- Local User Groups
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
IDC Spotlight -
Uplevel The SOC
Important! R80 and R80.10
End Of Support around the corner (May 2021)
I have 2x CP NGTP 5800 series firewall running in clusterXL as security gateway and I have a mid-range Smart-1 appliance as the manager.
Currently, based on the CPView output the security gateway is running around 2% CPU usage and around 40% memory usage. For the Smart-1, it is running also around 2% CPU usage and around 70% memory usage.
In addition, only firewall, IPSec VPN, ID awareness, and App&URL filtering blades are enabled.
Here are my questions.
1. Why in the output it shows that the total CPU cores are 8 but it seems that only 3 are used randomly.
2. I want to enable the other features (IPS, AV, Anti-bot, Anti-Spam, Content-Awareness, and SSL Inspection), I would like to seek opinion from you if I enable those blades does the 5800 can handle such processes?
Thank you very much.
It could be that the interfaces tied to those cores are getting more of the traffic.
Might be worth giving this a watch:
Note that IPS, AV, Anti-Bot, and Content Awareness all use the same engines as App Control and URL Filtering so I wouldn't expect a huge change in performance.
Anti-spam is also fairly lightweight.
To check core/interface affinity: sim affinity -l
SSL Inspection will definitely impact performance/overall throughout.
Depending on your exact requirements and traffic patterns, it could be substantial (more than 50%).
Might be worth consulting with your local Check Point SE for a more precise answer.