Atomic Endpoint Defender Installation Recommendations¶
A minimum of 4 GB of memory is recommended for sites with high volume of events and/or domains. In general, modern Linux systems perform better with more memory, as the Linux kernel will cache file reads speeding up the system and other applications will use memory to further speed up their operations. Memory is a cheap way to speed up a system.
Multiple 64Bit CPUs are highly recommended for systems with high volume events and/or domains.
If you do not need to allow remote access to MySQL, then we recommend that you configure MySQL to only allow connections from the local host. You can do that by adding the following to /etc/my.cnf:bind-address=127.0.0.1
After making changes to /etc/my.cnf you will need to restart the MySQL service.
When using mysql, querying caching must be enabled. Larger query caches will result in greater performance, however this must be tuned to the capabilities of the system. Larger query caches also require more memory, so to increase this setting you will need at least 2GB of RAM and preferably 4GB of RAM or more.
For example, on a system with 2GB of RAM the query cache should be set to 128M.query_cache_size=96m
For systems with 4GB of RAM, or more, a large query cache can be used:query_cache_size=126m
You can try larger cache sizes, but we find that 128m is generally as high as you need to go. High values may be counter productive.
Dedicated I/O Channel¶
For systems with high volumes of events we recommend you move your mysql databases to their own I/O channel separate from your web sites and/or other file system intensive operations. This will give the database its own dedicated I/O channel to the database files. Databases can be quite large, and the AED events database will grow over time based on the archive settings you have configured in your AED Configuration. Therefore, a faster way of reading these databases will improve performance on the system.
If you are using mysql, we highly recommend you tune it with a professionals help. mysql is a wonderful and powerful database server, but it is not tuned in its default configuration and will perform very poorly as a result. Even if mysql appears to be performing well for you, if you are using the default settings your database server is operating much slower than it needs to be.
You can use the excellent tool mysqltuner to help with this, however this tool will just provide recommendations and an experts assistance should be consulted before making any changes to your mysql configuration, and to make the best use of the recommendations mysqltuner may provide.
To install mysqltuner, please follow the steps below:
Run the following command:yum install mysqltuner
To start mysqltuner run the following command:mysqltuner
For more information about mysqltuner, please go here