This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Patrickc
Explorer
‎2025-03-04 03:35 AM
Jump to solution

SMS Sizing

Hi All,

 

The customer currently wants to replace the old firewall with a new one. The management server is running on a VM ESXi, and it also needs to be rebuilt. Due to the company's policy, a re-evaluation and recommendation of CPU and memory are required. The disk requirements are clear, but I am not sure where to start with the CPU and memory recommendations. Please provide your suggestions.

Current environment:

  • Rulebase with over 10,000 rules
  • Daily log volume is approximately 20GB
  • Managing 4 firewalls (2 Clusters)
  • Version :R81.20
0 Kudos
1 Solution

Accepted Solutions
Tal_Paz-Fridman
Employee
Employee
‎2025-03-04 04:15 AM
Jump to solution

Please refer to Sizing Recommendations for Check Point Management Server:

https://support.checkpoint.com/results/sk/sk178325

 

View solution in original post

4 Replies
Tal_Paz-Fridman
Employee
Employee
‎2025-03-04 04:15 AM
Jump to solution

Please refer to Sizing Recommendations for Check Point Management Server:

https://support.checkpoint.com/results/sk/sk178325

 

the_rock
Legend
Legend
‎2025-03-04 05:29 AM
Jump to solution

Personally, if it was me, with 10K rules, I would say even VM is okay, but probably with at least 128 GB of ram and ssd drive and at least 12, preferable 16 cores. 

Otherwise, what @Tal_Paz-Fridman sent is an official CP sk about it, so I would definitely follow that.

Andy

0 Kudos
Bob_Zimmerman
Authority
Authority
‎2025-03-04 09:37 AM
Jump to solution

That seems like a really large number of rules for just two clusters.

I have an environment about that size (fewer rules, more clusters, more log volume). It's currently a management server (4 Xeon Gold 6254 cores, ~90% idle, 24 GB of RAM, no swap used) and a separate log server (4 Xeon Gold 6254 cores, ~40% idle, 32 GB of RAM, no swap used). As long as the storage is fast enough, I'd be comfortable with a single system with 6 equivalent cores and 64 GB of RAM.

the_rock
Legend
Legend
‎2025-03-04 09:41 AM
In response to Bob_Zimmerman
Jump to solution

Thats very valid point Bob. I had never seen anyone have more than 4000 rules. But, mgmt with 64 GB of ram sounds about right.

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top