This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Timothy_Hall
MVP Gold
MVP Gold
‎2025-05-08 05:35 AM

Do you have Policy-Based Routing enabled?  There is a known problem with PBR and Active Streaming: sk183194: Slow web browsing to the Internet and download of files is stuck

Also make sure that OCSP and CRL Retrieval are working: Unreached OCSP - causes serious lag

If you have persistent high latency for Internet traffic, there was an issue with Active Streaming where it would not allow the TCP window to scale up far enough to counteract the high latency, but that should have been fixed awhile ago: HTTPS Inspection Limiting TCP receive window to 262144 bytes and limiting throughput of tcp stream

Also be very sure you are NOT using "Any" in the Destination or Services fields of any HTTPS Inspection rules, as this will drag huge amounts of traffic into Active Streaming that should not be there.

Finally you may need to do some tuning of Active Streaming by adjusting the variable cpas_max_burst among others as mentioned here: https://community.checkpoint.com/t5/Security-Gateways/81-20-Performance-CPU-issue/m-p/214709#M40990

Gaia 4.18 (R82) Immersion Tips, Tricks, & Best Practices Video Course
Now Available at https://shadowpeak.com/gaia4-18-immersion-course

View solution in original post

(1)
Who rated this post