Checkpoint percentage of current connections
search cancel

Checkpoint percentage of current connections


Article ID: 187451


Updated On:


CA Infrastructure Management CA Performance Management - Usage and Administration DX NetOps


I'm looking to update the vendor cert to produce a percentage of current connections from the maximum allowed connections.  The problem is the Check Point devices do not respond to asgVSXConnLimit.  I would like to use a static value based on device model.  Can you provide suggestions on how to accomplish this?


CAPM 3.6


An extension was written for the CheckPoint Firewall Virtual System Connection (internal name: CheckpointFwVsxConnectionMib).

Here is the extension:

<DataModel xmlns:xsi="" namespace="" xsi:noNamespaceSchemaLocation="SNMPCertificationFacet.xsd">



                <FacetType name="CheckpointFwVsxCAMib" descriptorClass="">

                                <FacetOf namespace="" name="Item"/>



                                                <ExpressionGroup name="CheckpointFwVsxDS" destCert="{}NormalizedVirtualSvrSessionInfo">

                                                                <Expression destAttr="ConnectionsUtilization">

                                                                                Response = snmpGet("");

                                                                                Result = Response.getResult();

                                                                                Value = Result.getValue();

                                                                                maxLimit = 1;

                                                                                if((Value.toString().equals("")) || (Value.toString().equals("")) || (Value.toString().equals("")))


                                                                                                maxLimit = 5000000;




                                                                                                maxLimit = 200000;



                                                                                pctResult = (100*snmpProtectedDiv(vsxCountersConnNum,maxLimit));


                                                                                return pctResult;








Use a REST client of choice to do a POST method to http://da-hostname:8581/typecatalog/certifications/snmp/extension/CheckpointFwVsxConnectionMib

This extension of course can be tweaked to suit your needs

Additional Information

For more information: