“If the machine is under stress, we do not want to leave the stress condition due to a single
measurement (which could be an anomaly), but rather wait for a given length of time, before
changing the condition.” …describes which of the following “Bypass under Load” setting kernel
parameters?
A.
ids_timeout
B.
ids_tolerance_stress
C.
ids_assume_stress
D.
ide_tolerance_no_stress
B. ids_tolerance_stress (sk62848)
ids_tolerance_stress
Accepted value:
Number of seconds
Default = 10 seconds
If the Security Gateway is under stress, we do not want to exit the stress condition due to a single measurement (which could be an anomaly), but rather wait for a given length of time, before changing the condition.
For example, if you have a hit of 98% load, then after 2 seconds it goes under the Low threshold, then after 2 seconds goes over the High threshold again, then you might want not to disable IPS Bypass.
Only if you have a measurement under the High threshold, and it stays under the High threshold for the entire configured time (value of this kernel parameter), then the IPS Bypass will be disabled.