If SecureXL is disabled, that means none of incoming traffic will go through an accelerated path. Indeni will alert as a result.
Run “fwaccel stat” on a specific VS for more information and root cause.
name: chkp-fw-accel-stat-vsx description: Get securexl status information type: monitoring monitoring_interval: 5 minutes requires: vendor: checkpoint role-firewall: 'true' vsx: 'true' comments: securexl-status: why: | To check the status of the SecureXL mechanism. SecureXL not fucntioning can have adverse effect on perfromance of the gateway how: | By running the command "fwaccel stat" the status of secureXL can be retrived can-with-snmp: false can-with-syslog: false securexl-disabled-from-rule: why: | To check the status of the SecureXL mechanism and also check if the SecureXL not fucntioning from a specific rule. how: | By running the command "fwaccel stat" the status of secureXL can be retrived and can be checked from which Rule it is disabled. can-with-snmp: false can-with-syslog: false steps: - run: type: SSH file: fwaccel-stat-vsx.remote.1.bash parse: type: AWK file: fwaccel-stat-vsx.parser.1.awk
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/checkpoint/CheckPointSecureXLDisabledVsxRule.scala