After watching the excellent webinar of Tim Hall's 'Security Gateway Performance Optimization' I'm sure you have tried all seven commands on your security gateway. The results might have been satisfying or you realized that you have a job to do with optimization.
SXL (Accelerated Path)
PXL (Medium Path)
F2F (Firewall Path/slowpath)
Goal: process traffic in most efficient path possible. (SXL->PXL->F2F).
Real world: Most traffic in medium path (PXL). Why? "Deep inspection" by blades like Application/URL filtering, Threat prevention (IPS, Threat emulation, Threat extraction, Anti-Bot, Anti-Virus) and https inspection. Now with all these blades enabled (or some) how much is it really possible to accelerate through SXL in percentage? A nice way to find out that is to hear from CP administrators in this community. Also if you have some impressive stats tell us what your main tuning steps were. What is the output when you run this command?
fwaccel stats -s
Along with the output above it would be interesting to know this also:
CPU cores: number of SND/IRQ cores and Firewall worker cores.