This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
lluner
Advisor
Friday
Jump to solution

Problem performance blade forensics

Gentlemen,

I'm receiving complaints about slowness on some machines using the forensic blade, especially I/O, based on the information provided. How can I perform the analysis in this case?

Endpoint version: 88.72.2001

Procedures already performed

1. I ran the diagnostics several times and have already made the exclusions.
2. I created a specific policy for the machine in question, setting the "Tuning" policy.

 

forensics4.pngforensics3.pngForensics2.pngForensics1.png

0 Kudos
2 Solutions

Accepted Solutions
the_rock
MVP Gold
MVP Gold
Friday
In response to lluner
Jump to solution

Hm...since you made all the exceptions, might be worth check with TAC.

Andy

View solution in original post

0 Kudos
Chris_Atkinson
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
Friday
Jump to solution

Short of testing E89.00 to see if EPS-59766 is a potential factor here I would suggest engaging with TAC on this.

CCSM R77/R80/ELITE

View solution in original post

5 Replies
the_rock
MVP Gold
MVP Gold
Friday
Jump to solution

Does it happen only on some machines randomly?

Andy

0 Kudos
lluner
Advisor
Friday
In response to the_rock
Jump to solution

Hi andy 

They complain about the machine's slowness and it shows this information, both I/O and the process that is consuming a lot. I believe that the checkpoint could have a thoubleshooting to identify or some configuration regarding this forensic blade that always consumes a lot of I/O, it is worth noting that the disk is NVME

0 Kudos
dukenukemz
Explorer
Friday
In response to lluner
Jump to solution

Does the same thing happen on machines with 16GB of ram? it looks like your 8GB of ram is maxed out. On the policy > Behavioral protection > Advanced SEttings > Select Low Memory Mode.

 

See if that helps

0 Kudos
the_rock
MVP Gold
MVP Gold
Friday
In response to lluner
Jump to solution

Hm...since you made all the exceptions, might be worth check with TAC.

Andy

0 Kudos
Chris_Atkinson
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
Friday
Jump to solution

Short of testing E89.00 to see if EPS-59766 is a potential factor here I would suggest engaging with TAC on this.

CCSM R77/R80/ELITE

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events