- Products
- Learn
- Local User Groups
- Partners
- More
This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
- Products
- Learn
- Local User Groups
- Upcoming Events
- Americas
- EMEA
- Czech Republic and Slovakia
- Denmark
- Netherlands
- Germany
- Sweden
- United Kingdom and Ireland
- France
- Spain
- Norway
- Ukraine
- Baltics and Finland
- Greece
- Portugal
- Austria
- Kazakhstan and CIS
- Switzerland
- Romania
- Turkey
- Belarus
- Belgium & Luxembourg
- Russia
- Poland
- Georgia
- DACH - Germany, Austria and Switzerland
- Iberia
- Africa
- Adriatics Region
- Eastern Africa
- Israel
- Nordics
- Middle East and Africa
- Balkans
- Italy
- Bulgaria
- Cyprus
- APAC
- Partners
- More
- ABOUT CHECKMATES & FAQ
- Sign In
- Leaderboard
- Events
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Who rated this post
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
R80.x - Performance Tuning Tip - SND vs. CoreXL
| CoreXL vs. SND |
|---|
CPU cores are divided into two groups: SND (SecureXL) and Firewall instances (CoreXL). Each group handles different tasks.
Tasks distribution:
| Task | R80.10 | R80.20+ |
| Soft IRQ processing | SND | SND |
| Multi-Queue | SND | SND |
| TPUT acceleration & Path determination | SND | Firewall |
| Accept templates matching (new connection) & offload to SecureXL | SND | Firewall |
| Nat templates matching (new connection) & offload to SecureXL | SND | Firewall |
| SecureXL/Acceleration path packet handling | SND | SND |
| Dynamic dispatcher | SND | SND |
| Fragmentation - IP fragments always sent F2F | SND | N/A |
| Fragmentation - Virtual reassembly of IP fragments (non-accelerated) | Firewall | Firewall |
| Fragmentation - Virtual reassembly of IP fragments (accelerated) | Firewall | SND |
| QoS - Traffic handling (non-accelerated) | Firewall | Firewall |
| QoS - Traffic handling (accelerated) | Firewall | SND |
| Rule base matching (non-accelerated) | Firewall | Firewall |
| Rule base matching (accelerated) | N/A | SND |
| PSLXL path packets handling | Firewall | Firewall |
| F2F path + CPAS | Firewall | Firewall |
| PSLXL, CPASXL paths | Firewall | Firewall |
| Priority queue (when enabled) | Firewall | Firewall |
| VPN (accelerated) | SND | SND |
| VPN (fragmented, compression, HMAC-SHA384, L2TP, Multicast IPsec (GDOI), flagged with accounting) | Firewall | Firewall |
| SSL, SNX tunnel, Mobile Access Portal | Firewall | Firewall |
Tip:
- CPU cores are divided into two groups: SND and Firewall instances. Each group handles different tasks.
- When one or both groups is/are stressed, the machine cannot function properly.
- Each group can get highly stressed for different reasons.
- It is important to identify which group is the bottleneck in order to track the source of the problem. For more information, refer to sk98348).
➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
©1994-2025 Check Point Software Technologies Ltd. All rights reserved.
Copyright
Privacy Policy
About Us
UserCenter