Manualshelf

HP ProCurve Threat Management Solution Design Guide 2009-04

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
11121314151617181920
2-7
Concepts
General Threat Management Architecture
NIM supports the following third-party security devices:
Cisco IPS 4200 Series
Fortinet FortiGate/FortiWifi Series
SonicWall E-Class NSA Series
SonicWall PRO Series
TippingPoint IPS Series
(Other third-party security devices are not supported at this time.)
HP ProCurve TMS zl Module
The TMS zl Module can be installed in an 8200zl Series or 5400zl Series switch to protect the
network from threats that originate both inside and outside the network. The TMS zl Module
has two operating modes:
Routing mode
Monitor mode
In routing mode, the TMS zl Module provides three main threat protection capabilities:
Firewall—The firewall automatically detects a number of known attacks and drops the
offending traffic. It also allows you to define zones, or areas of trust, within your network
and apply unique access policies to each zone. Depending on how you deploy the TMS zl
Module, the firewall can control traffic within the network or at the perimeter, allowing
only the traffic that is permitted by your access policies.
IPS—The IPS detects protocol anomalies and known attacks, viruses, worms, and lax
security practices. Based on the threat level, the IPS can then take the action (such as block
the traffic, terminate the session, or allow the traffic) that you configure.
Virtual private network (VPN) capabilities—VPNs use encryption and authentication to
protect traffic sent over an untrusted network. They have traditionally been used to allow
access to a private network over a public network such as the Internet. However, you can
also use the TMS zl Module to establish VPN tunnels across your internal network to
prevent internal users from eavesdropping on confidential traffic.
Figure 2-4. Threat Management Solution with the TMS zl Module Operating in Routing Mode
Traffic in from
External Network
ProCurve Switch
with TMS zl Module
in Routing Mode
ProCurve Switch
Management Station:
ProCurve Manager Plus
Network Immunity Manager
Optional
Security Alerts
Permitted Traffic
to Internal Network