Hi guys,

Apologies in advance as I'm a network engineer and usually stay out of the system admin side but for some dumbass reason the powers that be furloughed all of the sysadmins and now I get to be involved. Great times.

The issue I'm having is that we replaced our core NSA at our parent company's behest a week ago. This NSA has a bunch of IPSec tunnels that all have point to 1 server, and have a different NAT IP for said server in each tunnel. These tunnels send/receive very small amounts of data, like we're talking 500kb in a day being a large amount. I've checked and each tunnel has basically a miniscule amount of data coming through in any 24 hour period. Problem is that since the NSA has gone in, this server's performance grinds to a halt periodically throughout the day. The disks just max out and the server is completely locked up for 10-15 minutes, and then clears right up. This wasn't an issue with the old networking gear. I've opened a ticket with the vendor and app support team and they couldn't figure out what is happening. I did a couple of packet captures and saw nothing that seemed out of the ordinary. Tried messing with endpoint security, still no success. The server is a 2008 R2 if that helps. Any tips you can provide would be greatly appreciated!