|
|
|
Check Point categorizes the performance impact of protections based on the industry standard estimation of network traffic, and emphasizes protocols such as HTTP, DNS, and SMTP. In addition, you can measure the actual performance impact of the protections and then disable the ones that use too much CPU.
Use the applicable command in Expert mode to gather statistics about protections impact:
get_ips_statistics.sh fw ctl sdstat Carefully review protections that use more than 1% load. If problems persist, send the pm_stats data to your Check Point resources (Technical Support, Professional Services or Managed Security Service) for additional analysis.
For more on monitoring performance impact, see sk43733.