iTP Secure WebServer System Administrator's Guide (iTPWebSvr 6.0+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

Planning the iTP Secure WebServer PATHMON

Environment

iTP Secure WebServer System Administrator’s Guide—523346-002

3-5

Security for the Server’s Pathway Environment

TANDEM_RECEIVE_DEPTH is the maximum number of requests a single httpd or

servlet process can handle.

To increase the number of concurrent requests, you can define multiple servers in the

server class and use TANDEM_RECEIVE_DEPTH to make each server multithreaded. In

this case, you can determine the maximum number of simultaneous requests to a

server class by multiplying the value of TANDEM_RECEIVE_DEPTH by the value of

Maxservers.

In the configuration file delivered with the iTP Secure WebServer, the httpd server

class consists of multiple, multithreaded servers.

Assigning a smaller number of servers with a higher number of threads per server has

the following benefits:

•

In a process, all threads share system resources such as swap space and file

opens, including opens to cache files.

•

No system dispatching is required to switch among threads in the same process.

Assigning a larger number of processes with a lower number of threads per server has

different benefits:

•

Increased load balancing across CPUs

•

Less susceptibility to CPU and process failures, and better fault isolation

The TANDEM_RECEIVE_DEPTH environment variable has no meaning for server

classes other than httpd or servlet.

Security for the Server’s Pathway Environment

When you plan your configuration of the PATHMON environment for the iTP Secure

WebServer, consider taking certain steps to enhance the security of the environment

itself. The following sections of this manual discuss how to manage the security of your

data and provide for secure transactions:

•

Section 4, Configuring for Secure Transport

•

Section 5, Integrating the WebSafe2 Internet Security Processor (WISP)

•

Section 6, Managing the iTP Secure WebServer Using Scripts

The following subsections discuss issues to consider with respect to the iTP Secure

WebServer PATHMON environment:

•

Who Can Modify the Configuration Files? on page 3-6

Note. Although the receive depth is conceptually similar to the NonStop TS/MP link depth, the

link depth is limited to 255 simultaneous requests per server class, whereas the receive depth

is limited to 255 simultaneous requests per process. Therefore, even if you specify a value of 1

for the Linkdepth command, the httpd or servlet process can simultaneously service as many

requests on that link as are specified by the value specified for the receive depth.