Manuals / Brands / Computer Equipment / Software / HP / Computer Equipment / Software

HP Host Intrusion Detection System (HIDS) Appendix A – CPU Consumption

1 20

Download 20 pages, 391.92 Kb

Appendix A – CPU Consumption

The charts below show the CPU consumption of all HIDS processes for various systems when an artificially created rate of system call audit records (events) are applied on the system and when certain HIDS templates are running. The “File Templates” include the “Modification of Files/Directories, “Creation of world-writable files,” “Creation and modification of SETUID files,” “Modification of another user’s files”, and “Changes to log files.” The “RC Template” is the “Race Condition” template.

To measure the average system call audit event rate on a system, you must run the idscor process with the “-t” option while running any of the file related templates. The idscor –t option is not supported by HIDS v3.1 and a special v3.1 version of idscor along with documentation must be obtained through technical support. The –t option will be documented and available starting with HIDS v4.0.

HP Company Internal

Page 12 of 20

Contents

Page Legal Notices Warranty Restricted Rights Legend Copyright Notices Contents 4.0 REFERENCE DOCUMENTS/ WEB SITES APPENDIX A – CPU CONSUMPTION CPU Consumption on PA Processors CPU Consumption on Itanium Processors 1.1Product Identification 1.2 Purpose of Document 1.2 Intended Audience 1.3 Glossary 2.0OVERVIEW 2.1Product Overview 2.2 HP-UXHIDS Deployments 2.3 Sizing and Tuning Overview 3.0Sizing and Tuning Recommendations 3.1Sizing Guidelines 3.1.1 Single vs. Multi-Processor 3.1.2 Number of CPUs 3.1.3 Memory 3.2 Tuning Considerations 3.2.1 Product Tuning 3.2.1.1.1 Background 3.2.1.1.2 Avoid duplicate copies of a template 3.2.1.1.3 Avoid duplicate groups with overlapping functionality 3.2.2 Kernel Tuning 3.2.2.1.1 System performance over security 3.2.2.1.2 Security over system performance 3.2.2.1.3 How to change from non-blockingto blocking mode detect 3.2.2.2.5executable_stack 3.2.2.2.6maxdsiz 4.0 Reference Documents/ Web sites Appendix A – CPU Consumption CPU Consumption on PA Processors 2 Way PA CPU % 4 Way PA 8 Way PA Event/sec 16 Way PA CPU Consumption on Itanium Processors 2 Way IA 4 Way IA 8 Way IA 16 Way IA Appendix B – Resident Memory Consumption Page Memory Consumption on Itanium Processors 2 Way IA