Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
The Fast Acceleration (picture 1 green) feature lets you define trusted connections to allow bypassing deep packet inspection on R80.20 JHF103 and above gateways. This feature significantly improves throughput for these trusted high volume connections and reduces CPU consumption.
The CLI of the gateway can be used to create rules that allow you to bypass the SecureXL PSLXL path to route all connections through the fast path.
Tip 1
Use this function to exclude IP's or networks from deep inspection.
Picture 1
Here you can see the complete packet flow in detail : R80.x - Security Gateway Architecture (Logical Packet Flow)
I will update the document to this new function in the next few days.
Feature Attributes:
- Configured from the gateway's CLI.
- Can be turned On / Off, Off is the default.
- Rules can be added / deleted by demand.
- Configuration (State / rules) survive reboot.
- Maintain rule hit count (does not survive reboot).
- Every configuration change done by the user is logged in $FWDIR/log/fw_fast_accel.log file.
Feature Usage:
fw ctl fast_accel <option>
| Option | Explanation |
| add | Add a connection |
| delete | Delete a connection |
| enable | Set feature state to on |
| disable | Set feature state to off |
| show_table | Display the rules configured by the user |
| show_state | Display the current feature state |
| reset_stats | Reset the statistics collected by the feature |
| --help/-h | Display help message |
To create fast_accel rules, read more in this sk156672 - SecureXL Fast Accelerator (fw fast_accel) for R80.20 and above.
.png "Wolfgang"){kind=avatar}
