OF the following, which is NOT a kernel parameter relating to the IPS “Bypass Under Load” settings:

Kernel Parameter Values and Description
ids_assume_stress
Accepted values:

0 = no assumptions by IDS mechanism
1 = IDS mechanism assumes that the Security Gateway is under stress, regardless of the actual utilization of CPU and memory.
ids_tolerance_no_stress
Accepted value:

Number of seconds
Default = 10 seconds
If the Security Gateway is not under stress, we do not want to enter the stress condition due to a single measurement (which could be an anomaly), but rather wait for a given length of time, before changing the condition.

For example, if you have a hit of 98% load, but after 2 seconds it goes under the Low threshold, then you might want not to enable IPS Bypass.

Only if you have a measurement over the High threshold, and it stays above the Low threshold for the entire configured time (value of this kernel parameter), then the IPS Bypass will be triggered.

ids_tolerance_stress
Accepted value:

Number of seconds
Default = 10 seconds
If the Security Gateway is under stress, we do not want to exit the stress condition due to a single measurement (which could be an anomaly), but rather wait for a given length of time, before changing the condition.

For example, if you have a hit of 98% load, then after 2 seconds it goes under the Low threshold, then after 2 seconds goes over the High threshold again, then you might want not to disable IPS Bypass.

Only if you have a measurement under the High threshold, and it stays under the High threshold for the entire configured time (value of this kernel parameter), then the IPS Bypass will be disabled.