Home
Guardian
Learn how Guardian provides comprehensive asset inventory and network visibility for OT and IoT environments.
Maintenance Guide
Information about the maintenance tasks of Guardian, to help you administer and maintain the solution in a production environment.
Miscellaneous
Host-based intrusion-detection system
The internal Host-based intrusion-detection system (HIDS) sensors detect changes to the basic firmware image and note the change.

Guardian
Learn how Guardian provides comprehensive asset inventory and network visibility for OT and IoT environments.
- Introduction
  An overview of Guardian.
- Installation Guide
  Information and resources on how to install Guardian, and the different options and settings that are available.
- Administrator Guide
  Information and resources about the Administration section of Guardian, and the tasks that you can do in this part of the software.
- User Guide
  Information and resources about the main features of Guardian, and the tasks that you can do from the user interface (UI).
- Maintenance Guide
  Information about the maintenance tasks of Guardian, to help you administer and maintain the solution in a production environment.
  - Introduction
  - Backup and Restore
  - Reboot and Shutdown
  - Software update and rollback
  - Reset
  - Miscellaneous
    - Host-based intrusion-detection system
      The internal Host-based intrusion-detection system (HIDS) sensors detect changes to the basic firmware image and note the change.
    - Action on log disk full usage
      There are several actions that you can take in order to preserve disk usage.
    - Generate a support archive file
      Before you seek help from Customer Support, you should generate a support archive file.
- Print format documentation
  A list of all the print-format documentation that is available for Guardian.

Host-based intrusion-detection system

The internal Host-based intrusion-detection system (HIDS) sensors detect changes to the basic firmware image and note the change.

When a change is detected in the sensor's basic firmware image, a new event is logged in the system's audit log. It is also replicated in Vantage or the Central Management Console (CMC).

You can change the default host-based intrusion-detection system (HIDS) settings to suit your security requirements.

Note:

This feature is not available in the container version due to the different security approach.

Figure 1. Host-based intrusion-detection system

Table 1. Host-based intrusion-detection system
Parameter	Default value	Description
hids execution interval	18 hours	HIDS check execution interval
hids ignore files	-	Coma separator list of files to be ignored by HIDS (ex: /etc/file1, /etc/file2)