Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
_Zoro
Explorer

Checkpoint needs too many resources

Good Day 

I wanted to ask if anyone has had the same problem and found a solution.

We have servers with 2 core and 4 GB ram because they don't need more.

Since checkpoint has been installed, the server is constantly running at full capacity and it is becoming difficult to work on it.

Can I create policies that don't use so many resources?

Best Regards 

 

0 Kudos
10 Replies
Lesley
Advisor
Advisor

Makes sense to me if you run 2 core system with 4 GB ram. My phone has more 😉

These are the client hardware requirements for R88.X.

Also not the mention that we do not know what is running on this server and why it is high on load.

Security in general will cost performance. 

Client Hardware Requirements
The minimum hardware requirements for client computers to run the Total Endpoint Security
Package are:
 2 GB RAM
 2 GB free disk space
The recommended hardware requirements for client computers to run the Total Endpoint
Security Package are:
 8 GB RAM
 6 GB free disk space

-------
If you like this post please give a thumbs up(kudo)! 🙂
0 Kudos
_Zoro
Explorer

Hello

I am very aware that your smartphone has more power 😉 But your phone also has to run more processes than the servers which have only 4 gb ram and 2 cores. For the services we need on the server, 4GB ram is completely sufficient.

Even servers with 16 GB ram are used to capacity, even if only 8 GB is required by the other processes.

The question is whether it is possible to create a policy for servers with few resources, where checkpoint does not need so many resources.

For example, as with other anti-virus solutions, you could set that no more than 40% of the CPU power can be used for checkpoint.

This option is not available, but is there another possibility?

Thanks for your help 🙂 




0 Kudos
Vincent_Bacher
Advisor
Advisor

In order to even begin to guess what this is about, some information about your installation is missing.
Which blades are you using, which release is running on the "server", which server is it exactly? The clocking of the cores, for example, is very interesting.
How many policies are defined in the policy package, how much traffic is running via the "server" etc etc etc.

Is it even a gateway or a management server?

Questions upon questions.

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos
_Zoro
Explorer

Good Day 

The Installed blades are: Anti-Maleware, Anti- Bot and URL Filtering, Anti-Ransomware Behavioral Guard and Forensics, Threat Emulation and Anti-Exploit, Compliance and Posture. 

Wich server is it exactly: Windows Server 2022 Standart / Build 20348
Clocking of the CPU: 2 Core, 2.45 GHz 
Its a Managemnt server. 

The server in the example is a VM with 8 GB Ram. 
Sometime he Runs with 38 % CPU power even the scan is scheduled for 12:00pm an hes uses at 10:25 38% 
Traffic send: 400 Kbps
Receive: 240 
(The most time the traffic is below the data i shared) 

Hope this helps 

0 Kudos
Vincent_Bacher
Advisor
Advisor

So this is an Endpoint Management Server or what? The details are confusing me. 😄

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos
_Zoro
Explorer

Hello

Sorry for the confusion.

The server is a management server for our internal infrastructure.

Checkpoint harmony runs on the server as an antivirus solution.

 

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Ask CP TAC what to exclude/disable on the EPS client !

CCSE / CCTE / CCME / CCSM Elite / SMB Specialist
0 Kudos
Alex-
Leader Leader
Leader

When you create a policy, you can define on the right if it's to be optimised for server functions like mail, sql, print, file services and so on.

This might be relevant to your implementation.

0 Kudos
Lesley
Advisor
Advisor

What blades you have enabled on the Endpoint and version? For example you can tweak the anti-malware scan:

https://support.checkpoint.com/results/sk/sk180691

If you need to collect performance data for example TAC case:

https://support.checkpoint.com/results/sk/sk161454

https://support.checkpoint.com/results/sk/sk181364

 

-------
If you like this post please give a thumbs up(kudo)! 🙂
0 Kudos
Mitja-S3NEXT
Contributor

A few server performance recommendations:

- configure policy under Threat Prevention - Endpoint for Server optimization from OFF to ON

- under the Behavioral Protection set Anti-Exploit Mode to OFF

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events