This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
fatalXerror
Contributor
‎2019-02-12 06:52 AM

NGTP 5000 Performance

Hi Guys,

I have 2x CP NGTP 5800 series firewall running in clusterXL as security gateway and I have a mid-range Smart-1 appliance as the manager.

Currently, based on the CPView output the security gateway is running around 2% CPU usage and around 40% memory usage. For the Smart-1, it is running also around 2% CPU usage and around 70% memory usage.

In addition, only firewall, IPSec VPN, ID awareness, and App&URL filtering blades are enabled.

Here are my questions.

1. Why in the output it shows that the total CPU cores are 8 but it seems that only 3 are used randomly.

2. I want to enable the other features (IPS, AV, Anti-bot, Anti-Spam, Content-Awareness, and SSL Inspection), I would like to seek opinion from you if I enable those blades does the 5800 can handle such processes?

Thank you very much.

0 Kudos
3 Replies
PhoneBoy
Admin
Admin
‎2019-02-12 10:08 PM

It could be that the interfaces tied to those cores are getting more of the traffic.

Might be worth giving this a watch:

TechTalk: Security Gateway Performance Optimization with Tim Hall

Note that IPS, AV, Anti-Bot, and Content Awareness all use the same engines as App Control and URL Filtering so I wouldn't expect a huge change in performance.

Anti-spam is also fairly lightweight.

0 Kudos
fatalXerror
Contributor
‎2019-02-12 10:31 PM
In response to PhoneBoy

Hi Dameon Welch-Abernathy‌,

How I can confirm if a specific interface is tied into a specific core?

Even if I enable SSL Inspection, the current performance will not be degraded?

Thanks

0 Kudos
PhoneBoy
Admin
Admin
‎2019-02-13 10:55 AM
In response to fatalXerror

To check core/interface affinity: sim affinity -l

SSL Inspection will definitely impact performance/overall throughout.

Depending on your exact requirements and traffic patterns, it could be substantial (more than 50%).

Might be worth consulting with your local Check Point SE for a more precise answer.