Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
161162163164165166167168169170
3-106
HP ProCurve Network Immunity Manager with a Third-Party IDS/IPS
Step 2: Detect Threats
Figure 3-113. PCM+ Event Log Showing Events from the SonicWALL UTM Device
Once you are confident that the events from the UTM device are being reported to
PCM+, you can set up a non-ProCurve Security Devices alert in NIM’s Policy Manager
to capture the event. You can also create a policy to respond to the event with an
appropriate action. Alerts and policy actions are covered later in this chapter.
Task: Configure a TippingPoint IPS
If you are using a TippingPoint IPS on your network, you are probably already familiar with its
overall operation. Although the TippingPoint documentation is your primary reference if you
have any questions about how to configure the IPS, this section is designed to help you set up
the TippingPoint IPS to work with NIM. (The TippingPoint Quick Start guide and the Local
Security Manager User’s Guide provide detailed configuration information.) ProCurve has
found the general procedures outlined in this section to be suitable for setting up the
TippingPoint IPS. These procedures are intended to provide a starting point; this guide does
not attempt to cover all aspects of the TippingPoint operations.
You can manage your TippingPoint IPS either through its command line interface (CLI) or
through its Web browser interface. In the subtasks outlined in this section, the examples use
the Web browser interface as the primary interface.
These procedures were tested with a TippingPoint 200E and 210E. If you are using a different
TippingPoint IPS, you may need to adjust the instructions slightly.