OF the following, which is NOT a kernel parameter relating to the IPS “Bypass Under Load” settings:
A. ids_limit_stress
B. ids_timeout
C. ids_tolerance_no_stress
D. ids_assume_stress
Explanation:
One Comment on “OF the following, which is NOT a kernel parameter relating to the IPS “Bypass Under Load” settings:”
Sidzasays:
Kernel Parameter Values and Description
ids_assume_stress
Accepted values:
0 = no assumptions by IDS mechanism
1 = IDS mechanism assumes that the Security Gateway is under stress, regardless of the actual utilization of CPU and memory.
ids_tolerance_no_stress
Accepted value:
Number of seconds
Default = 10 seconds
If the Security Gateway is not under stress, we do not want to enter the stress condition due to a single measurement (which could be an anomaly), but rather wait for a given length of time, before changing the condition.
For example, if you have a hit of 98% load, but after 2 seconds it goes under the Low threshold, then you might want not to enable IPS Bypass.
Only if you have a measurement over the High threshold, and it stays above the Low threshold for the entire configured time (value of this kernel parameter), then the IPS Bypass will be triggered.
ids_tolerance_stress
Accepted value:
Number of seconds
Default = 10 seconds
If the Security Gateway is under stress, we do not want to exit the stress condition due to a single measurement (which could be an anomaly), but rather wait for a given length of time, before changing the condition.
For example, if you have a hit of 98% load, then after 2 seconds it goes under the Low threshold, then after 2 seconds goes over the High threshold again, then you might want not to disable IPS Bypass.
Only if you have a measurement under the High threshold, and it stays under the High threshold for the entire configured time (value of this kernel parameter), then the IPS Bypass will be disabled.
Kernel Parameter Values and Description
ids_assume_stress
Accepted values:
0 = no assumptions by IDS mechanism
1 = IDS mechanism assumes that the Security Gateway is under stress, regardless of the actual utilization of CPU and memory.
ids_tolerance_no_stress
Accepted value:
Number of seconds
Default = 10 seconds
If the Security Gateway is not under stress, we do not want to enter the stress condition due to a single measurement (which could be an anomaly), but rather wait for a given length of time, before changing the condition.
For example, if you have a hit of 98% load, but after 2 seconds it goes under the Low threshold, then you might want not to enable IPS Bypass.
Only if you have a measurement over the High threshold, and it stays above the Low threshold for the entire configured time (value of this kernel parameter), then the IPS Bypass will be triggered.
ids_tolerance_stress
Accepted value:
Number of seconds
Default = 10 seconds
If the Security Gateway is under stress, we do not want to exit the stress condition due to a single measurement (which could be an anomaly), but rather wait for a given length of time, before changing the condition.
For example, if you have a hit of 98% load, then after 2 seconds it goes under the Low threshold, then after 2 seconds goes over the High threshold again, then you might want not to disable IPS Bypass.
Only if you have a measurement under the High threshold, and it stays under the High threshold for the entire configured time (value of this kernel parameter), then the IPS Bypass will be disabled.
1
0