The ProxySG appliance experiences high CPU usage. This occurs due to a large volume of web requests sent from Google Chrome's Autofill Download Manager component.
The appliance's CPU Monitor reports high CPU utilization in SSL and Cryptography and Policy evaluation - HTTP.
The high CPU usage is caused by Google Chrome sending a large volume of web request traffic to https://clients1.google.com/tbproxy/af/query?client=Google Chrome. If you stop Chrome from accessing the URL, the CPU utilization goes down.
To determine if there is a large volume of requests in the network causing continuous policy evaluations, leverage Blue Coat Reporter. The following Reporter reports can be helpful for diagnosing the issue:
SSL access-logs show protocol of tcp for SSL traffic (that is, tunneled). The SSL Access Log contains protocols tcp and ssl. The ssl protocol has been handed off to the SSL Proxy.
Web requests per client ip report filters further based on the site and protocol.
Additionally, the Blocked web browsing per user and Default Bandwidth reports are useful.
After reviewing the access logs, if you see significant SSL traffic to https://clients1.google.com/tbproxy/af/query?client=Google%20Chrome, you can apply a policy to disable SSL interception or deny access to the URL.