Memory is used by distributed firewall internal data structures, and can be configured for CPU, RAM and connections per second.

Each ESXi host is configured with three threshold parameters for DFW resource utilization: CPU, RAM, and connections per second (CPS). An alarm is raised if the respective threshold is crossed 20 consecutive times during a 200-second period. A sample is taken every 10 seconds.

100 percent of CPU corresponds to the total CPU available on the host.

100 percent of RAM corresponds to the memory allocated for distributed firewall ("total max size"), which is dependent on the total amount of RAM installed in the host.

Table 1. Total Max Size

Physical Memory

Total Max Size (MB)

0 - 8GB


8GB - 32GB


32GB - 64GB


64GB - 96GB


96GB - 128GB




The memory is used by distributed firewall internal data structures, which include filters, rules, containers, connection states, discovered IPs, and drop flows. These parameters can be manipulated using the following API call:


Request body: