- Products
- Learn
- Local User Groups
- Partners
- More
Stop Babysitting Rules.
Go Agentic
Step Into the Future of
AI-Powered Cyber Security
The State of Ransomware Q1 2026
Key Trends and Their Impact
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
Blueprint Architecture for Securing
The AI Factory & AI Data Center
Call For Papers
Your Expertise. Our Stage
CheckMates Go:
CheckMates Fest
Do you have Policy-Based Routing enabled? There is a known problem with PBR and Active Streaming: sk183194: Slow web browsing to the Internet and download of files is stuck
Also make sure that OCSP and CRL Retrieval are working: Unreached OCSP - causes serious lag
If you have persistent high latency for Internet traffic, there was an issue with Active Streaming where it would not allow the TCP window to scale up far enough to counteract the high latency, but that should have been fixed awhile ago: HTTPS Inspection Limiting TCP receive window to 262144 bytes and limiting throughput of tcp stream
Also be very sure you are NOT using "Any" in the Destination or Services fields of any HTTPS Inspection rules, as this will drag huge amounts of traffic into Active Streaming that should not be there.
Finally you may need to do some tuning of Active Streaming by adjusting the variable cpas_max_burst among others as mentioned here: https://community.checkpoint.com/t5/Security-Gateways/81-20-Performance-CPU-issue/m-p/214709#M40990
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
