Re: [mod-security-users] Benchmark and Best Practice on mod_securityconsole.
Brought to you by:
victorhora,
zimmerletw
From: Ryan B. <Ryan.Barnett@Breach.com> - 2007-06-15 12:03:07
|
Benjamin, You may want to check out my Blog post here on tuning the open source Console - http://www.modsecurity.org/blog/archives/2007/05/modsecurity_con_2.html. The performance problems don't really effect the Mod hosts but do effect the Console. There is also the release of the mlogc program which replaces the modsec-auditlog-collector perl script. Mlogc is much more robust and can perform better with queuing, etc... You can download mlogc on the Breach Security Network site (https://bsn.breach.com <https://bsn.breach.com/> ) - Registration Required. =20 As a side note, on the commercial side, Breach is now offering the ModSecurity Management Appliance (MMA) which is an enterprise class version of the open source Console. It is vastly improved performance-wise. If you want a central logging solution for Mod hosts in production, you should really check out the MMA. Contact Breach Sales for more info - sa...@br.... =20 --=20 Ryan C. Barnett ModSecurity Community Manager Breach Security: Director of Application Security Training Web Application Security Consortium (WASC) Member CIS Apache Benchmark Project Lead SANS Instructor, GCIA, GCFA, GCIH, GSNA, GCUX, GSEC Author: Preventing Web Attacks with Apache =20 =20 ________________________________ From: mod...@li... [mailto:mod...@li...] On Behalf Of MIXTE Benjamin Sent: Friday, June 15, 2007 4:04 AM To: mod...@li... Subject: [mod-security-users] Benchmark and Best Practice on mod_securityconsole. =20 Hi All, I'm new and work on a Secure reverse Proxy solution based on apache and mod_security. We will have few Reverse Proxy server, so I have a look on the mod_security console to centralize alerts. The functionnality are great, but i suppose it could cause performance heat on : - the mod_security console serveur=20 - there multiples Reverse Proxy server. Have you BenchMark Results with and without the mod_security console ? What are the recommendation on mod_security console server ? Is there some tunning requirement on apache servers ? Is it possible to use another Backend database with mod_security console ? Thank's a lot, Benjamin |