Maximum Supported Items
This section provides the maximum supported numbers for various hardware and software items.
Management Server
Item |
Maximum Number |
Hard Limit |
Comment |
|||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Network objects in all Domains |
1,000,000 |
Yes |
This applies to objects of these types - Security Gateway |
|||||||||||||||
Network objects in each Domain |
100,000 |
No |
|
|||||||||||||||
Security Gateway objects in each Domain |
250 and 500 |
No |
To make sure the Management Server The maximum supported number of the managed Security Gateways and Cluster Members depends on the installed RAM and the number of CPU cores on the Management Server:
|
|||||||||||||||
Objects in each Group object |
12,000 |
Yes |
|
|||||||||||||||
Rules in each policy |
28,000 |
Yes |
To ensure optimal Security Gateway responsiveness, we recommend configuring a maximum of 20,000 rules in a policy. While the Security Gateway can support more rules than 20,000 rules, the smaller the number of rules in the installed policy, the more responsive the Security Gateway is. |
|||||||||||||||
Changes in one session |
100 |
No |
To ensure optimal Management Server responsiveness, we recommend making 100 or fewer changes in each session (although the Management Server can support more than 500 changes at a time). |
|||||||||||||||
Interfaces in each Security Gateway |
200 |
No |
To ensure optimal SmartConsole If the Security Gateway object contains more interfaces, use the applicable Management API to configure interfaces. See the Check Point Management API Reference. To ensure optimal API responsiveness, we recommend configuring a maximum of 600 interfaces with API. |
|||||||||||||||
Layers in Access Control Policy |
251 |
Yes |
The maximum number of Policy Layers in an Access Control Policy is 251. |
Sizing Recommendations for Check Point Management Server
See sk178325.
Maximum Supported Number of Interfaces on Security Gateway
The maximum number of interfaces supported (physical and virtual) is shown in this table.
Maximum Supported Number of Cluster Members
Cluster Type |
Maximum Supported Number of Cluster Members |
---|---|
ClusterXL High Availability or Load Sharing |
5 |
ClusterXL Active-Active |
4 |
ElasticXL |
3 on each Site (6 in total in Dual Site) |
Geo Cluster |
2 |
Virtual System Load Sharing |
13 |