Enis Dunic

Show me yours

Discussion created by Enis Dunic on Oct 3, 2018
Latest reply on Oct 4, 2018 by Valeri Loukine

Hi everyone,


After watching the excellent webinar of Tim Hall's 'Security Gateway Performance Optimization' I'm sure you have tried all seven commands on your security gateway. The results might have been satisfying or you realized that you have a job to do with optimization. 


Three paths:

SXL (Accelerated Path)
PXL (Medium Path)
F2F (Firewall Path/slowpath)


Goal: process traffic in most efficient path possible. (SXL->PXL->F2F). 

Real world: Most traffic in medium path (PXL). Why? "Deep inspection" by blades like Application/URL filtering, Threat prevention (IPS, Threat emulation, Threat extraction, Anti-Bot, Anti-Virus) and https inspection. Now with all these blades enabled (or some) how much is it really possible to accelerate through SXL in percentage? A nice way to find out that is to hear from CP administrators in this community. Also if you have some impressive stats tell us what your main tuning steps were. What is the output when you run this command?


                  fwaccel stats -s


Along with the output above it would be interesting to know this also:

Blades enabled: 

CPU cores: number of SND/IRQ cores and Firewall worker cores.