Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ITTech
Explorer

vpn problem with high ports

good morning

I have a problem with my cluster XL R81.10 Take 139.

Client has configured a monitoring task with the application Teenable, when it launches the monitoring, you can see that the computer cpu is saturated, but only happens with high ports, keep in mind that this monitoring is done through vpn.

I attach evidence:

cpview.PNGsmartview.png

0 Kudos
5 Replies
PhoneBoy
Admin
Admin

You should probably fw fast_accel the traffic so it doesn't get inspected by the higher-level blades.
https://support.checkpoint.com/results/sk/sk156672 

ITTech
Explorer

Hi Phoneboy

Thans for your answer, Actually the appliance has the vpn accel in state on

0 Kudos
PhoneBoy
Admin
Admin

Traffic that hits Medium Path is accelerated, but it's more heavy than fully accelerated traffic.
Output of Super Seven commands might be helpful here: https://community.checkpoint.com/t5/Scripts/S7PAC-Super-Seven-Performance-Assessment-Commands/m-p/40... 

0 Kudos
the_rock
Legend
Legend

I agree with Phoneboy, makes most logical sense in your case.

Andy

0 Kudos
emmap
Employee
Employee

Tenable puts out a lot of connections that then have to be decrypted/encrypted by the gateway in your case, so it's not too surprising that there's a load issue. Is there a way to 'turn down' tenable so that it's doing its work more slowly? 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events