Check Point Alert of the Week: High firewall kernel memory usage has been measured

This is a real life sample alert from indeni.

Description:

The firewall kernel memory usage has crossed the high threshold. It is now at 80.0%.

Manual Remediation Steps:

On open servers, you can install more memory. However, the maximum amount of memory that can be used by the kernel is 2 GB.
You can decrease the TCP end timeout.
You can decrease the number of concurrent connections to reduce memory consumption.
We also suggest reading SK33781.

How does this alert work?

indeni analyzes the output from “fw ctl pstat” on a regular basis.

Interested in learning more? Download for free the official indeni guide to Preemptive Maintenance of Check Point Firewalls.

Support for Palo Alto Networks Firewalls + Ignite 2016

The firewall market has been on fire (no pun intended) for several years now. The latest security incidents and the need for better solutions have resulted in innovation coming from most of the large firewall vendors. It also resulted in a startup, that just until a few years ago was considered a new entrant and unknown to most.

That startup is now a public company with tens of thousands of customers. That startup is Palo Alto Networks.

For us at indeni, it’s always incredible to watch what’s going on in the market. We strive to partner with all the manufacturers and provide preemptive maintenance for every single network device out there. It puts us in the interesting situation of seeing what’s going on, what customers are saying and who is deploying what (and in some cases, what they are replacing).

It truly is amazing.

As we’ve seen increased demand from the market to support Palo Alto Networks, we’ve decided it’s time to get it done. Palo Alto Networks have made a huge mark and are growing at an amazing pace, I must say that watching them is inspiring.

Therefore, I’m pleased to announce that support for Palo Alto Networks firewalls will be added to indeni in time for Ignite 2015. We will be there, look for us in the aptly named Innovation Alley.

 

Possible multicast or broadcast loop on SFP NICs detected: F5 Alert of the Week

This is a real life sample alert from indeni for F5 Load Balancing Methods

Description:

According to F5’s SOL14455, SFP NICs on this OS version may cause a broadcast / multicast loop.

Manual Remediation Steps:

Review your settings to determine if this is an actual issue on your system. Please read SOL14455.

How does this alert work?

indeni checks to see if this device is using SFP NICs (that are UP) and is running versions 11.2.1 or 11.3.0 or 11.4.0. If it is, an alert is issued.

Check Point Alert of the Week: Potential high latency on SFP cards

This is a real life sample alert from indeni.

Description:

The Tx queue batch size on this device is: 1. A too high Tx queue batch size may increase latency. This can be a severe issue for applications that are sensitive to high latency.

Manual Remediation Steps:

For more information on this issue please review SK61222.

How does this alert work?

indeni will pull the TX queue’s batch size and alert if it’s above 1.

Interested in learning more? Download for free the official indeni guide to Preemptive Maintenance of Check Point Firewalls. Just fill out the form below:

[ninja_form id=5]