Manualshelf

HP ProCurve Threat Management Solution Design Guide 2009-04

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
61626364656667686970
4-18
Design
Follow an Iterative Design Process
Figure 4-11 shows the wizard’s Identify False Positives window for an IP Address Sweep
event.
Figure 4-11. NBAD Diagnostic Wizard > Identify False Positives Window
NBAD Event Sensitivities—If a particular type of event is associated with frequent false
positives, you should adjust the sensitivity level for that NBAD event until the event
disappears (or occurs only for real threats). (See the NIM Configuration > <Event type>
> Monitoring window in the Agent Manager.) Be careful when lowering the sensitivity
level because setting the sensitivity too low may cause NIM to fail to detect a malicious
event of the same type.