[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] HTTP Security Server Performance with ~1800 connections
I am still struggling with high CPU use by the HTTP security servers. I have been working with Checkpoint Israel for months and they are stumped. The only solution offered is to throw a bigger (more cpu) server in place of what I have. But I'm not convinced that would be a solution as the number of connections running through this firewall don't appear to justify more hardware. I have about 3500 workstations sitting behind a 2 processor, 500mhz server with 768mb of ram, running CP 4.1 (SP3) on NT 4.0, SP6a. I've charted the values of the connections table every 15 seconds for weeks. With no security servers involved we average 1800 or so connections. Most of our traffic is HTTP. When I enable the HTTP security servers (i'm running one on each processor) after about 10 minutes both processors max out at 100% utiliazation and performance on the firewall goes down the drain. Looking at task manager it is the individual security server processes that are consuming all CPU. Is anyone running this amount of workstations or connections thru their firewall? Are you using the security servers? What processor, memory configuration are you running? ---------------------------------------------------------------------------------------- Greg Winkler Systems Manager, IT&S Huntsman Corporation Internet Mail: [email protected] Voice:Fax:================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|