This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
lucasfn
Explorer
‎2025-05-12 08:17 AM

Slow upload on GitHub

Hello community,

I'm having a case where a user is experiencing slow uploads to GitHub, even though our upload rate is 2GB. I don't think the problem is the link or QoS policy, since we don't use it.

In order to find out the cause, I performed the following troubleshooting:

- I disabled the Threat Prevent blades: no success.

- I created a policy at the top of the rule base allowing all traffic to GitHub: no effect.

- I checked for blocks using the fw ctl zdebug + drop: no blocks.

However, when adding the traffic to fast accel, the upload rate improved significantly. Before, it took about 50 seconds to upload the file, and when adding it to fast accel, it took about 5 seconds for the same file.

Given this, I opened a case with Check Point to ask why this behavior was occurring, and Check Point responded by saying that this was normal because the traffic was undergoing several inspections, which resulted in the upload delay.

However, I have a small problem. GitHub has hundreds of IPs and I can't add them all to Fast Accel. Check Point informed me that I could add the IP of the host that needs to access GitHub, allowing everything to be accessed in Fast Accel. However, I don't see this as a solution because it will stop inspecting all the traffic from this host and may leave a gap in the network with it vulnerable.

Do you have any other ideas that I can use to solve this issue, or should I really follow the recommendations that Check Point provided?

Labels
0 Kudos
2 Replies
the_rock
Legend
Legend
‎2025-05-12 08:53 AM

Hey @lucasfn 

First thing that came up to my mind is...do you use ssl inspection? If yes, I would create test bypass rule and see if it makes a difference. If not, then maybe create a rule specifically allowing just github as domain object, something that contains .*github* and uncheck fully qualified domain option.

Now, if you do NOT use ssl inspection, but urlf/appc blades are enabled on policy layer, then have a rule that has custom url domain as *github* and see if that helps.

Andy

0 Kudos
PhoneBoy
Admin
Admin
‎2025-05-12 02:56 PM

How did you "disable" Threat Prevention blades?
For Threat Prevention, you should probably create an exception bypassing the traffic.

How did you attempt to allow "all traffic to GitHub."
Specifics with screenshots will help.

Are you using HTTPS Inspection at all?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events