Maximizing Network Performance and Redundancy
Next Generation Security Gateway Guide R80.20 | 239
Number of CPU Cores Number of CoreXL FW Instances
6-20 Number of CPU cores, minus 2
More than 20 Number of CPU cores, minus 4.
Up to a total of 40 CoreXL FW instances.
CoreXL FW instances can be IPv4 or IPv6.
Configuring CoreXL
Note - In cluster, you must perform these steps on
each
cluster member.
To enable/disable CoreXL:
Connect to the command line on Security Gateway.
Log in.
Run: cpconfig
Select Configure Check Point CoreXL.
Enable or disable CoreXL.
Reboot the Security Gateway.
To configure the number of CoreXL FW instances:
Connect to the command line on Security Gateway.
Log in.
Run: cpconfig
Select Configure Check Point CoreXL.
If CoreXL is enabled, enter the number of CoreXL FW instances.
If CoreXL is disabled, enable CoreXL and then set the number of CoreXL FW instances.
Reboot the Security Gateway.
To Learn More About CoreXL
To learn more about CoreXL, see the
R80.20 Performance Tuning Administration Guide
https://sc1.checkpoint.com/documents/R80.20_GA/WebAdminGuides/EN/CP_R80.20_Performanc
eTuning_AdminGuide/html_frameset.htm.
About SecureXL
SecureXL is an acceleration solution that maximizes performance of the Firewall and does not
compromise security. When SecureXL is enabled on a gateway, some CPU intensive operations
are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and
process connections more efficiently and accelerate throughput and connection rates. These are
the SecureXL traffic flows:
• Accelerated path - Packets and connections that are processed immediately by SecureXL and
are not processed by the Firewall.
• Medium path - Packets that require deeper inspection. It is not necessary for the Firewall to
inspect these packets, they can be offloaded and do not use the slow path. For example,
packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the
To Next Page
