The general guidance we can give is on the product datasheet for the 15400: https://www.checkpoint.com/downloads/products/15400-security-gateway-datasheet.pdf
More specific guidance can be obtained from your local SE.
Generally speaking, most of the NGFW and Threat Prevention blades use the same underlying engines.
This means that enabling any one of them will have roughly the same performance impact.
With VSX, I've seen customers do both different functions on different VSes and all functions on all VSes.
That said, you might want to make sure you're using 64-bit VSes to ensure you are able to fully utilize memory in a given VS.