Manualshelf

HP ProCurve Threat Management Solution Design Guide 2009-04

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
41424344454647484950
3-9
Products
Third-Party Security Devices
Third-Party Security Devices
NIM supports the third-party security devices listed in this section. It can be configured to
receive SNMP traps from these products and can then respond to those traps.
Cisco IPS 4200 Series
The Cisco IPS 4200 Series can function as an IPS or IDS in your network. These devices can
detect and act on malicious traffic on your network. When operating as an IPS, the devices can
detect such traffic and optionally block the traffic or send an SNMP trap to NIM. NIM can then
take the action you have configured to locate the source of the traffic and mitigate the attack.
Fortinet FortiGate Series and FortiWifi Series
The FortiGate Series are UTMs that can function as an IPS or IDS. As an IPS, the FortiGate can
detect and act on malicious traffic on your network. As an IDS or IPS, the FortiGate can send
an SNMP trap to NIM when it detects such traffic. NIM can then take the action you have
configured to locate the source of the traffic and mitigate the attack.
NIM also supports the Fortinet FortiWifi Series, which are wireless security gateways that
provide capabilities such as firewalls and IPSs for wireless networks.
SonicWALL PRO Series and SonicWall E-Class NSA Series
The SonicWALL PRO Series and E-Class Network Security Appliance (NSA) Series are UTMs
that detect and act on malicious traffic on your network. When these devices detect such traffic,
they can optionally block the traffic and send an SNMP trap to NIM. NIM can then take the
action you have configured to locate the source of the traffic and mitigate the attack.
TippingPoint IPS
The TippingPoint IPS is an inline appliance that performs a full-packet inspection on all traffic
that passes through it. The appliance does not have a MAC or IP address, rendering it
transparent to the rest of the network.
The TippingPoint IPS can take action itself—block, quarantine, copy, or rate limit—and/or send
SNMP traps and syslog, e-mail, or script messages to an external system such as NIM.