Symptom
Currently, FTD's SSL proxy for SSL decryption has a maximum TCP window size of 32K bytes.
This will cause the remote server from a download session to send up to only 32K bytes before waiting for ACK from client, which greatly slows down transmission speed if the round trip time from client to server is significant.
Currently there is no way to change this TCP window size cap.
Conditions
SSL decryption is enabled for "Decrypt/Resign" or "Known Key" for a given traffic flow
Workaround
For mission-critical traffic that requires high download speed from remote server, do not enable SSL decryption.
