#ICAP PROTOCOL ERROR HOW TO#
For more information on DLP memory usage and how to resolve issues, see How to address out of memory errors ( OOM ). Although previous 32-bit JVM maximum addressable memory restrictions no longer apply in 64-bit systems, it's still possible to exceed the Java Heap. The primary constraint on ICAP Prevent performance is the memory limitations of the Java Virtual Machine (JVM). "503 Server overloaded" error)* or a "fail open" scenario in which some traffic passes without being examined by DLP. If the proxy tries to send more connections than the Web Prevent server is configured to accept, this will result in either a service interruption (i.e. It is very important to match or exceed the proxy server's maximum number of concurrent ICAP connections to the Web Prevent's setting ("Maximum Number of Requests" in the user interface). This number can be adjusted based on system load. The baseline recommendation is that the maximum number of requests should be set to twice the value of MessageChain.NumChains, as determined by the hardware specifications of the server based on the above guidelines. The minimum value is 1.įor tuning purposes, a MessageChain is a single complete detection engine pipeline, which examines the content sent by the ICAP proxy server. Each waiting connection means that a user waits at their browser. Connection Backlog: Specifies the maximum number of waiting connections allowed.Maximum Number of Requests: Specifies the maximum number of simultaneous ICAP request connections from the HTTP proxy or proxies.MessageChain.CacheSize = Same value for MessageChain.NumChains.MessageChain.NumChains = 1 x Number of cores available - note that previous recommendations for 2x Number of cores may not be advisable in virtual server environments.Number of cores available = Number of CPUs (sockets) x Number of Cores per CPU (socket).Here is a summary of the tuning options that are available, and how they interact with the performance of the Web Prevent system: Maximum number of concurrent connections.The proxy server's performance includes two main limiting factors: DLP Network Prevent for Web (Web Prevent) ICAP performance is dependent on the number of CPU cores in the Web Prevent system, and on the performance of the proxy that feeds data to Web Prevent via ICAP.
0 kommentar(er)
