What is the best approach to troubleshoot "slow connections"?

Question asked by Maik Dummer on Nov 6, 2018
Hello fellow Check Point admins,


to keep it short - how do you troubleshoot slow connections?

Every now and then I receive requests from users/sys admins who complain that their backup jobs or all different kinds of traffic appears to be really slow once they have to pass a firewall in our environment. In most cases I am pretty sure that this is not the case, at least not related to the firewall. But as we all know - it always has to be the firewalls fault.


So that leads to the before mentioned questions. Currently I do several things to verify if I have some issues on the fw side, like:


- checking the related interfaces and error counters

- enable accounting in the logging of a related rule to see the transmitted data size

- check for possible TCP out of state logs, which could be related to timeouts and therefore throttle the connection due to reconnect attempts


But to be honest, I am pretty sure that there are other, better, approaches to determine if the firewall is the cause of slow downs or not. So please, tell me about your recommendations.