Manualshelf

HP ProCurve Threat Management Solution Design Guide 2009-04

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
2-17
Concepts
The Security Management Life Cycle
Event Analysis
NIM can provide reports on the location and frequency of threat events on your network,
identity of persistent offenders, actions taken to protect the network, and similar information.
You can use these reports for a variety of purposes:
Network policy refinement—With additional knowledge about the types and seriousness
of threats against your network, you can tune your network policies to provide more
effective protection.
Regulatory compliance and business process improvement—Information about network
security activity can be useful beyond the bounds of network management. You may need
some of this information for regulatory compliance reporting. Similarly, network activity
reports may help you improve general business processes.
Some major business and security regulations are listed below:
United States
Sarbanes-Oxley (SOX) Act of 2002
Health Insurance Portability and Accountability Act (HIPAA)
Gramm-Leach-Bliley Act (GLBA)
Federal Information Security Management Act of 2002 (FISMA)
Payment Card Industry Data Security Standard (PCI DSS)
•Canada
Personal Information Protection and Electronic Documents Act (PIPEDA)
United Kingdom
Data Protection Act of 1998
•Australia
Private Sector Provisions of the Privacy Act 1988 (Cth)
•France
Law 78-17 (revised)
•Germany
Bundesdatenschutzgesetz (Federal Data Protection Act)
Japan
Personal Information Protection Law
NIM currently provides the following security reports:
Security History Report
Password Policy Compliance Report
Current Credentials Report
Port Access Security Report
Device Access Security Report