User guide
Configuring Advanced Parameters
129
Proventia Network IPS G and GX Appliance User Guide
Configuring Advanced Parameters
Introduction You can use the Advanced Parameters tab to configure (or tune) certain parameters for a
specific appliance to better meet your security needs or enhance the performance of the
hardware.
You can tune the following components for each appliance:
● intrusion prevention responses
● intrusion prevention security risks
● firewall
● automatic updates
About advanced
parameters
Advanced parameters are composed of name/value pairs. Each name/value pair has a
default value. For example, the parameter np.firewall.log is a parameter that determines
whether to log the details of packets that match firewall rules you have enabled. The
default value for this parameter is on.
You can edit the value of any parameter that appears in the list on the Advanced
Parameters tab. If the parameter does not appear in the list, it does not mean the
parameter has no default value. You simply need to add the parameter to the list with the
new value.
For information about update advanced parameters, see. For information about firewall
logging parameters, see “Tuning Firewall Logging” on page 120.
Common advanced
tuning parameters
The following table describes common advanced tuning parameters:
Name Type Default Value Description
crm.history.enabled boolean true Determines whether to log
administrative history.
crm.history.file string /var/iss/
crmhistory.log
The administrative history file
name.
crm.policy.numbackups number 4 The number of previous policy
files to save.
engine.adapter.high-water.default number 5 The number of packets per
traffic sampling interval that are
expected to flow on each
adapter. The high-water mark is
used to prevent multiple low
traffic warnings from being
issued when the traffic is
hovering around low-water
mark.
Table 37: Common advanced tuning parameters