Home
Guardian
Maintenance Guide
Information about the maintenance tasks of Guardian, to help you administer and maintain the solution in a production environment.
Miscellaneous
Host-based intrusion-detection system
The internal Host-based intrusion-detection system (HIDS) sensors detect changes to the basic firmware image and note the change.

Guardian
- Introduction
  An overview of Guardian.
- Installation Guide
  Information and resources on how to install Guardian, and the different options and settings that are available.
- Administrator Guide
  Information and resources about the Administration section of Guardian, and the tasks that you can do in this part of the software.
- User Guide
  Information and resources about the main features of Guardian, and the tasks that you can do from the user interface (UI).
- Maintenance Guide
  Information about the maintenance tasks of Guardian, to help you administer and maintain the solution in a production environment.
  - Introduction
  - Backup and Restore
  - Reboot and Shutdown
  - Software update and rollback
  - Reset
  - Miscellaneous
    - Host-based intrusion-detection system
      The internal Host-based intrusion-detection system (HIDS) sensors detect changes to the basic firmware image and note the change.
    - Action on log disk full usage
      There are several actions that you can take in order to preserve disk usage.
    - Generate a support archive file
      Before you seek help from Customer Support, you should generate a support archive file.
- Print format documentation
  A list of all the print-format documentation that is available for Guardian.

Host-based intrusion-detection system

The internal Host-based intrusion-detection system (HIDS) sensors detect changes to the basic firmware image and note the change.

When a change is detected in the sensor's basic firmware image, a new event is logged in the system's audit log. It is also replicated in Vantage or the Central Management Console (CMC).

You can change the default host-based intrusion-detection system (HIDS) settings to suit your security requirements.

Note: This feature is not available in the container version due to the different security approach.

Table 1. Host-based intrusion-detection system
Parameter	Default value	Description
hids execution interval	18 hours	HIDS check execution interval
hids ignore files	-	Coma separator list of files to be ignored by HIDS (ex: /etc/file1, /etc/file2)