Manualshelf

HP ProCurve Threat Management Solution Design Guide 2009-04

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
31323334353637383940
2-25
Concepts
Deployment Options
Services zl Module Management and Configuration Guide, which is available on the HP
ProCurve Network Web site at http://www.procurve.com/customercare/support/manu-
als/index.htm.)
You can use a TMS zl Module in monitor mode to detect threats in internal traffic or external
traffic destined to the internal network or both. When you deploy the TMS zl Module, you
must determine whether you will use:
Local mirroring
Remote mirroring
A combination of local and remote mirroring
When you use local mirroring, the switch mirrors traffic on its local ports to the TMS zl
Module. The module can only detect threats in traffic that passes through its host switch.
Therefore, for internal threat detection, you should install the module in a core switch. You
can then mirror uplink ports to the TMS zl Module’s internal port, and the module will
examine the network traffic.
For external threat detection, you should install the module in a switch that connects to
the WAN router. You can then mirror the traffic arriving from the external network directly
to the module.
If you have ProCurve switches that support remote mirroring, the TMS zl Module can detect
threats in traffic from multiple switches. However, you must ensure that you have enough
bandwidth to handle the mirrored traffic.
(For information about which ProCurve switches support local or remote mirroring, see
Chapter 3: “Products.”)