- Products
- Learn
- Local User Groups
- Partners
-
More
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
IDC Spotlight -
Uplevel The SOC
Important! R80 and R80.10
End Of Support around the corner (May 2021)
So we are running CP gateways on Dell servers, which are usually having two physical CPU with 8/14/16 cores. Only few gateways are having 8 or 16 cores license applied. For example 8 core license is applied on 28 core system, which means that those 8 CP cores (CPU0-7) are assigned only to one physical CPU. In case that in BIOS i'll set amount of cores on each CPU to have only 4 cores, it will then utilise both physical CPU's and running CPU 0-3 on CPU1 and CPU 4-7 on CPU2.
Did somebody using this approach on open servers?
I'm also using this approach as the number of licensed CPU cores should match the number of physical CPU cores seen by the system. In case you don't limit the number of physical CPU cores to the licensed number you can't trust CPU performance monitoring, which means you can't rely on what SmartView Monitoring, cpview and Check Point Healthcheck is showing.
where is mentioned that it must match?
Licensing asside, what are you hoping to achieve with this configuration?
With reducing amount of cores per CPU, it should have a slightly better performance i guess, when it will be using both physical CPU's
We are using Nagios XI and custom scripts written to collect (snmp,ssh) and present all needed data.
Agree with Danny here, having a mismatch between number of physical vs. licensed cores on open hardware can also cause what I call the trial license "core crunch" in my book, where many different Firewall Worker instances fight each other for the few licensed cores. Result: they all lose, at least performance-wise.
--
CheckMates Break Out Sessions Speaker
CPX 2019 Las Vegas & Vienna - Tuesday@13:30
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY