Security Gateway randomly reboots when IPS or SecureXL is enabled

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk93308
Technical Level
Product	IPS, SecureXL, Security Gateway
Version	R75.40, R75.40VS, R75.45, R75.46, R76
OS	Gaia, SecurePlatform 2.6, Linux
Platform / Model	All
Date Created	24-Jun-2013
Last Modified	16-Jul-2015

Symptoms

Security Gateway (Open Server / Check Point Appliance) randomly reboots due to memory leaks when IPS or SecureXL is enabled.
Memory consumption continuously grows (which can be seen by running 'fw ctl pstat' command and inspecting the 'Machine Capacity Summary - Memory used' output).
New connections are being dropped when the kernel memory allocated to the Firewall reaches its full capacity (which can be seen by running 'fw ctl pstat' command and inspecting the 'Machine Capacity Summary - Memory used' output).

Cause

There are a few possible causes for this issue:

In R75.40VS, when SecureXL is enabled, the mechanism in charge of inspecting connections and checking whether they already exist in the Connections Table can cause memory leaks.
When IPS is enabled, several IPS protections cause memory not to be freed.
There is a kernel table that holds the IPS information for each connection. Sometimes, when the connection ends, its information is not removed from the table, causing a memory leak.

Solution

Note: To view this solution you need to Sign In .