This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
LostBoY
Advisor
‎2019-01-16 04:46 AM

Memory in Management Server shows RED

Hi,

The management server is managing two firewalls which are in  VSX cluster and running on Gaia R 80. 10.

In smart-console the CPU usage is merely 3-4 % but  the memory status shows as 85-86 % and is in "RED".

Please suggest as to what might be causing this. Also, there isn't much traffic through the firewalls as of now and there memory and CPU utilization is under 10%.

Memory in SMS server is 8GB

Thanks

9 Replies
Chris_Atkinson
Employee
Employee
‎2019-01-16 05:41 AM

8GB RAM is on the lower end of memory population for R80.10 Management, is SmartEvent also active on the same machine?

0 Kudos
LostBoY
Advisor
‎2019-01-16 06:22 AM
In response to Chris_Atkinson

Thanks for the reply.. Yes SmartEvent Blade is enabled in the server settings.

Network Policy Management

Logging & Status

SmartEvent Server

SmartEvent Correlation

These are active on the SMS Server

0 Kudos
Timothy_Hall
Champion
Champion
‎2019-01-16 06:28 AM
In response to LostBoY

Please provide output of the following commands run on the SMS for analysis:

free -m

sar -B

sar -W

cat /proc/meminfo

--

CheckMates Break Out Sessions Speaker

CPX 2019 Las Vegas & Vienna - Tuesday@13:30

Updated 2023 IPS/AV/ABOT R81.20 Course now
available at maxpowerfirewalls.com
0 Kudos
Chris_Atkinson
Employee
Employee
‎2019-01-16 06:35 AM
In response to LostBoY

Per the R80.10 release notes 16GB is the starting reference point for configs with SmartEvent but each environment is subtly different depending on enabled controls / load etc.

0 Kudos
Timothy_Hall
Champion
Champion
‎2019-01-17 04:58 AM
In response to Chris_Atkinson

Right, for an R80+ SMS I've found that the sweet spot seems to be 8 physical cores and 16GB of RAM; as cores & memory are added up to these amounts a noticeable improvement in management performance is seen.  Adding more cores and memory beyond that will certainly not hurt, but the incremental performance increase will not be as dramatic.  Java heap sizes and other internal tuning variables are automatically tweaked upon every SMS boot to optimize resource usage based on the number of cores and amount of RAM detected, but these automatic tweaks "top out" at 12 cores and 35.6GB of RAM or higher.

--

CheckMates Break Out Sessions Speaker

CPX 2019 Las Vegas & Vienna - Tuesday@13:30

Updated 2023 IPS/AV/ABOT R81.20 Course now
available at maxpowerfirewalls.com
AlekseiShelepov
Advisor
‎2019-01-17 06:48 AM
In response to Timothy_Hall

What is your opinion about the sweet spot for MDS? Let's say with 10 domains and 50-100 connected gateways. Or maybe you saw some bigger setups in production. The most powerful Smart-1 can have 128GB or 256GB of RAM, as far as I know.

0 Kudos
Timothy_Hall
Champion
Champion
‎2019-01-19 12:09 PM
In response to AlekseiShelepov

Based on what I've heard, I'd say the realistic bare minimum for any kind of MDS is probably 8 cores and 16GB RAM.  Beyond that it really depends on the number of CMAs (and associated processes) and the size of the configuration (number of rules, objects, policy packages, etc.).  In general though:

More CMAs -> More Cores. 

Larger Configs -> More Memory.

A Smart-1 3150 has 12 cores and has a base of 64GB RAM;  a Smart-1 5050 has 16 cores and a base of 64GB RAM (supports up to 50 domains & 50 gateways according to the pricelist);  a Smart-1 5150 has 24 cores and a base of 128GB RAM (supports up to 100 domains and 150+ gateways).  For an MDS if you have to pick between more cores and more RAM due to budget, I'd vote more RAM to help buffer disk I/O operations which tends to be the most prevalent bottleneck when it comes to MDS management performance.

--

CheckMates Break Out Sessions Speaker

CPX 2019 Las Vegas & Vienna - Tuesday@13:30

Updated 2023 IPS/AV/ABOT R81.20 Course now
available at maxpowerfirewalls.com
0 Kudos
LostBoY
Advisor
‎2019-01-21 12:56 AM
In response to Timothy_Hall

Can i find a document which states server requirements for an R80.10 Management Server so that i can use it to push for hardware upgrades.

Thanks

0 Kudos
Chris_Atkinson
Employee
Employee
‎2019-01-21 01:13 AM
In response to LostBoY

The following resources should be really helpful in this respect.

R80.10 Release Notes 

R80.10 Security Management - Performance Tuning Guide - Check Point Software Technologies 

SmartEvent NGSE 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫