Our application team recently launched a download feature on one of the applications. This download consist of a zip file of size around 20 MB. This applications virtual server has transparent security policy assigned to it. Users are seeing a delay of 15 seconds when downloading these files with ASM security policy on.
Download was instantaneous when we tried removing the security policy and testing. We are only having transparent policy with GEO IP Policy switched on.
You most probably have response signatures assigned to your policy. It will take some time to scan a 20Mb file against thousands of RegEx-es. 15 seconds seems a fair number. As ZIP on your website is a trusted file (I assume) response attack signatures should be disabled for .zip files in your policy.