This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Timothy_Hall
MVP Gold
MVP Gold
‎2021-07-13 06:33 AM
In response to Amir_Arama

Bypass Under Load: On

The F2F percentage remains low because IPS is still off, but was disabled by the Bypass under Load feature.  This feature does not work correctly in today's world of multi-core firewalls, as it will disable IPS on all cores even if only one of them is above the high watermark for CPU use due to an elephant flow.  Disable the Bypass under Load feature and the high F2F should return.

SecureXL is properly handling your SYN Flood protection.

You probably need to disable the Small PMTU signature to start with and see how that affects F2F.  Although Phoneboy said it only disables SecureXL templating and not throughput acceleration, I'm not sure if that is correct.

If still high F2F, next you need to examine your IPS protections and sort them by performance impact rating.  Try disabling any IPS protections with a performance impact of Critical.  Do the same thing with Inspection Settings, sort them by performance impact and disable any that are Critical unless you really need them.  This procedure is covered on pages 359-363 of the third edition of my book and should make a big difference.

New Book: "Max Power 2026" Coming Soon
Check Point Firewall Performance Optimization

View solution in original post

(1)
Who rated this post