Manualshelf

HP ProCurve Threat Management Solution Design Guide 2009-04

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
61626364656667686970
4-23
Design
Follow an Iterative Design Process
Set up Alerts. Use the Alerts section in the Policy Manager to define alerts for the events
you listed in step 1, above.
Second and Subsequent Times Through the Process
The next time you go through the security management life cycle, you should re-evaluate your
alerts. If, in the previous step, you have added new types of events to your list or planned alerts
that trigger at higher-frequency or lower-frequency events, define those alerts now.
Step 3: Respond to Threats
The instructions in step 3 are divided into two sections:
First time through the process
Second and subsequent times through the process
First Time Through the Process
Skip this step and go on to step 4. The first time through the process you are just establishing
the baseline of threat activity on the network. You do not need to take any action this time.
Alternatively, you can set up actions and policies but keep them disabled. This is the default
setting when you install NIM. This setting functions as a safety switch that lets you verify that
the policies are invoked, but it does not allow enforcement of the actions.
Later, when you are ready to implement actions, you can select the Enable policy actions
option in the Preferences > Policy Management window. (See Figure 4-14.)
Figure 4-14. Preferences > Policy Management Window