Clusterwideintrusion detection extends protection against attacks of all typesthroughout the cluster. Intrusion data and information from eachsystem is integrated to protect the cluster as a whole.
You can set the SECURITY_POLICY system parameter on the membersystems in your cluster to maintain either a local or a clusterwideintrusion database of unauthorized attempts and the state of anyintrusion events.
If bit 7 in SECURITY_POLICY is cleared, all cluster membersare made aware if a system is under attack or has any intrusionevents recorded. Events recorded on one system can cause anothersystem in the cluster to take restrictive action. (For example,users attempting to log in are monitored more closely and are limitedto a certain number of login retries within a limited period oftime. Once users exceed either the retry or time limitation, theycannot log in.)
For information on the system services $DELETE_INTRUSION,$SCAN_INTRUSION, and $SHOW_INTRUSION, see the HP OpenVMSSystem Services Reference Manual.
For information on the DCL commands DELETE INTRUSION and SHOWINTRUSION, see the HP OpenVMS DCL Dictionary.