Sometimes, unfortunately, there is no other way but to buy a bigger box.
We have just replaced 100+1200R firewalls on R77.20.XX with 1570R firewalls on R81.10.XX. ( 1CPU /1Gb RAM -> 4 CPU / 2 GB RAM ). We now have memory issue on all new firewalls, with outages on regular bases, all with the SFWD process. There are less then 100 sessions on these firewalls and the bandwidth is around 1mbps ! There is something seriously wrong with these versions. We had less issues on a smaller box with older software !
We have a a TAC case open for more then 4 months, with R&D involved, but there is no progress.
Problems we see :
Antivirus Updates: SFWD crashes randomly during antivirus updates, causing complete outages of the firewalls.
IPS Updates: SFWD restarts after almost every IPS update due to memory consumption
IPS Schedule Timer: Spark devices do not adhere to the IPS update timer configured in the dashboard.
Segmentation Fault: Some firewalls experience segmentation faults, resulting in complete outages.
High Memory Usage: Memory increases after firewall reboot, potentially indicating a memory leak issue.
we suspect all problems being related to memory consumption.
all crashes are solved with sfwd_restart.
example mem usage : 60 Mb free, no free SWAP memory free
Mem: 1959048 1792108 60700
Swap: 524284 524264 20
Concurrent Connections: 0% (79 out of 99900) - below watermark
Bits/sec 289K