The blog provides Network Security Tips, Tricks, How To/Procedures. Products and areas not limited to Firewalls, Security, Check Point, Cisco, Nokia IPSO, Crossbeam, SecurePlatform, SPLAT, IP Appliance, GAiA, Unix/Linux.
Home / Check Point / Firewall / Health Check / SecurePlatform (SPLAT) / Check Point - SecurePlatform (SPLAT) - Firewall Physical Health Check

Check Point - SecurePlatform (SPLAT) - Firewall Physical Health Check

, , ,

1. Date, System Uptime and Clock:

The system date and time can be verified using "clock" command.
[Expert@CP-SPLAT]# clock
Tue Sep 30 20:43:25 2014 -0.000203 seconds
[Expert@CP-SPLAT]#

The system uptime can be obtained by executing command "uptime".
[Expert@CP-SPLAT]# uptime
09:46:34 up 124 days, 9:40, 1 user, load average: 0.36, 0.19, 0.14
[Expert@CP-SPLAT]#

2. Disk Space:

The disk space usage can be reviewed using "df -k" command.
[Expert@CP-SPLAT]# df –k
Filesystem 1K-blocks    Used Available Use% Mounted on
/dev/sda5     600832  187800    382512  33%  /
none          600832  187800    382512  33%  /dev/pts
/dev/sda1     147766   10124    130013   8%  /boot
/dev/sda7    1541680  930324    533044  64%  /opt
none         2045688       0   2045688   0%  /dev/shm
/dev/sda6    1541680  593844    869524  41%  /sysimg
/dev/sda8   27024000 5472984  20178264  22%  /var
[Expert@CP-SPLAT]#

3. Physical RAM and SWAP Space:

The Physical RAM and SWAP space can be examined using "free -k -t" command.
[Expert@CP-SPLAT]# free –k -t
total used free shared buffers cached
Mem: 2058236 971332 1086904 0 95104 268984
-/+ buffers/cache: 607244 1450992
Swap: 4192944 0 4192944
Total: 6251180 971332 5279848
[Expert@CP-SPLAT]#

 

4. Memory Usage:

Hash kernel memory (hmem), System kernel memory (smem) & Kernel memory (kmem) can be analyzed using the command "fw clt pstat".
[Expert@CP-SPLAT]# fw ctl pstat | more
Machine Capacity Summary:
Memory used: 7% (128MB out of 1638MB) - below low watermark
Concurrent Connections: 21% (43253 out of 199900) - below low watermark
Aggressive Aging is not active

Hash kernel memory (hmem) statistics:
Total memory allocated: 142606336 bytes in 34782 4KB blocks using 34 pools
Initial memory allocated: 20971520 bytes (Hash memory extended by 121634816 bytes)
Memory allocation limit: 335544320 bytes using 512 pools
Total memory bytes used: 39254196 unused: 103352140 (72.47%) peak: 133739228
Total memory blocks used: 10335 unused: 24447 (70%) peak: 32795
Allocations: 3375437074 alloc, 0 failed alloc, 3375001310 free

System kernel memory (smem) statistics:
Total memory bytes used: 188577580 peak: 227270504
Blocking memory bytes used: 1958392 peak: 2205256
Non-Blocking memory bytes used: 186619188 peak: 225065248
Allocations: 979925174 alloc, 0 failed alloc, 979924513 free, 0 failed free

Kernel memory (kmem) statistics:
Total memory bytes used: 84876956 peak: 177110948
Allocations: 3375820431 alloc, 0 failed alloc, 3375384380 free, 0 failed free
External Allocations: 0 for packets, 31589936 for SXL
[Expert@CP-SPLAT]#

5. CPU:

CPU usage can be verified using the command "top".
[Expert@CP-SPLAT]# top

top - 20:43:03 up 1 day, 4:37, 1 user, load average: 1.01, 1.04, 1.01

Tasks: 179 total, 1 running, 178 sleeping, 0 stopped, 0 zombie

Cpu(s): 0.0%us, 0.0%sy, 0.0%ni, 99.8%id, 0.0%wa, 0.0%hi, 0.1%si, 0.0%st

Mem: 12281760k total, 3958088k used, 8323672k free, 279700k buffers

Swap: 27294424k total, 0k used, 27294424k free, 1316560k cached

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
8309 admin 15 0 214m 47m 23m S 1 0.4 3:57.20 cpd
6933 admin 15 0 0 0 0 S 0 0.0 5:29.53 fw_worker_0
1 admin 15 0 1972 720 624 S 0 0.0 0:02.03 init
2 admin RT -5 0 0 0 S 0 0.0 0:00.05 migration/0
3 admin 15 0 0 0 0 S 0 0.0 0:00.00 ksoftirqd/0
4 admin RT -5 0 0 0 S 0 0.0 0:00.00 watchdog/0
5 admin RT -5 0 0 0 S 0 0.0 0:00.01 migration/1
6 admin 15 0 0 0 0 S 0 0.0 0:00.00 ksoftirqd/1
7 admin RT -5 0 0 0 S 0 0.0 0:00.00 watchdog/1
8 admin RT -5 0 0 0 S 0 0.0 0:00.00 migration/2
9 admin 15 0 0 0 0 S 0 0.0 0:00.00 ksoftirqd/2
10 admin RT -5 0 0 0 S 0 0.0 0:00.00 watchdog/2
11 admin RT -5 0 0 0 S 0 0.0 0:00.00 migration/3
12 admin 15 0 0 0 0 S 0 0.0 0:00.00 ksoftirqd/3
13 admin RT -5 0 0 0 S 0 0.0 0:00.00 watchdog/3
14 admin RT -5 0 0 0 S 0 0.0 0:00.00 migration/4
[Expert@CP-SPLAT]#

6. Interface Statistics:

Interface statistics can be viewed with the command "netstat -i".
[Expert@CP-SPLAT]# netstat -i
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 29597525 0 0 0 42570398 0 0 0 BMRU
eth1 1500 0 1032315302 0 3976 0 1615311511 0 0 0 BMRU
eth2 1500 0 1624715902 0 12111 0 1025019332 0 0 0 BMRU
eth6 1500 0 26828076 0 0 0 477906370 0 0 0 BMRU
lo 16436 0 5922470 0 0 0 5922470 0 0 0 LRU
[Expert@CP-SPLAT]#

 

7. Fragmentation:

Excessive fragmentation will have a detrimental impact on the firewall's performance. When packets are fragmented by the network the kernel may receive them out of order. The kernel has to wait until it has received all the fragments before it can re-assemble the fragments and then inspect the re-assembled packet. Fragmented traffic can not be accelerated by the performance pack (SecureXL).

The fragmentation level can be verified using the command "fw ctl pstat".
Truncated output:
Fragments:
130963 fragments, 64066 packets, 2337 expired, 0 short,
4 large, 304 duplicates, 0 failures

Check Point - SecurePlatform (SPLAT) - Firewall Physical Health Check Check Point - SecurePlatform (SPLAT) - Firewall Physical Health Check Reviewed by Admin on 16:30:00 Rating: 5