During regular firewall health check , I found one Check Point firewall cluster has a abnormal virtual memory usage from System Counters - System History view. The cluster is 5600 Security Appliance.It looks the memory usage is going up significantly recently. There is no recent changes on hardware, software and configuration except normal firewall changes. I am afraid of Check Point gateway will freeze after this counter reached certain high number based on some SKs such as sk66482, sk110362,
sk35496 lists a bunch of methods how to detect memory leak. In my this specific case, the fix was simple, just installed a latest Jumbo Hotfix 205 for R77.30.
Sympotoms:
Here are some screenshots I took from Smartview Monitor
 |
| System Memory Going High for last 30 days |
 |
| System Memory Going High for six months |
Solution:
Suggestion I got from Check Point is to apply latest Jumbo Hotfix 205 rather than existing Jumbo Hotfix 159.
 | |
|
 |
| Patch/Hotfix Installation Failed |
 |
| Uninstall Hotfix Failed |
I had another post regarding "How to uninstall a CheckPoint Hotfix after a failed installation". But in this case, the cause is hotfix for sk112829 is installed after Jumbo Hotfix 159 applied. After I uninstalled Hotfix for SK112829, uninstall Jumbo Hotfix 159 was able to complete. Also Installation Jumbo Hotfix 205 was successful too.
 |
| Uninstall Successed |
Waited a couple of days , I checked the used virtual memory is normal now.
 |
| Memory High Issue Fixed |
Reference:
- Security Gateway freezes due to memory leak (simi_mem_halloc , uc_hits_htab , uc_cache_htab)
- Memory leak on loaded Security Gateway with UserCheck rules in the policy
- Memory usage constantly increases on Security Gateway without results from memory leak detection procedure (sk35496)
No comments:
Post a Comment