This is covered in my Gateway Performance Optimization Class. According to sk93000 SMT is supported on Open Servers starting in R80.40 Jumbo HFA 45+. Also keep in mind SMT is enabled by default on all Security Gateways whose server architecture supports it, and this is generally what you want. There are a number of considerations though:
1) For systems that have a very high amount of fastpath traffic (such as a gateway with only Firewall and IPSec VPN blades enabled), under high load the SNDs do not benefit from SMT and fastpath performance is reduced.
2) Medium Path performance (passive & active streaming) is improved by SMT somewhere between 20-30% due to the nature of the workload characteristics in that path. Because it is not unusual to see 60-70% of traffic in the Medium Path on a modern gateway with the typical blades enabled, generally SMT is a win. The slowpath benefits from SMT as well, but you should get your traffic out of there anyway. 😎
3) Specifically for Open Servers, keep in mind that your gateway container limits the number of cores you can use. So if you have a gateway with 4 real cores and are licensed for 4 cores, turning on SMT to get 8 cores and paying a sizable premium to upgrade your container core limit to 8 for a 20-30% gain is not even close to being worth it. The cost to increase the number of allowed cores on open hardware goes up very rapidly as anyone who has looked at the pricelist can attest. So if you are paying such a premium per-core, pay it for a real physical core and not SMT ones.
4) To Bob's point about Turbo Boost being helpful for improving single-thread performance by reducing competition for the physical CPU, this is not quite as relevant as it used to be due to Hyperflow and "Super Instances". For the latter feature suppose a 16-core SMT system. Assume that worker core 7 starts getting crushed by an elephant flow. Not only will the Dynamic Dispatcher avoid sending new connections to core 7, it will also stop sending new connections to the sibling core 15. As existing connections on cores 7/15 finish and terminate more and more of the physical core's resources are available to the elephant regardless of SMT. The elephant may also be getting boosted by Hyperflow on multiple worker cores if available, but Hyperflow is not supported on open hardware.
5) For Check Point management components (SMS, Log Server, SmartEvent, etc) SMT is not desirable and will cause around a 10% penalty due to the specific workload characteristics, see here: sk104788: SMT (HyperThreading) for Smart-1 3050, Smart-1 3150, Smart-1 5150, Smart-1 6000 This may be why sk108200 is telling you to disable SMT on your HP since that SK applies to both gateways and management components.
Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com