Manualshelf

HP ProCurve Threat Management Solution Design Guide 2009-04

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
2-18
Concepts
Deployment Options
Deployment Options
You have a number of options for deploying a Threat Management Solution, depending on
which components you decide to use. The following examples show different deployments in
a corporate headquarters environment. These deployments can be adapted to other environ-
ments (such as large departments and remote branch offices) as needed.
NIM standaloneThis deployment uses NIM’s NBAD capabilities to analyze traffic data
and detect malicious network activity without requiring virus signature files or updates.
Figure 2-12. NIM Standalone Deployment
In Figure 2-12, the HP ProCurve switches in the network are configured to send sFlow
data, Virus Throttle™ event, and other security-related traps to NIM. If NIM detects a
security event by analyzing the sFlow data with its NBAD engine or if NIM receives a Virus
Throttle™ event from a switch, it uses the PCM+ Find Node capability to locate the source
Internet
NIM
Data
Center
Employee
Cubicles
Visitor Lobby
Conference Rooms
Metrics (sFlow Data) and
Virus Throttling™ Events
to NIM
NIM Response to
Any Supported
Switch Port
or Wireless
Device
NBAD Analysis
ProCurve
Switch