Contents |
|
|
1.1 PRODUCT IDENTIFICATION | 4 | |
1.2 PURPOSE OF DOCUMENT | 4 | |
1.2 INTENDED AUDIENCE | 4 | |
1.3 GLOSSARY | 4 | |
2.0 OVERVIEW | 5 | |
2.1 PRODUCT OVERVIEW | 5 | |
2.2 | 5 | |
2.3 SIZING AND TUNING OVERVIEW | 5 | |
3.0 SIZING AND TUNING RECOMMENDATIONS | 6 | |
3.1 SIZING GUIDELINES | 6 | |
3.1.1 Single vs. | 6 | |
3.1.2 Number of CPUs | 6 | |
3.1.3 Memory | 6 | |
3.1.4 Disk Capacity | 7 | |
3.2 TUNING CONSIDERATIONS | 7 | |
3.2.1 Product Tuning | 7 | |
3.2.1.1 Tuning the Surveillance Schedules | 7 | |
3.2.1.1.1 Background | 7 | |
3.2.1.1.2 Avoid duplicate copies of a template | 7 | |
3.2.1.1.3 Avoid duplicate groups with overlapping functionality | 7 | |
3.2.1.1.4 Race Condition Template | 8 | |
3.2.1.2 Tuning Process Priority | 8 | |
3.2.1.3 Tuning the HIDS System Manager (GUI) | 8 | |
3.2.2 Kernel Tuning | 8 | |
3.2.2.1 Tuning the Kernel Audit System (IDDS) | 8 | |
3.2.2.1.1 System performance over security | 9 | |
3.2.2.1.2 Security over system performance | 9 | |
3.2.2.1.3 How to change from | 9 | |
3.2.2.2 Kernel Tunables | 9 | |
3.2.2.2.1 enable_idds | 9 | |
3.2.2.2.2 max_thread_proc | 9 | |
3.2.2.2.3 tcp_conn_request_max | 9 | |
3.2.2.2.4 secure_sid_scripts | 9 | |
3.2.2.2.5 executable_stack | 10 | |
3.2.2.2.6 maxdsiz | 10 | |
3.2.2.3 Swap | 10 | |
4.0 REFERENCE DOCUMENTS/ WEB SITES | 11 | |
APPENDIX A – CPU CONSUMPTION | 12 | |
CPU Consumption on PA Processors | 13 | |
CPU Consumption on Itanium Processors | 15 | |
APPENDIX B – RESIDENT MEMORY CONSUMPTION | 17 | |
Memory Consumption on PA Processors | 17 | |
Memory Consumption on Itanium Processors | 19 | |
HP Company Internal | Page 3 of 20 |
|