Manualshelf

HP ProCurve Threat Management Solution Design Guide 2009-04

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
12345678910
2-1
2
Concepts
HP ProCurve Networking has identified threat management as a critical component of its
ProActive Defense, a comprehensive security vision and strategy that is designed to help
companies better protect their networks. (See Figure 2-1.) This strategy actually includes three
major components:
Access control
—granting appropriate access to persons who are authorized to use the
network and denying access to persons who have no legitimate business on the network.
(Access control security is described in the
HP ProCurve Access Control Security Design
Guide
.)
Threat management—protecting the network from both known and emerging threats.
This protection can take the form of shutting down or rate limiting the port that an attacker
uses to launch an attack against the network, dropping or blocking the traffic, locking out
an attacker’s MAC address, or other similar actions.
Trusted network infrastructure—ensuring that the infrastructure products are managed
securely and that the security policies applied to them are not improperly overridden.
Figure 2-1. HP ProCurve’s ProActive Defense
Access control solutions deal with threats by keeping them out of the network, but threat
management solutions deal with threats that are already on the network. These threats include:
Malware such as worms, viruses, Trojans, and similar attacks that are launched through
email or Web sites
Attacks from disgruntled employees who have legitimate access to the network
Attacks by malicious users who breach perimeter defenses
HP ProCurve Threat Management Solutions deal with these threats in two stages:
1. Detect the threat. This might include recognizing a known attack, observing the signature
of a known virus or worm, identifying lax security measures, or distinguishing the pattern
of malicious behavior from normal traffic patterns on the network.
Threat Management Trusted Network
Infrastructure
Access Control
ProActive Defense
Security Policy
Detection Response Analysis
Authentication Authorization Accounting
Policy