1. Top 3 blades in descending order of performance impact: HTTPS Inspection, IPS, Anti-Virus; although the amount of impact is heavily influenced by how these blades are configured
2. Inactive obviously has the lowest overhead, followed by Prevent. Detect causes the highest overhead and should be avoided long-term if possible, especially on Protections/Signatures with a Performance Impact rating of Critical or High.
3. If you are already around 90%, I'd recommend against enabling any more blades, especially the 3 blades I mentioned above. The correct approach would be to attempt optimization of your firewall's existing configuration or add new CPU cores to hopefully lower the overall CPU usage to a point where there is sufficient headroom to enable new features, 50% would be ideal if possible.
4. In general if CPU utilization reaches 100%, latency will begin to increase. If it gets high enough packet loss can begin to occur at various points while attempting to traverse the firewall. If memory utilization reaches 100% new connections may be denied for lack of resources and there are likely to be many other issues as well.
Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com