See this post Memory status shows red color on management server for the beginning of this thread and the relevant screenshots.
I'm posting here to have clues to understand why memory is swapping on our active gateway.
We have a cluster of two 5400 appliances and one SMS server to handle the management, logging and monitoring.
These gateways are new and running for 2 weeks now (we were not on Check Point before) and we observe recently some swapping on the active gateway, after days of continuous growth of memory consumption (about 2% by day). After 80%, The SMS showed memory consumption in red color. Running top command on the active gateway and sorting on memory (hitting M) shows that the wstlsd process is consuming (or reserving ?) a fair amount of memory. And this amount consumed seems to stay at the same level at night or during non-business days.
Running a "show version all" on the active gateway gives:
Product version Check Point Gaia R80.10
OS Build 462
OS kernel version 2.6.18-92cpx86_64
OS edition 64-bit
We have both HTTPS inspection AND "Categorize HTTPS sites" enabled in AC & URL filtering (I understood that the latter is not working if the former is enabled). The vast majority of https traffic is by now bypassed and we are in the process of gradually deploying root certicate on computers to actively inspect the ssl connections.
To my knowledge, the result of tha command "sar -W" (screenshot taken today) tend to show that the system is actively swapping .
Is the wstlsd process allocating memory even if it does not use it ? Is it possible to have a list of the connections handled by this process ?