First off, AV Deep Scanning invokes components that were created by Kaspersky Labs:
sk118539: How to disable and remove Kaspersky Labs components from Check Point Security Gateway
From a performance perspective, deep scanning invokes additional inspection that takes place outside the kernel of the firewall in process space. Any trip between the firewall's kernel and process space will cause a fair amount of extra overhead, I refer to these trips as the firewall's "fourth path" (in addition to SXL, PXL, F2F).
--
My book "Max Power: Check Point Firewall Performance Optimization"
now available via http://maxpowerfirewalls.com.
Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com