SCSP 5.2.8 MP3-HF1, Hotfix for CSP Windows Agent

Article:TECH188523  |  Created: 2012-05-10  |  Updated: 2013-08-22  |  Article URL http://www.symantec.com/docs/TECH188523
Article Type
Technical Solution

Product(s)

Issue



 

This hotfix resolves the following issues:

  • Excessive memory used by the SISIDSService on Windows Domain Controllers.
  • High CPU usage by SISDSService on busy Windows Domain Controllers.
  • The IDS EventLog collector does not shutdown properly.  

Error



  • When viewed from the Task Manager, the SISIDSService memory utilization increased gradually over time without a limit.
  • High CPU usage by SIDSService on busy Windows Domain Controllers.
  • The IDS EventLog collector would not shutdown from the Service Control Manager and had to be force killed from Task Manager.


 


Environment



Affected Operating System: Windows operating systems

Symantec Critical System Protection version: 5.2.0 and newer


Solution



This hotfix includes:

A maximum size limit is set for the SISIDSService cache. Also, a Least Recently Used (LRU) mechanism is added to pick the element that needs to be removed from the cache once the cache reaches its maximum size limit.

Performance improvements to prevent high CPU utilization

The IDS EventLog collector now checks for shutdown notification after processing each event log record. If it finds a shutdown notification, it aborts further record processing and shut down itself.




Article URL http://www.symantec.com/docs/TECH188523


Terms of use for this information are found in Legal Notices