It's Here!
CPX 360 2021 Content
Check Point Harmony
Highest Level of Security for Remote Users
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
Advanced Protection for
Small and Medium Business
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Forrester Study Finds
CloudGuard Generates 169% ROI
Hi Team,
We are facing latency/disconnection issues in the network when we connect the mirror port on the firewall monitored interface.
We created a bridge group between DMZ & LAN3 interfaces on firewalls. We have one monitored interface connected with the switch mirror interface. Due to mirror traffic, we are facing a latency issue, when we connect the mirror port interface on the LAN2 firewall interface the RX of interface increase rapidly and TX of DMZ increases rapidly.
I attached the network topology diagram.
PhoneBoy
What blades are active here?
Do you know how much traffic the mirror port is sending to the gateway?
Only FW blade is enabled, Don't know the exact amount of traffic.
PhoneBoy
There’s almost no point in using a mirror port with just firewall active.
Also, it’s more difficult to process mirror port traffic, generally speaking.
Might be worth posting the output of the Super Seven commands for SMB: https://community.checkpoint.com/t5/SMB-Appliances-and-SMP/Super-Seven-Performance-Assessment-Comman...
We will use the IPS blade letter once the traffic becomes stable.
You have to be very careful with those boxes. The 1200R has a single core and I would think a traffic mirror would send a lot of data through to the CPU to process the traffic. I would also assume this isn't creating a network loop but i can say for sure from past exp that if you plug 2 ports in from a vswitch into the same vlan it will create a loop on the firewall and make the CPU instantly go crazy which then prevents the firewall from doing anything.
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY
