- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
I would bump it to 250k or more. The point of the hard connections table limit is to protect other VSs on the system from resource exhaustion attacks against one VS. That is, if someone tries to fill up the connections table of your Internet VS, they won't also take down your interior VSs or the VS handling a second Internet connection. Ever since R67 (the first version to move to the 2.6 kernel), the connections table has been able to use many gigabytes of space, so the practical limit for the whole box is generally in the tens of millions of connections.
Unless you're running a hundred VSs on a box, or you're running with very little RAM, tiny tables don't protect you from anything. Instead, they just shoot you in the foot like this over and over as load increases.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY