2 X Astaro wireless AP10
GPG Key Fingerprint: B205 ED94 FBF0 E617 63A5 C6C9 D15D 70A1 B84E 9AC9

the big ram eater is the http proxy..the ips also has issues. Combine the two and it's disastrous. You are only using ips and minor things so your config is fine. turn on http proxy though and your box will fall over..your 150 users will think they are on dialup if they can get to the net at all.

__________________
Owner: Emmanuel Technology Consulting
http://www.etc-md.com
Sophos Silver Solution Reseller
Sophos Certified Architect - UTM
Gillware Data Recovery Afilliate
MIcrosoft Registered Partner

Web Filtering = httpproxy

what kind of swap are you using? you can't tell that form the webadmin since that's been hidden now. hit the shell type free for a quick look.

__________________
Owner: Emmanuel Technology Consulting
http://www.etc-md.com
Sophos Silver Solution Reseller
Sophos Certified Architect - UTM
Gillware Data Recovery Afilliate
MIcrosoft Registered Partner

...and you still find swap under reporting&logs / hardware graphs ;o) It's only hidden in the dashboard.

__________________
I love to post this Link everywhere in this forum: http://www.astaro.org/gateway-produc...-tweaking.html

It sure is odd for them to go out of their way to remove it from the dashboard...

I received mail from Sophos support, because of the memory leak with 9.004-34.
They told me to change the primary scan engine from Sophos to Avira and restart http-proxy.
After executing this, the swap-usage on our ASG320 went down from over 90% to actual 61%.

Further Sophos support told me, that 9.005 should arrive at thursday, next week (24th of january)

__________________
@Work (productive):
2 x ASG 320 rev.4, HA, 9.006-5
9 x RED-10
6 x AP-50
6 x AP-30
1 x AP-10
10 sites
- HTTP Proxy / SMTP Proxy / IPS / Dual Antivirus / Antispam / SSL VPNs / IPSec VPNs / Mail encryption

@Work (testlab):
3 x 9.006-5 VM Cluster running on ESX 5.0

61% is still too high for a properly tuned/setup Linux system...but that is an improvement.

__________________
Owner: Emmanuel Technology Consulting
http://www.etc-md.com
Sophos Silver Solution Reseller
Sophos Certified Architect - UTM
Gillware Data Recovery Afilliate
MIcrosoft Registered Partner

I have single scan engine selected with Avira antivirus and the Swap went down only when I've disabled IPS. When both IPS and proxy are enabled ,the swap continues to grow. Is there another way to ensure that the primary scan engine is Avira but both are being in use?

__________________

• R.T.F.M. – A hitchhiker's guide to IT
  
• How To Ask Questions The Smart Way
  
• My Astaro Feature Requests

Astaro ASG 120 Rev. 4 |Version 9.0** |1 X Astaro wireless AP10
Sophos UTM 120 Rev. 5 |Version 9.1** | 2 X Astaro wireless AP10
GPG Key Fingerprint: B205 ED94 FBF0 E617 63A5 C6C9 D15D 70A1 B84E 9AC9